Subscribe! Enter your email address below:

NO SPAM: We absolutely hate spam. We will not share, rent, or give away your email address to anyone.You can unsubscribe at any time. Easily!

March 5, 2015

Protect your code? Try SourceGuardian
Hi PHP fans, and thanks for joining us again this week.

The results of the PHP Programming Innovation Award 2014 have been announced. Listen to the podcast to hear all about the winners.

The annual framework popularity survey is out now, providing valuable insight into their audience and the state of individual vs. team developers out there. Register now to take part, the results will be published at the end of March. 

Also this week, the second part of the When You're Hacked in WordPress series is out now, advising how to stay safe and act quickly in case of another incident.

Plus DrupalCon has been announced. Taking place in Los Angeles, the most attended Drupal event in the world spans four days, with a full schedule of opportunities.

Finally, after some reader feedback this week, we have made one or two changes to your newsletter. We love hearing from the PHP community and we do listen, so please keep in touch.

Katie and Ade

We still need your clicks please :)

 From our sponsors:
Group Chat & IM for Teams Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >>
(Sponsor this newsletter



Best PHP Framework 2015 Survey
Almost a year and a half ago published the results of a framework survey on the PHP channel. The survey, while producing fewer entries than their IDE survey, still provided valuable insight into their audience and the state of individual vs. team developers out there. With Laravel 5 fresh out of the oven, Phalcon being kickstarted into full-time development and others reaching a much anticipated maturity, it’s only natural they are curious about your preferences - have they changed? Click here for SitePoint's Annual Framework Popularity Survey - 2015, running for one month only.

On Magento 2 Being “open source” – The Post-Mortem
Little less than four months ago, we published an opinion-piece regarding Magento 2 and why we thought it wasn’t really holding up to the mindset of being an open source project. In four months, a lot has changed.

PHP UK 2015: Pragmatic, Honest & Progressive
On the Pusher blog this week, this article looks at various talks presented at last month's PHP UK conference which the author felt was a demonstration of pragmatism, honesty and progression; something that he feels we’re starting to see at many conferences now.

Three Things We Know About Laravel 5.1
Laravel 5.1 is scheduled for release in May, but work has already begun. Yes, it’s early but here are three things we already know will be coming.

Tutorials and Talks

When You're Hacked in WordPress: Staying Safe Later On
In the first part of this series, we went through what to do when your website gets hacked. In this second part, we're going to learn about staying safe and being able to act quickly when another unpleasant incident happens.

Exploiting memory corruption bugs in PHP (CVE-2014-8142 and CVE-2015-0231) Part 2: Remote Exploitation
In Part 1, we figured out how to locally exploit CVE-2014-8142 and CVE-2015-0231. In Part 2, we'll discuss remotely exploiting this vulnerability, and what we can steal from the application using the methods we discover. However, we will be focusing solely on CVE-2015-0231. Feel free to make the necessary changes as outlined in Part 1 to get CVE-2014-8142 working.

Securely Distributing PHARs: Pitfalls and Solutions
The PHAR ecosystem has become a separate distribution mechanism for PHP code, distinct from what we usually consider PHP packages via PEAR and Composer. However, they still suffer from all of the same problems, namely the persisting whiff of security weaknesses in how their distribution is designed. What exactly can go wrong when distributing any sort of PHAR?

Diagnose WordPress Performance Problems With New Relic
This tutorial continues where we left off in Using New Relic to Monitor WordPress Performance. Here, I'll give you a conceptual overview of WordPress performance and guide you through using New Relic to examine your own site's performance.

Exploring the Cache API in Drupal 8
Drupal 8 comes with many improvements over its predecessor, and one such improvement has been the cache API that solves many performance problems we have in Drupal 7. This article shines a bit of light over the new cache API. To this end, we are going to look at how we can use it in our custom modules as we are encouraged to do so much more in Drupal 8. 

Xdebug 2.3: Moar var_dump()
This is the first article by Derick Rethans in a series about the new features in Xdebug 2.3, which was first released on February 22nd. One of the new features relates to one of the first things that he added in the original Xdebug: making the var_dump() output "pretty". Xdebug replaces PHP's standard var_dump() function with its own version, as long as the xdebug.overload_var_dump setting is not set to 0.

Building a AngularJS Provider For hello.js Library
Hello is a client-side Javascript SDK for authenticating with OAuth2 web services. It’s pretty straightforward to use, and well explained at documentation. Gonzalo Ayuso wants to create a reusable module, and use it within AngularJS projects.

