Handling Composer "lock file out of date" Warning

Composer is dependency management for PHP, and it consists of two main files:

  • composer.json where you specify your dependencies
  • composer.lock where composer itself records exactly which precise version of every library and every dependency of every library it picked, so all installs will be identical

Crucially, the composer.lock also includes a hash of the current composer.json when it updates, so you can always tell if you've added a requirement to the composer.json file and forgotten to install it. Continue reading

PHP Web Services: 2nd Edition


I'm delighted to announce that the second edition of PHP Web Services is published! This isn't an entirely new book but in my own biased opinion it is a much better job of this topic than I did the first time around :) Following from the feedback we got on the first book, this edition contains quite a lot more working examples (with code on github) as well as updates for new tools and expansion on newer technologies and practices.

Writing a second edition was nothing like writing a first edition, it's more like editing with snippets of writing and rewriting thrown in. My heartiest thanks to my tech reviewers who sorted out all kinds of nonsense contradictions and generally asked hard questions during the process - you are all humans of the highest calibre :)

Upgrade To Better Passwords in PHP

The password features in PHP aren't exactly new, but I see lots of applications from "before" which aren't being migrated to better practices. I have some strategies for doing these migrations so I thought I'd share my main approach, plus a similar-but-different one I saw in the wild (OK it was in CakePHP, so not too wild!). Continue reading

OAuth2 with PHP's built in Streams Functions

Most of the time when I work with APIs from PHP, I use Guzzle - it's awesome and modern and elegant. However some of my work is with legacy platforms and I recently had a situation where we needed to integrate with a API using OAuth2, and launch that integration before the planned platform upgrade from an older version of PHP was expected to complete.

(this drives me nuts, I love upgrading systems but the downside is you have to work with the old ones first and none of the tools you want have been invented yet!)

For OAuth2, all I had to be able to do was to send an Authorization header with my web request from PHP. My second-favourite way of making API calls from PHP is to use PHP's stream handling, so I did that. It's not code you see very often but it's super-simple and it works on every PHP platform I've tried so far, so here's an example:

// assemble the options
$opts = array(
  'http'=>array(
    'header'=> "Authorization: Bearer " . $access_token
  )
);
// create the context
$context = stream_context_create($opts);

// now make the request! Use the context and simply output the result
echo file_get_contents('http://api.example.com/endpoint1', false, $context);

If you're trying to make an API call from PHP and installing better tools is hard for any reason, this example may help!

Insert Data with Phinx

Database patching is a wicked hard problem, one that's got a bit easier in my world lately as I've been using Phinx on a few projects. I like Phinx because it avoids the numbered-patches problem by using date stamps as part of its patch naming and it is pretty smart about creating the correct forward and backward changesets from a single change() description.

One thing I didn't immediately find was how to insert data. Continue reading

Generating a File List for Phan

Phan is the PHP Analyzer for PHP 7 code. I've been using it, partly out of curiosity, and partly to look at what the implications of upgrading my various projects will be. The simplest usage instructions are:

phan -f filelist.txt

I generated my filelist.txt files with a little help from grep - by looking for all files with opening PHP tags in, and putting that list of filenames into a file. My command looks like this:

grep -R -l "<?php" * > filelist.txt

This simply greps recursively (the -R switch) in all files looking for <?php and when it finds it, outputs only the filename (the -l switch does that bit). Then I just put all the output into my filelist.txt file.

Phan is in its early stages but it's ready for you to run on your own projects. Look out that you may need to put your bootstrap or other include files first in the filelist.txt file if phan isn't finding things in the right order - luckily with it all in one file, it's relatively easy to move things around if you need to.

PHP: Calling Methods on Non-Objects

PHP has subtly changed the wording of this error between various versions of the language, which can trip up your log aggregators when you upgrade so I thought I'd give a quick rundown of the changes around the "call to member function on non-object" error in PHP, up to and including PHP 7 which has an entirely new error handling approach. Continue reading

PHP Learning Path from O'Reilly

I'm very excited to announce that some of my content is featured in the PHP Learning Path from O'Reilly. The Learning Paths are a good way to buy a bundle of content from different people on related topics, and the introductory pricing is always a good deal! Their newest offering is the PHP Learning Path, which has a video course on PHP and MySQL, my intermediate PHP Video course (they wouldn't let me call it "all the things Lorna thinks PHP developers need to know" unfortunately!) and also my video course Git for Web Developers which has a bunch of PHP in it as well as my best git tips and tricks.

I think it's a pretty well-rounded collection and it's only $99 for a couple of weeks, so get the PHP Learning Path here and let me know what you think?

New in PHP 7: null coalesce operator

Not the catchiest name for an operator, but PHP 7 brings in the rather handy null coalesce so I thought I'd share an example.

In PHP 5, we already have a ternary operator, which tests a value, and then returns the second element if that returns true and the third if it doesn't:

echo $count ? $count : 10; // outputs 10

Continue reading