Here we are again PHP fans, with your latest edition of phpweekly.com.
We start this week with several releases from the PHP development team - PHP 7.2.1, PHP 7.1.13, PHP 7.0.27 and PHP 5.6.33, all available immediately.
We also take a look at the outcome of the 2017 PHP Security Advent Calendar from last month, when the PHP community was set 24 security challenges.
The Five Minute Geek Show podcast returns with a special Christmas themed episode, featuring Matt's kids!
Plus we take a look at how Symfony Packs can help you when starting a new project using Symfony Four.
And finally, the January issue of the php[architect] magazine is out now.
Enjoy your read folks.
Cheers
Katie and Ade
|
Please help us by clicking to our sponsor:
Protect your PHP Code
Why not try SourceGuardian 11. Click here to download a 14 Day Trial copy. Protect your code using Windows, Linux or Mac and run everywhere with our free Loaders. |
Articles
PHP Security Advent Calendar 2017 Wrap-Up
In this years PHP Security Advent Calendar we published 24 challenges for the PHP community where security issues were hidden in code snippets for fun and training. The challenges are based on real-world security vulnerabilities that we found with the help of RIPS over the last year in popular PHP applications. In this blog post we are going to discuss the main take-aways from our advent calendar regarding PHP security.
PHP MVC Frameworks Preview of 2018 (Phalcon 3, Symfony 4, Laravel 5.x and others)
It’s that time of the year again, when we take a look at the world of PHP MVC frameworks. We get ready for the trends of 2018 and plan our roadmaps. Also, we’ll take a quick detour to look at some seagues in the areas beyond PHP MVC.
17 Tips for Using Composer Efficiently
Although most PHP developers know how to use Composer, not all of them are using it efficiently or in a best possible way. So I decided to summarise things which are important for my everyday workflow. The philosophy of most of the tips is "play it safe", which means that if there are more ways how to handle something, I would use the approach which is least error-prone.
Considering Typehints As Communication
Typehints help communicate across time and space, to people who may never meet you or who might not be able to interrogate you about your code, so those people can understand how you expect the code to work.
The Best PHP IDE 2017 and 2018 Comparison - The Most Popular Editors for Development under Windows, Mac and Linux either Open Source, Free or Commercial
Most PHP developers use an IDE (Integrated Development Environment) to become more productive. There several PHP IDEs, some more advanced than others, some are commercial and others are free. Read this article to compare the features of some of the most popular IDEs being used by PHP developers, so you can decide which one suits you best.
What Version of PHP Should My Package Support?
Everybody likes “the new hotness.” Everyone loves a new car, or a new computer, or the state-of-the-art video gaming console. It’s why people camp out for days to get their hands on a new iPhone, when they could just buy one the next week off the shelf. People love to have the hot thing, right now. Perhaps, then, it shouldn’t be so surprising that people get tremendously excited when a new version of PHP comes out. |
Tutorials and Talks
Symfony 4: Unpack the Packs
We get a lot of positive feedback on Symfony 4. You love the new directory structure. You love the simplicity of using services without configuring anything. And you love the automation that Flex provides. It makes me happy and proud. But one issue I hear sometimes is that it is more complex to start a new project.
Modular Application Architecture - Considerations
This is the fifth post from a series of posts that will describe strategies to build modular and extensible applications. In this post we will take a general overview on how some popular design patterns and things to keep in mind when creating plugin based applications.
Building a Vue SPA With Laravel
Building a Vue single page application (SPA) with Laravel is a beautiful combination for building clean API-driven applications. In this tutorial, we show you how to get up and running with Vue router and a Laravel backend for building a SPA. We will focus on the wiring up all the pieces needed, and then in a follow-up tutorial, we will further demonstrate using Laravel as the API layer.
Introduction to PHP Reflection API
When I started PHP coding, I wasn’t aware of the power of Reflection API and the main reason is that I didn’t need it to design my simple class, module or even my package, then I started to find it in many areas playing a major role. So in this part we will introduce Reflection API.
Handling CORS in a Laravel Application
Recently we released laravel-cors. This package can add the necessary CORS headers of your Laravel app. In this post I'd like to give a quick explanation of what CORS is and how you can use the package.
PHP Type Hinting: What You Shouldn't Do
When PHP 7 came up with strong types, I saw the light. I had the hope not to see anymore bugs and inconsistencies due to weak typing in PHP.