Popular Photos, Filters and User Profiles with the 500px API
500px is a photo community for discovering, sharing, buying and selling inspiring photography. In this article we are going to explore their API and build a small showcase app.

Create A Simple CRM in WordPress: Creating a Custom Post Type
If you're a freelance designer, developer, or a business owner, you know how difficult it is to keep a central store of prospective customer data. Once you've accomplished that, it's sometimes difficult to keep that data updated - logging calls you've made to the prospect, emails you've sent and so on. This post looks at registering a custom post type, creating custom post fields, displaying custom post fields in the WordPress Administration interface, searching our custom field data and turning the WordPress Administration interface into a lightweight CRM interface.

Run #AllTheCommands Outside of Homestead
Laravel Homestead has brought virtual machines for web development to the mainstream PHP developer, making setting up a development stack similar to XAMP extremely simple. However, one of the drawbacks so far has been that you always needed to run Laravel Artisan commands from within Homestead, as they depend on MCrypt being installed. The accepted solution thus far has been to install newer versions of PHP alongside Apple’s version using Homebrew or MacPorts. Mike Bronner has come across another method while researching some non-related issues: install the latest version of PHP from a binary that includes the MCrypt extension. Find out here.
News and Announcements

Joomla! 3.4 is Here
The Joomla! Project and the Production Leadership Team are proud to announce the release of Joomla! 3.4.0, latest releases of the 3.x release series.

PHP Excel v1.0.1 Released
The long awaited v1.0.1 of PHP-excel extension is finally out, with lots of changes in this one. 

DrupalCon - May 11-15th 2015, Los Angeles
DrupalCon brings together thousands of people from across the globe who use, develop, design, and support the Drupal platform. The North American DrupalCon is the most widely attended Drupal event in the world. Taking place in sunny Los Angeles this year, DrupalCon will feature a full schedule of educational, networking and contribution opportunities. Tickets are available now.

php[tek] Conference - May 18-25th 2015, Chicago
php[tek] is a PHP conference like no other. It brings together great technology content and great people, and mixes them up in a wonderful cocktail of PHP fun. You will find high-quality presentations by the brightest experts in the PHP world, coupled with a welcoming and friendly community of attendees and speakers. Early bird tickets are available now.

Bulgaria Web Summit - April 18th 2015, Sofia
The Bulgaria Web Summit is an annual conference about the modern web, covering programming, UX/UI/IA/Design, IOT and web. Tickets are available now.

SOLIDay by PHP Serbia - May 30th 2015, Belgrade
A day of presentations by world-famous PHP experts and professionals, on topics such as OOP principles, design patterns, software architecture, frameworks and similar. Whether you are a novice, intermediate or advanced developer, join us on this conference and expand, improve or simply refresh your knowledge of this important topic.


Chi Hoang and Italy Won the 2014 PHP Innovation Award Edition
The results of the PHP Programming Innovation Award edition of 2014 were announced and the winner is Chi Hoang from France. Collectively Italy won the championship by countries. The site interviewed the winners to get to know them better.

PHP Town Hall #38: Weak, Strict or Go Home?
With the vote for Strict Types in the balance, we have a chat with two core contributors about why they are for or against this RFC. On one side, Andrea Faulds, who wrote the RFC. On the other, Levi Morrison, who is responsible for one of PHP 7’s greatest features yet: return type hints. The intention here was to discuss the Scalar Type Hint RFC v0.3, which was the one that went to vote. The vote was ongoing at the time, but was since pulled as Andrea quit.

MageTalk Magento Podcast #25
"I'm Fat and Ugly and I Like Stupid Stuff"

The Changelog Podcast #144: GitHub Archive and Changelog Nightly with Ilya Grigorik
This week we’re joined by Ilya Grigorik. Ilya is a web performance engineer at Google where he works day and night making the web faster.

Acquia Podcast: Helping Remote Teams Work - The Manager
Part 2 of 2 – I ran into Elia Albarran, Four Kitchens' Operations Manager at BADCamp 2014. She mentioned she'd read my blog post 10 Tips for Success as a Remote Employee; we started exchanging tips and ideas until I basically yelled, "Stop! I need to get this on camera for the podcast!" She graciously agreed and brought along two Four Kitchens developers for the session, too: Taylor Smith and Matt Grill, whom I spoke with in part 1. In this episode, I speak with Elia Albarran about the manager's perspective on running great teams, whether mixed in-house/remote or all remote.

