News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Gonzalo Ayuso:
Building a Pimple/Container from a YAML file
September 29, 2014 @ 10:54:10

In a recent post to his site Gonzalo Ayuso shows how to create a Pimple container (a dependency injection container) from a YAML configuration definition using a simple handler already included in Pimple.

[In a conversation with Máximo Cuadros about Dependency Injection Containers] I said that I prefer Symfony´s DIC instead of Pimple, mainly because its configuration with YAML (or even xml) files. But In fact we can customise Pimple/Containers with YAML files in a similar way than we do it with Symfony's DIC. In this example we're going to see one way to do it.

While Pimple does come with the "Container" functionality to make this happen, Gonzalo points out that using it this way violates several of the SOLID design principles. Instead, he offers an alternate solution - using the Config component from Symfony to handle the creation of the container using an already established YAML format. He includes an example YAML configuration structure, the matching Pimple code for it and a code sample showing how the YAML is parsed into the same result. You can find the code on his GitHub account if you're interested in the full structure.

0 comments voice your opinion now!
pimple symfony container solid config yaml dependencyinjection

Link: http://gonzalo123.com/2014/09/29/building-a-pimplecontainer-from-a-yaml-file/

ServerGrove Blog:
Symfony2 components overview Config
February 21, 2014 @ 12:13:57

The ServerGrove blog has a new post today in their Symfony2 component spotlight series, this time focusing on the Config component.

After a few weeks, we continue with the Symfony2 components series. This time we are going to be talking about the Config component, which helps you to load and validate configuration values, regardless of their source.

They show how it can be used to parse YAML files and give a basic overview of its architecture. Sample code is included for a "blog generator" example that parses the given YAML structure and a loader to pull in the file. The component also includes caching functionality for larger configurations and allows you to define multiple loaders for different sources.

0 comments voice your opinion now!
symfony2 component overview config yaml tutorial

Link: http://blog.servergrove.com/2014/02/21/symfony2-components-overview-config

Gonzalo Ayuso:
Scaling Silex applications (part II). Using RouteCollection
March 06, 2013 @ 09:21:31

Gonzalo Ayuso has posted a second part of his look at scaling Silex (here's part one). In this new article he shows how to use the RouteCollection functionality instead of defining the routes in the DI configuration.

In the post Scaling Silex applications I wanted to organize a one Silex application. In one comment Igor Wiedler recommended us to use RouteCollections instead of define the routes with a Symfony's Dependency Injection Container. Because of that I started to hack a little bit about it and here I show you my outcomes:

He includes example code for creating the application, setting up the main "routes.yml" file with some defaults and two other files for routes in other parts of the site - "api" and "blog". Then he makes the controllers related to these three sections with basic actions catching each of the routes. The source for the entire thing is over on github.

0 comments voice your opinion now!
silex scaling application tutorial routercollection yaml


Gonzalo Ayuso:
Scaling Silex applications
February 12, 2013 @ 09:54:54

Gonzalo Ayuso has posted yet another helpful Silex hint for those using this microframework and wanting to scale up their applications past the prototype stage - an extension to allow route definition in a YAML configuration.

My idea is to store this information within a Service Container (we will use Symfony's DIC). For example here we can [define] our routes.yml. [...] We need to implement one Extension for the alias "routes". We only will implement the needed functions for YAML files in this example.

He includes the code for the extension ("SilexRouteExtension") that can be used to parse the "routes.yml" file to inject the custom routing into your application. This includes the pattern to match, the controller to route it to and the target method. You can also set some requirements like the request method (in this case "GET").

0 comments voice your opinion now!
scale silex extension yaml route configuration file


Pádraic Brady:
Getting Ahead In Security By Watching The Neighbours
January 18, 2013 @ 11:53:52

In his latest post Padraic Brady talks some about the recent security issues that happened with Ruby on Rails that allowed for remote code execution and how, if you use code blindly, you could be in for a similar fate.

Code execution vulnerabilities are, by definition, hideous monsters. The ability for external inputs to enter an execution context (i.e. injecting or manipulating code that is executed on the server) can be difficult to spot through the haze of convenience that such machinations are often designed to deliver. In Rail's case, that convenience was to automatically cast data entries in XML or YAML inputs into Ruby types including, unfortunately, Symbols and Objects.

These types of "buried" code execution vulnerabilities are still easy to locate in PHP, at least, because you are still restricted to normal code execution pathways in the absence of Ruby's dark magic, e.g. eval(), include(), require_once(), system() and, let's not forget, unserialize().

He talks about how, if you're not careful with the code (third party libraries) that you use in your applications - or don't adhere to good security practices in your own - you could be vulnerable to a similar style of attack. After some investigation on his part, he discovered an issue related to this in the Symfony2 YAML parser (now fixed with a new release).

