Spring Renewal – April 2017

We’re firmly past the spring equinox here in the northern hemisphere, and before thoughts turn to summer vacation, I want to urge you to re-focus a bit on your skills. Is there a book you want to read? Is there some workflow at your job making your life difficult which you could automate? Have you been meaning to play around with a new framework? Set aside some time to dedicate to it. This month’s issue can help you find one, if you can’t pick something new to learn.

Sponsored By

PSR-7 HTTP Messages in the Wild

Not long ago, when you were building an application to handle HTTP requests, the best practice was to use an object that represents the incoming request and the response that needs to be outputted. One of the best off-the-shelf solutions for this was (and still is) Symfony’s HttpFoundation Composer package. It comes with a Request object and a Response object, which helps you with modeling. It’s so good it is used in other frameworks like Slim (version 2), Silex, and Laravel and applications like Drupal 8. Let’s look at how we can share request and response related code readily across projects. by Hannes Van De Vreken

Integrating With APIs

REST-based APIs have emerged as a central feature of tech companies’ business strategies. Businesses are realizing an API strategy brings them more developer integration, platform stickiness, and development speed. Because these APIs depend on a common set of REST architectural patterns most developers are familiar with, the ramp-up time for the business as well as its customers is very short. In this article, we’ll walk through the steps required to integrate with an API. by Caitlin Bales

Demystifying Multi-Factor Authentication

Read this Sample Article

Account security is a hot topic among developers and software users. No dev wants to be responsible for the next big “user accounts breached” headline. With every new headline, users are becoming more concerned about their security, and it’s our responsibility to create products our users can trust. A frequent recommendation is to “enable two-factor authentication your account.” In this article, we’ll look at what this means and how you can implement it in your applications. by Brian Retterer

Education Station: Rock Your Deployments With Rocketeer

There are many ways to deploy code, ranging from the very simple to the rather complex. Regardless of how you do it, to help you out, in this month’s Education Station, I’m going to walk you through a tool which makes your deployments virtually painless. What’s more, it’s written in pure PHP; it’s easy to get started with, easy to use, and easy to extend. by Matthew Setter

Leveling Up: Evaluating Value Objects

Humans are pretty good at looking at things and telling what they are, in general. Computers don’t have that luxury. They rely on the context in-so-far as we give it to them. Sometimes this context is just the variable type. And because PHP is built for the web and the web is built on strings, it happily converts from one type of variable to another. Often we get the right answer, but other times we get surprising and even onerous results. That’s where value objects come in. by David Stockton

Community Corner: Look Out for That Bus!

Since you are actively reading a magazine about programming, I’ll also assume you understand why training is essential. So if both of those assumptions are true, you probably don’t need to read this article. You can, however, rip it out of the magazine (or print it out from the PDF) and slip it onto your boss’s desk as they might not yet understand why training is not just important, it is vital to the continued success of your team. by Cal Evans

Security Corner: Taint Detection in PHP

It’s no secret the lack of input validation and filtering is a problem in web applications. In fact, the omission of these two controls is usually what leads to the most common vulnerabilities found on the web today. When it comes to PHP, things get even worse. The language provides direct access to superglobals (like $_GET and $_POST). This month, we’ll look at how to detect tainted data in PHP by Chris Cornutt

Artisanal: Easy Vagrant Environments as a Service

Vagrant has been a stable and easy way to configure virtual development environments. One common problem is not every developer is a Linux expert, nor do they want to be. Homestead is the official Vagrant box for the Laravel framework ecosystem and is built from the ground up to be easy to use and customize without having to be a server expert. We’ll cover how to get started with Vagrant, how to customize Homestead for your project, and how to share your new Homestead environment with other project collaborators easily. by Joe Ferguson

PHP—By the Numbers

If you read this column regularly, you will know I often quote statistics. Usually, in the form of “82% of all websites use PHP” I wanted to write today about a recent set of numbers released about programming languages in general: the results of the Stack Overflow Developer Survey 2017. My goal today is to dive through some of these numbers on your behalf. Pointing out the statistics of interest about or around PHP. by Eli White