SitePoint PHPSourcehunt: PHP7-Only Alternative to Laravel, HPKP, and More (28.6.2016, 17:26 UTC)

Time to promote some open source projects again!

Sourcehunt logo

paragonie/hpkp-builder [15 ★]

This library aims to make it easy to build HTTP Public-Key-Pinning headers in your PHP projects, and requires at least PHP 7.

HTTP Public Key Pinning, or HPKP, is a security policy delivered via a HTTP response header much like HSTS and CSP. It allows a host to provide information to a user agent about which cryptographic identities it should accept from the host in the future. This can protect a host website from a security compromise at a Certificate Authority where rogue certificates may be issued for your hostname.

Read more about HPKP here.

Rican7/incoming [137 ★]

Incoming is a PHP library designed to simplify and abstract the transformation of loose, complex input data into consistent, strongly-typed data structures.

// Create our incoming processor
$incoming = new Incoming\Processor();

// Process our raw form/request input into a User model
$user = $incoming->process(
    $_POST,            // Our HTTP form-data array
    new User(),        // Our model to hydrate
    new UserHydrator() // The hydrator above

Explaining it to any great detail is outside the scope of this short post, but in essence it allows us to precisely define what kind of input information goes through and hydrates our model, rejecting, filtering, or transforming everything else.

It's like Fractal, backwards. (Fractal makes sure the output matches a set structure, rather than input)

The library currently has one outstanding issue - and it's a discussion around a feature - but could definitely use some users and feedback! Maybe even a SitePoint post about it?

Continue reading %Sourcehunt: PHP7-Only Alternative to Laravel, HPKP, and More%

Voices of the ElePHPantInterview with Dave Stokes (28.6.2016, 09:00 UTC) Link
Remi ColletPHP version 7.0 in Fedora 25 (28.6.2016, 07:43 UTC)

FESCO have approved, for Fedora 25 the upgrade from PHP 5.6 to PHP 7.0.


For memory, this is the result of lot of work, started more than 1 year ago:

And since, each minor release have been published in the repository on upstream announcement day.

Since yesterday, PHP version 7.0.8 is the version available in Fedora rawhide. It will be used for PHP stack QA.

Notice, removed extensions and packages:

  • php-ereg
  • php-mssql
  • php-mysql
  • php-pecl-jsonc (but php-json is back)
  • php-pecl-mongo (php-pecl-mongodb is under review)
  • php-pecl-xhprof
  • php-pecl-mysqlnd-ms
  • php-pecl-mysqlnd-qc
  • php-xcache

Some others will probably be removed later by their owner. For now, all compatible extensions have been updated: amqp, apcu, apfd, event, fann, geoip, gmagick, http, lorde_lz4, igbinary, json_post, libsodium, libvirt, lzf, mailparse, memcache, memcached, msgpack, oauth, pq, propro, raphf, redis, rrd, selinux, smbclient, solr2, ssdeep, ssh2, twig, uuid, xattr, xdebug, xmldiff, yac, yaml, zip, zmq.

Now, we have to manage and fix all the problems detected by Koschei in the php group.

And of course, I have already start working on PHP 7.1 which will probably be proposed for Fedora 26.

So things happen here first, in remi repository, which is used as upstream for Fedora and later for RHEL and CentOS.

Great thanks to my employer, and to everyone using my packages, and helping me to make this possible.

PHP ClassesFast Debugging of PHP Code Using PHPEd Part 3: Remote Debugging and Remote Projects (28.6.2016, 06:33 UTC)
By Cyril Ogana
IDEs are good to help debugging your code before it goes to production, but sometimes you need to find bugs in your code that cause problems and can only be observed in production. This is one case on which remote debugging is necessary.

IDEs like PHPEd support remote debugging. You do not need to download the project files from the production server to debug your project remotely. Thanks to the remote projects feature of PHPEd, it can retrieve only the server files that you need to debug so you can start debugging remote projects very quickly.

Read this article to learn how to setup and use PHPEd to debug remote projects running in production server for instance.
SitePoint PHPCan Symfony Apps Be Fast on Vagrant? Let’s Check with SuluCMS! (27.6.2016, 15:41 UTC)

In this short tutorial, we’ll set up Sulu and optimize on a Vagrant environment. Why a dedicated tutorial handling this? Besides the fact that Sulu has a rather complex initialization procedure, it is based on Symfony which is infamously slow on virtual machines with shared filesystems, and thus needs additional optimizations post-install. The performance hacks in this post, while Sulu-specific, can be applied to any Symfony application to make it faster on Vagrant.

Would you like to learn more about Symfony and/or SuluCMS? Come join us at WebSummerCamp - the only conference filled to the brim with long, hands-on workshops. The program is out and it’s awesome! Super early bird tickets available until the end of June!

sulu logo

As usual, we’ll be using our Homestead Improved box as the base, but the steps below are explained in enough detail for you to follow them on any environment.

New Box and Folder Sharing

We start by downloading a fresh box and setting up folder sharing.

git clone hi_sulu
cd hi_sulu; bin/

Once this is done, it’s recommended to set the file sharing type to nfs, due to this known issue, also described here.

Continue reading %Can Symfony Apps Be Fast on Vagrant? Let’s Check with SuluCMS!%

PHP ClassesTop 4 Mistakes Developers Should Avoid when Creating Their Own Software Product Business (27.6.2016, 05:37 UTC)
By Manuel Lemos
Many developers try to create their own business based on software that they develop but some fail, often due to the same mistakes that others already committed.

If those developers knew in advance what are those mistakes, they could have avoided failing, simply by not repeating the same mistakes.

Watch this short video to learn what are the top mistakes that you should avoid when you try to create your own software product business.
PHP: Hypertext PreprocessorPHP 7.1.0 Alpha 2 Released (27.6.2016, 00:00 UTC)
The PHP development team announces the immediate availability of PHP 7.1.0 Alpha 2. This is the second alpha release for PHP 7.1.0. All users of PHP are encouraged to test this version carefully, and report any bugs and incompatibilities in the bug tracking system. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. These files can also be found in the release archive. For source downloads of PHP 7.1.0 Alpha 2 please visit the download page, Windows sources and binaries can be found on The first beta will be released on the 7th of July. You can also read the full list of planned releases on our wiki. Thank you for helping us make PHP better.
Stefan KoopmanschapOn submitting to CFPs (24.6.2016, 09:55 UTC)

One of the first things you do if you want to speak is that you submit to a CFP (Call for Papers) of a conference. Most conferences use this system to get a nice selection of talks out of which to compile the schedule for a conference. The idea is that speakers tell the conference what they want to speak about and the conference can make the selection of speakers and topics for their conference.

Having been a conference organizer as well as a speaker, I've seen both sides of the CFP process. Because of that, I've made some decisions as a speaker on how I handle CFPs. Since I've discussed this with several people in the past year but it keeps coming up, I've decided to document one of my decisions here.


Today I tweeted:

#firstworldproblems #speakerproblems call for papers closing before other conferences in same period have announced their speakers

To give this some context: I was looking at the currently open CFPs (thanks to the awesome CFP Report newsletter) and noticed that the CFP for PHP[world] is closing today. Now, I submitted some talks to ZendCon, which is in the same period, and I can't really handle two North-American conferences in such a short time period so I need to make a choice. However, ZendCon has not sent out acceptance/rejection e-mails, so I don't know if I get accepted there yet.

Andreas Heigl responded with:

@skoop apply and then see what happens. First one calling wins ;)

This is actually what I used to do, and I know other people do this as well. And from the speaker perspective, this makes sense. Having been on the other side, however, I've decided not to do this anymore. Let me explain...

The CFP process

Most conferences get hundreds of proposals, where they have between 5 and 25 slots to fill, depending on how big the conference is. You may already notice the problem: You'll have to make a very small selection out of a big pile of proposals.

My experience with a CFP is that it is usually pretty easy to discard the first 10% of the proposals. They are one or more of the following:

  • Unclear
  • Not appropriate for the theme of the conference
  • A single talk for an international speaker (too expensive for most conferences)
  • Just plain bad

I must admit that the last reason is actually becoming more rare. Speakers are putting much more effort into their proposals and talks than they used to, but it sometimes still happens.

The biggest problem with this is: After removing 10% off the big pile, you still have a pretty big pile of appropriate, high-quality talks left. You'll have another 70-80% of the talks to reject.

The process of going through all these talks is hard. It usually involves a lot of reading, research, trying to find a balance in the offered subjects, deciding on how many international speakers you can afford to fly in and trying to find the right talks to accept for those international speakers (international speakers usually need at least two talks to be accepted to make it financially viable to invite them).

I've been involved in the CFP team for a lot of conferences. This whole process is usually a team effort of between 2 and 20 people. Imagine the amount of time that goes into creating a balanced schedule out of the CFP. Hours and hours of work.

Now, imagine what happens when you finally send out the acceptance e-mails, and one or maybe even two or three speakers respond with "sorry, I can't make it".

That response means (part of) the above process begins again. I know it happens, but it is not a nice experience as a conference organizer. So...

My personal rule

As a result of the above, I've set a personal rule only to submit to the CFP of a conference when I know for sure I can make it (emergencies and such are the exception to that rule of course). It seems only fair to conference organizers that I can make this guarantee when I submit to their conference.

Now what?

I'm not saying all speakers should adhere to this rule, but I hope this blogpost will give a better perspective to new and existing speakers about "The Other Side" of the CFP.

Voices of the ElePHPantInterview with Chris Russell (24.6.2016, 09:00 UTC) Link
Nomad PHPCommonMark: Markdown Done Right (24.6.2016, 04:01 UTC)

September 2016 - US
Presented By

Colin O'Dell
September 22, 2016
20:00 CDT

The post CommonMark: Markdown Done Right appeared first on Nomad PHP.

LinksRSS 0.92   RDF 1.
Atom Feed   100% Popoon
PHP5 powered   PEAR
ButtonsPlanet PHP   Planet PHP
Planet PHP