To summarise… Pay attention to competing applications or frameworks - their problems may also be your problems. If you're worried about arbitrary code execution vulnerabilities then audit your code. You can even, as a sanity check, use grep to find uses of functions like eval(), unserialize(), etc and analyse where their parameters' might originate from.
0 comments voice your opinion now!
rubyonrails security vulnerability code execution yaml symfony2


PHPMaster.com:
Using YAML in Your PHP Projects
July 24, 2012 @ 09:06:46

On PHPMaster.com today there's a new tutorial showing you how you can use YAML documents on your applications ("YAML Ain't Markup Language") for configuration files.

Test fixtures, configuration files, and log files all need to be both human and machine readable. YAML (YAML Ain't Markup Language) is a less-verbose data serialization format than XML and has become a popular format among software developers mainly because it is human-readable. YAML files are simply text files that contain data written according to YAML syntax rules and usually have a .yml file extension. In this article, you will learn the basics of YAML and how you can integrate a PHP YAML parser into your projects.

They start with a brief introduction to the YAML syntax by comparing them to the structure of a typical PHP array. They include the YAML output from these examples and how, despite the ease of its use, it shouldn't be considered a replacement for something like XML (they both have their strengths). He points out some of the current YAML parsing libraries and how to integrate them into your app (he uses the Symfony option).

0 comments voice your opinion now!
yaml tutorial introduction parse syntax


Konr Ness' Blog:
Zend_Config Benchmark - JSON, Array, INI, XML, YAML
March 08, 2012 @ 11:51:32

In this recent post to his blog, Konr Ness has benchmarked the components that the Zend Framework uses to read in different types of configuration files - JSON, native PHP arrays, INI, XML and YAML files.

If you application relies on parsing one or several config files each time it is bootstrapped it is important that you select a file format that is fast to parse. But you also want to select a config file format that is easy for a human to read and edit. In a recent application I am building I also had the need to write modifications to config files, so I also benchmarked the Zend_Config_Writer components.

He includes both the sample configuration INI file and the benchmarking script he used to measure the results (all configurations were read from external files, even the native PHP option). His results were pretty predictable (with the exception of YAML reading) with the standard INI file coming in second to the native PHP arrays, but having the advantage of being more readable.

0 comments voice your opinion now!
zendconfig zendframework benchmark json array ini xml yaml


Marcelo Gornstein's Blog:
Dependency injection with Xml and Yaml in the Ding container
February 24, 2012 @ 11:37:04

In this new post to his blog today Marcelo Gornstein looks at doing some dependency injection in a simple application via XML and YAML configurations and the Ding dependency injection container.

In this past article I've discussed the dependency injection features when using annotations. This time, we'll see how to use the xml and yaml drivers to do the same (setter and constructor injection). If you don't know how to configure the xml and yaml drivers, please start by reading this.

He describes the different injection methods available with the container - setter injection, constructor injection and method injection. Example configuration content is included - both the XML and YAML versions.

0 comments voice your opinion now!
dig dependencyinjection dic configuration xml yaml


Gonzalo Ayuso's Blog:
Using PHP classes to store configuration data
January 10, 2011 @ 11:57:39

Gonzalo Ayuso has a new post to his blog today looking at how he uses PHP classes to store configuration information for easier retrieval.

In my last projects I'm using something I think is useful and it's not a common practice in our PHP projects. That's is the usage of a plain PHP's class for the application's configuration. Let me explain it. Normally we use ini file for configuration. [...] There are many standard options. Why I prefer a different one then? I like plain PHP classes because the IDE helps me with autocompletion. The usage is quite simple.

His example uses a standard class to store the configuration values, one that can be loaded into a project and lets you call the configuration values statically. He gives two examples of how this is helpful in a standard IDE with autocompletion.

0 comments voice your opinion now!
class configuration data ini xml yaml parseinifile


PHPBuilder.com:
Working with the Symfony Components PHP Libraries
May 12, 2010 @ 08:48:18

On PHPBuilder.com today there's a new article looking at working with the three Symfony component libraries as standalone tools that can be used outside of the framework - YAML handling, templating and an event dispatcher.

These libraries were once an integrated part of the Symfony project, but now they represent a separate Symfony project. Because the Symfony Components are standalone PHP classes, you can both use them without the Symfony MVC framework and integrate them very easily in any PHP project. You can install each of the Symfony Components in the same, very simple manner. All you need to do is download the source code (a TAR or a ZIP archive) from the project page.

The tutorial goes through each tool, briefly explaining what the technology is that's involved and provides some code examples to show you its use.

0 comments voice your opinion now!
symfony component library yaml template event



Community Events





Don't see your event here?
Let us know!


install list library language framework api community tips symfony interview introduction series podcast deployment release update laravel opinion package zendserver

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework