The newest version of CakePHP doesn't ship with built in ACL, which means you need to write your own. Personally I think this is a smart move, having looked at the one-size-fits-all solutions for previous versions of the framework and knowing that every system has different requirements, this version has good hooks and documentation on how to add something that works for your application. I thought I'd share what worked for mine. Continue reading
I've been having my first experiences with generated code, generating a new admin backend using CakePHP3 (yes CakePHP is still around, it's alive and doing rather well in fact!). So far it's going great and producing a much more complete solution than I'd have managed for myself on this timescale.
One thing is bothering me though: it guesses form input types from the database column types, which mostly works well but sometimes it picks something that doesn't reflect the way that the user will store information in this field. It's actually pretty easy to change the forms that get generated though, so here's an example. Continue reading
PHP 7 is released but for those of us who don't usually compile our own PHP, it can be a long wait for our preferred distro to release the packages we want. For Ubuntu, I'm using a PPA which allows both PHP 5.6 and PHP 7.0 to be installed, including things like extensions, at the same time. It was very easy to set up (I'm running Ubuntu 15.10 but this process should also work on older versions back to at least 14.04 which is the previous LTS) so here's a quick walkthrough of what I did. Continue reading
Composer is dependency management for PHP, and it consists of two main files:
composer.jsonwhere you specify your dependencies
composer.lockwhere composer itself records exactly which precise version of every library and every dependency of every library it picked, so all installs will be identical
composer.lock also includes a hash of the current
composer.json when it updates, so you can always tell if you've added a requirement to the
composer.json file and forgotten to install it. Continue reading
I'm delighted to announce that the second edition of PHP Web Services is published! This isn't an entirely new book but in my own biased opinion it is a much better job of this topic than I did the first time around :) Following from the feedback we got on the first book, this edition contains quite a lot more working examples (with code on github) as well as updates for new tools and expansion on newer technologies and practices.
Writing a second edition was nothing like writing a first edition, it's more like editing with snippets of writing and rewriting thrown in. My heartiest thanks to my tech reviewers who sorted out all kinds of nonsense contradictions and generally asked hard questions during the process - you are all humans of the highest calibre :)
The password features in PHP aren't exactly new, but I see lots of applications from "before" which aren't being migrated to better practices. I have some strategies for doing these migrations so I thought I'd share my main approach, plus a similar-but-different one I saw in the wild (OK it was in CakePHP, so not too wild!). Continue reading
Most of the time when I work with APIs from PHP, I use Guzzle - it's awesome and modern and elegant. However some of my work is with legacy platforms and I recently had a situation where we needed to integrate with a API using OAuth2, and launch that integration before the planned platform upgrade from an older version of PHP was expected to complete.
(this drives me nuts, I love upgrading systems but the downside is you have to work with the old ones first and none of the tools you want have been invented yet!)
For OAuth2, all I had to be able to do was to send an
Authorization header with my web request from PHP. My second-favourite way of making API calls from PHP is to use PHP's stream handling, so I did that. It's not code you see very often but it's super-simple and it works on every PHP platform I've tried so far, so here's an example:
// assemble the options $opts = array( 'http'=>array( 'header'=> "Authorization: Bearer " . $access_token ) ); // create the context $context = stream_context_create($opts); // now make the request! Use the context and simply output the result echo file_get_contents('http://api.example.com/endpoint1', false, $context);
If you're trying to make an API call from PHP and installing better tools is hard for any reason, this example may help!
I recently tweeted this:
If your project installation instructions recommend requiring dev-master in composer, I may need to reconsider my choice of package
— Lorna Mitchell (@lornajane) December 2, 2015
I got a few responses asking me to expand so I thought I would take the opportunity to write more than 140 characters on this topic. Continue reading
Database patching is a wicked hard problem, one that's got a bit easier in my world lately as I've been using Phinx on a few projects. I like Phinx because it avoids the numbered-patches problem by using date stamps as part of its patch naming and it is pretty smart about creating the correct forward and backward changesets from a single
One thing I didn't immediately find was how to insert data. Continue reading
Phan is the PHP Analyzer for PHP 7 code. I've been using it, partly out of curiosity, and partly to look at what the implications of upgrading my various projects will be. The simplest usage instructions are:
phan -f filelist.txt
I generated my
filelist.txt files with a little help from grep - by looking for all files with opening PHP tags in, and putting that list of filenames into a file. My command looks like this:
grep -R -l "<?php" * > filelist.txt
This simply greps recursively (the
-R switch) in all files looking for
<?php and when it finds it, outputs only the filename (the
-l switch does that bit). Then I just put all the output into my
Phan is in its early stages but it's ready for you to run on your own projects. Look out that you may need to put your bootstrap or other include files first in the
filelist.txt file if phan isn't finding things in the right order - luckily with it all in one file, it's relatively easy to move things around if you need to.