Voices of the ElePHPant - Interview with Morgan Tocker
This week Cal Evans talks to MySQL Community Manager @ Oracle, Morgan Tocker.

Full Stack Radio Podcast - Episode 10: Type Safety Roundtable with Ryan Tablada and Matt Machuga
In this episode, Adam talks with Ryan Tablada and Matt Machuga about the philosophical differences between programming in a statically typed language vs. a dynamically typed language. They talk about things like explicit interfaces vs. duck typing, function calling vs. message passing, and some of the recent RFCs around optional typing in the PHP community.

Reading and Viewing

Zend PHP 5 Certification Study Guide: a php[architect] guide (by Davey Shafik and Ben Ramsey, published 6th February 2015)
The third edition of the popular "Zend PHP 5 Certification Study Guide", edited and produced by php[architect], provides the most comprehensive and thorough preparation tool for developers who wish to take the exam. Zend Certification is an industry-recognised benchmark used to validate PHP expertise while indicating a developer's commitment to mastering the craft and being a professional programmer.

Professional WordPress: Design and Development (by Brad Williams and David Damstra, published 27th January 2015)
Professional WordPress is the only WordPress book targeted at developers, with advanced content that exploits the full functionality of the most popular CMS in the world. Fully updated to align with WordPress 4.1, this edition has updated examples with all new screenshots, and full exploration of additional tasks made possible by the latest tools and features.

Vagrant with GUIs and Windows
Recently, Oscar Merida presented at the Drupal NoVA meetup group, about using Vagrant to automate setting up development environments for your projects. View the slides here.

Error Handling in PHP
A 500 with blank output is scary. Through the magic of setting exception and error handlers, I’ll show you how, using PHP’s core error handling functions, to turn the White Screen of Death into a prettier, more informative output that’ll help you solve your app’s problems rather than freak out over them. Watch the video here.

Building APIs You Won’t Hate: Review
The SitePoint team has reviewed Phil Sturgeon's recently released book Building APIs You Won’t Hate.


To post a job advert please contact [email protected]

Fuzzy Matching Project Work
We are looking for someone to help on a specific project which will involve matching products on one website with products on another website. Someone with skills and demonstrable experience of matching algorithms is a necessity. If you can’t prove that you can do this kind of work please do not contact us. For the right person there is ongoing exciting work. In the first instance please contact us at [email protected] with “Fuzzy matching project” as the subject and we will then create a shortlist, providing the shortlist with information about our company.

Interesting Projects, Tools and Libraries

Provides an error handler for PHP that can execute a stack of handlers for various purposes.

A tiny, but robust REPL for PHP.

Sage is a WordPress starter theme based on HTML5 Boilerplate, gulp, Bower, and Bootstrap, that will help you make better themes.

Bedrock is a modern WordPress stack that helps you get started with the best development tools and project structure.

A responsive-modular CMS and application framework built on CodeIgniter.

dotenv file parsing for PHP.

A very user-friendly PHP client for DBaaS.

Zerg is a small PHP tool that allows you to simply parse structured binary files like lsdj memory dump file, jpeg encoded image or your custom binary format file.

phpCornerstone is an MVC framework focused on code organisation, intelligent routing and facilitating DRY principles.

A template engine using HTML markup for PHP5.4+.

Silly CLI micro-framework based on Symfony Console.

A full-scale PHP 5.3.2+ sandbox class that utilises PHP Parser to prevent sandboxed code from running unsafe code.

Object oriented stream library for PHP.

Fast PHP templating engine.

Easy to use php annotations for Yii framework.

A library of hacks and snippets for the WordPress admin panel.

A simple PHP testing library for defining and crafting mock classes and objects.
Please help us by clicking to our sponsor:

 From our sponsors:
Group Chat & IM for Teams Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >>
(Sponsor this newsletter

So, how did you like this issue?

Like us on FacebookFollow us on Twitter
We are still trying to grow our list. If you find PHP Weekly useful please tweet about us! Thanks.
Also, if you have a site or blog related to PHP then please link through to our site.

unsubscribe from this list | update subscription preferences 

Protect your PHP code with SourceGuardian. Free trial.


Subscribe! Enter your email address below:

NO SPAM: We absolutely hate spam. We will not share, rent, or give away your email address to anyone.You can unsubscribe at any time. Easily!

Talk to us!

If you have some news, want to share a link with us or chat with us feel free to email us.

And we also have an RSS feed that you can use.

Like us on FacebookFollow us on Twitter

Copyright ©