Creating a 'Winning' Audio Lambda Service using Serverless, Polly and Compiled SOX
Following on from my previous post which discussed manipulating images, I would now like to expand upon this and look into how you can interact with audio using Lambda.
Create and Deploy Secure PHARs
For those who are not familiar with it, PHAR (Php Archive) is analogous to the JAR file concept but for PHP. It allows you to package an application into a single file making it convenient to deploy or distribute. This used to be very convenient for deploying an application over FTP as there is only a single file to replace. Luckily, we don’t have to do that (FTP deployment) anymore (if not, I’m sorry for you).
Don't Repeat Yourself: Automating Repetitive Tasks with WP-CLI
Have you ever found yourself going into the WordPress admin area to update themes, plugins, and WP core? Of course you have. Have you been asked, “Can you create/update/delete all the users on this CSV file?” I’m sure you’ve run into that too. Have you tried migrating a site and wished there were a plugin or third-party tool you could reach for to do the job? I know I have!
Lando Share - Sharing is Caring
We all know the amount of work it takes to get a site working and looking great across all browsers and screen sizes. The struggle is real. Pushing things up to staging for review only to find out that the Safari fix broke the mobile Firefox view; ugh. Enter lando share. With lando share you can expose a public URL to your local Lando app and use that URL to view the site on real phones, tablets, and desktops. Now you can iterate fast on the actual site and share the URL with Project Managers, other Developers, and stakeholders to get immediate feedback!
Off-by-One Error Memory Corruption
A while ago, a user of the PHP Library for MongoDB reported a bug. Over the past week I had a look at this.
Is Gutenberg the End or a New Beginning for WordPress?
I’ve been loosely following the noise and #wpdrama surrounding Gutenberg for as long as it has been around and honestly for the most part I’ve had negative feelings around it (I don’t like change at the best of times). However, I recently dived in and tried it out and you will never guess what happened next! |
News and Announcements
PHP 7.2.1 Released
The PHP development team announces the immediate availability of PHP 7.2.1. This is a security release. Several security bugs were fixed in this release. All PHP 7.2 users are encouraged to upgrade to this version.
PHP 7.1.13 Released
The PHP development team announces the immediate availability of PHP 7.1.13. This is a security release. Several security bugs were fixed in this release. All PHP 7.1 users are encouraged to upgrade to this version.
PHP 7.0.27 Released
The PHP development team announces the immediate availability of PHP 7.0.27. This is a security release. Several security bugs were fixed in this release. All PHP 7.0 users are encouraged to upgrade to this version.
PHP 5.6.33 Released
The PHP development team announces the immediate availability of PHP 5.6.33. This is a security release. Several security bugs were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.
Introducing Heroicons UI
Designer extraordinaire Steve Schoger has released a new icon set called Heroicons UI. A the time of writing, this collection comprises 104 free premium SVG icons licensed under the MIT license.
DrupalCon - April 9-13th April 2018, Nashville TN
DrupalCon unites experts from around the globe who create ambitious digital experiences. Network, learn, and be inspired. The Call for papers is open, and tickets are on sale now.
Oscon - July 16-19th 2018, Portland
OSCON is the complete convergence of the technologies transforming industries today, and the developers, engineers, and business leaders who make it happen.The 20th Open Source Convention takes place next July. From architecture and performance, to security and data, get expert full stack programming training in open source languages, tools, and techniques. The Call for Papers is now open.
Nomad PHP US - February 15th 2018 20:00 CST
2FA, U2F, OOB, and Other Terrifying Security Acronyms, presented by Eric Mann. In 2016, NIST announced it was deprecating SMS-based 2FA (second-factor authentication) from its Digital Authentication Guidance. As the internet works to harden application and online security, what are the proper options available for truly secure authentication? What are those OOB (out-of-band) transactions anyway? Why is identity security so hard? Learn about the tools that define the identity security landscape and how to easily integrate strong identity verification methods with your existing services. BYOA (bring your own acronyms).
Nomad PHP EU - February 15th 2018 20:00 CET
Developing Applications for Performance, presented by Leon Fayer. Scalability != performance. In fact, having to scale your architecture significantly with growth may be a symptom of a poor application performance. With the rise of the cloud and the abundance of automation and container tools that simplify scalability aspects of your system, performance considerations are often pushed to the back row. Building systems for high performance is not easy. It requires a lot of considerations—from technology selection to design decisions. In this talk, I’ll discuss common performance pitfalls across the stack and talk about useful techniques and examples that every application could benefit from. |
Podcasts
The Five-Minute Geek Show Podcast: Episode 103 - Christmas 2017 With The Kiddos
Per special request, Christmas 2017 with the kiddos.
