OAuth Middleware for Slim

OAuth can be anything you want it to be, the standards are lax and give you plenty of room for getting the right implementation for your system. However you proceed, though, you'll need to check an access token on every request - and in a Slim application, a middeware can help enormously since it hooks in to every request by design. I've recently implemented this and thought I would share. Continue reading

Joind.in at the PHPNW Hackathon

It's that time of year again, the PHP North West conference is almost upon us, and this year they are once again running a hackathon. These events are a great way either to carve out some time to get your head down and hack on an idea that's been in the back of your mind for a while, but they're also a fabulous way to get involved in collaborating on projects. At PHPNW, you'll find there are quite a lot of open source projects at the hackathon, standing by to take on anyone interested in getting involved, either just for the evening or beyond. I'll be there, representing joind.in, a tool which is used by the conference itself. So what kinds of things will there be to do and how can you get involved? Continue reading

Changing Content Type with Slim Framework

Slim framework has recently invaded my life, I picked it up for a hobby project, recommended it to a client who then contracted me to do quite a lot more development, and it's also used for m.joind.in. One thing that has tripped me up a couple of times is how to return not-HTML from Slim as it just bins any headers you try to send yourself. I think also that the "right" way to do this may have changed between versions as I also found some examples that didn't work! What did work for me was this:

        $response = $app->response();
        $response->header("Content-Type", "text/javascript");

The $app variable is the Slim\Slim instance for your application, once you have that, you can just add on any headers you need to with this call to header(). It wasn't obvious to me and there weren't a lot of resources for this, so I thought I'd share!

Using Composer in an Existing Project

I've got an application (okay, scratty PHP script) which glues together some API things and shows them onto a dashboard for me. Recently, I updated it to use Guzzle as the consuming client, since twitter now needs me to authenticate (I wrote about that if you're interested), and I used Composer to bring the new library in. It was very simple so I thought I'd share it as it's quite minimal example, and those are my favourite kind. Continue reading

Using Charles To Debug PHP SOAP

I used this trick to solve a particularly sticky problem last week, so I thought I'd share. I had a 3rd party SOAP service (except it was actually a .NET WCF service, which is almost SOAP but not quite) which didn't behave in accordance with the way its documentation said it would. PHP's SoapClient has the ability to enable tracing and give information about the request/response headers/body, which is useful, but I needed to store the outputs and also rewrite a particular request header during the course of debugging this. Enter: Charles Proxy. Continue reading

PSR-What?

There's been some cool things happening in the PHP world over the last few years, but with the least helpful names ever ... yes, those PSR-somethings which all do totally different things (apart from two of them which are the same). They're actually all superb things, and done for a good reason, so I thought I'd try to translate them into normal speak.

PSR

Let's begin at the beginning. Once upon a time, at a conference, the lead developers from a selection of frameworks sat down in the same room (they are better at it nowadays, at the time I might not have believed it had I not been there) and agreed some standards for all their projects to use. The aim is to make PHP frameworks and libraries easier to combine for users, and so it was that php-fig: the PHP Framework Interop Group was born. This group of awesome individuals oversee the PHP Standards Recommendations (PSRs). Continue reading

Twitter Search API Using PHP and Guzzle

In case you missed it, Twitter updated their APIs recently, so that you have to authenticate to use even their search APIs to return publicly-available results. This is an increasing trend for API providers, to provide either very limited or nonexistent access for unauthenticated users, I think so they can rate limit consumers that swamp them. To cut a long story short, that meant I needed to update my dashboards that keep an eye on twitter searches to do more than just call file_get_contents in the general direction of the right URL. Continue reading

PHP Version Adoption

PHP runs over 75% of all websites whose technologies are known (source: w3techs), which makes for a really REALLY long tail of users who once installed wordpress, phpmyadmin, or some other open source project that helped their business needs at the time. What they don't do is upgrade. PHP's current usage statistics look like this (source and raw numbers are if you want them):

PHP Version Adoption

What's alarming about this is that the left half of this graph represents unsupported versions of PHP. PHP 5.2 has been end of life since January 2011. This doesn't mean that you can't use it any more, but it does mean that in terms of security updates, you are out of luck. Some distributions will try to retro-fit some of the fixes but essentially your PHP applications seem a bit lacklustre because, well, you're using technology from 2006. Continue reading

Simplest PHP Generator Example

I really like the generators feature that's arriving in PHP 5.5, and since we're now into release candidate releases, it's actually not that far away. I've been speaking on this topic and I thought I'd share my trivially simple code example from my slides.

Writing a Generator

The generators use the yield keyword to feed values out as they are iterated over. In code, they really look a lot like a function (or method):

< ?php
function getValues() {
    // totally trivial example
    yield "Apple";
    yield "Ball";
    yield "Cat";
}

Continue reading

Setting Multiple Headers in a PHP Stream Context

Last week I tried to create a PHP stream context which set multiple headers; an Authorization header and a Content-Type header. All the examples I could find showed headers built up as a string with newlines added manually, which seemed pretty clunky and not-streams-like to me.

In fact, you've been able to pass this as an array since PHP 5.2.10, so to set multiple headers in the stream context, I just used this:

<?php
$options = ["http" => [
    "method" => "POST",
    "header" => ["Authorization: token " . $access_token,
        "Content-Type: application/json"],
    "content" => $data
    ]];
$context = stream_context_create($options);

The $access_token had been set elsewhere (in fact I usually put credentials in a separate file and exclude it from source control in an effort not to spread my access credentials further than I mean to!), and $data is already encoded as JSON. For completeness, you can make the POST request like this:

<?php
// make the request
$response = file_get_contents($url, false, $context);

Hopefully this will help someone else doing the same thing next time (or at least I know I can come back here when I can't remember!), the array approach seems more elegant and maintainable to me.