PHP Roundtable Podcast: All Things WordPress
We chat about the WordPress ecosystem.
PHP Ugly Podcast #89: We Drop The Ball
Topics include the future of HHVM and the latest PHP 7.2 release.
Laravel IO Podcast Season 3: Episode 8 - Interview: Marcel Pociot
An interview with Marcel Pociot, creator of BotMan and co-founder of Beyond Code.
MageTalk Podcast Classics – Imagine 2017: Interview with Mark Lavelle
We’re off for a week on vacation so we’re bringing you an episode you may not have heard – this is an interview from MageTalk LIVE at Imagine 2017 with Mark Lavelle!
Laravel News Podcast LN52: Laravel Releases, Laracon Online, and Soft Edges
Jake and Michael return for 2018 and catch up on several framework releases from the break, discuss the upcoming Laracon Online, and community projects from Chris Fidao and Steve Schoger. |
php[architect] Magazine January 2018 - Setting Up To Succeed
It’s my pleasure to again wish you, dear reader, a happy new year! Now that the hustle of the end of a calendar year is behind us, let’s gear up to tackle the next twelve months. This issue collects articles to help you set a foundation to succeed in your endeavours.
Cloudways Interview - Scott Donald Shares His Thoughts About Magento
“Magento Matched Nicely With My Desire To Work With Open Source,” Scott Donald shares his experience.
A Rant About Best Practices
I have yet to talk to a developer that has told me that they were purposefully writing bad software. I think this is something that is part of being a developer, that you write software that is as good as you can possibly make it within the constraints that you have. In my lightning talk for the PHPAmersfoort meetup on Tuesday, January 9th, 2018, I ranted a bit about best practices. In this blog post, I try to summarise what I ranted about.
PHP 7 Zend Certification Study Guide: Ace the ZCE 2017-PHP Exam (by Andrew Beak, published 19th November 2017)
Zend Certification is an industry recognized standard for PHP engineers. It is very difficult to pass the examination without extensive preparation. Unlike other books on PHP, this book is very focused on reaching industry standards.The Zend examination syllabus is comprised of three focus areas and a number of additional topics. This book explains the structure of the examination and then addresses each of the topics for PHP 7.
Learning Event-Driven PHP With ReactPHP Kindle Edition (by Sergey Zhu, published 5th December 2017)
A complete guide to writing asynchronous applications with ReactPHP. Discover event-driven architecture and non-blocking I/O with PHP! |
Jobs
Do you have a position that you would like to fill? PHP Weekly is ideal for targeting developers and the cost is only $50/week for an advert. Please let me know if you are interested by emailing me at [email protected] |
Interesting Projects, Tools and Libraries
actionkit
ActionKit is a library that lets you share the business logics across controllers, pages and ajax requests.
gitelephpant
GitElephant is an abstraction layer to manage your git repositories with PHP.
pyrocms
Pyro is an experienced and powerful PHP CMS built lovingly for Laravel.
witycms
wityCMS is a simple Content Management System Model-View-Controller oriented in PHP.
sylius
Sylius is the first eCommerce framework for tailored solution based on Symfony and Doctrine.
phpword
PHPWord is a library written in pure PHP that provides a set of classes to write to and read from different document file formats.
maghead
The fastest pure PHP database framework with a powerful static code generator, supports horizontal scale up, designed for PHP7.
codebird-php
Easy access to the Twitter REST API, Collections API, Streaming API, TON (Object Nest) API and Twitter Ads API — all from one PHP library.
spout
Spout is a PHP library to read and write CSV and XLSX files, in a fast and scalable way.
last-wishes
Last Wishes is a PHP application written following Domain-Driven Design approach.
extended-cpts
A library which provides extended functionality to WordPress custom post types and taxonomies.
laravel-pjax
Pjax is a jQuery plugin that leverages ajax to speed up the loading time of your pages. |
Please help us by clicking to our sponsor:
Protect your PHP Code
Why not try SourceGuardian 11. Click here to download a 14 Day Trial copy. Protect your code using Windows, Linux or Mac and run everywhere with our free Loaders.
|
So, how did you like this issue?
|
|