Greeting PHP fans, glad to have you :)



Couple of articles this week discussing the buzz in the community recently about PHP and its future, including some specific conversation about HHVM.



The php.net team bring us three new releases; 5.5.10, 5.4.26 and 5.6alpha3, all immediately available.



Plus the PHPUnit development team announced the immediate availability of PHPUnit 4.0.0.



The teams at dev/hell and PHP Town Hall have both released new podcasts this week.



Finally, Chris Cornutt has released his book Securing PHP: Core Concepts. It's a guide to some of the most common security terms and provides some examples of them in every day PHP.



Don't forget we love hearing from you, so drop us an email if you come across anything you think the PHP community will enjoy.



Thanks,

Katie

Help us keep PHP Weekly going Please help us to keep doing this each week by visiting our sponsor:



From our sponsors:

(Sponsor this newsletter) Ridiculous Developers! Expanding your team? We have devs that cost $0110110001/hour. We invoice in binary. Try Toptal risk-free today!

Articles PHP Package Signing: My Current Thoughts

We figured out how to write good code. We figured out how to write good code in a reusable way…for the most part. We figured out how to distribute and mix all that good reusable code in a sensible fashion. Can we now figure out how to do it all securely? Read Padraic Brady's take on the topic.



An Opinion On The Future Of PHP

There's been a lot of buzz in the community lately around PHP and its future. The vast majority of this buzz has been distinctly positive, which is awesome to hear. There's been a lot of talk about PHP6 and what it might look like. There's been a lot of questions around HHVM and its role in the future of the language and community. Anthony Ferrara shares some of his thoughts.



Of HHVM, Hack and the future of PHP

Following on, and in response to, Anthony Ferrara's Future of PHP post above, Lukas Smith has some specific comments about HHVM and Hack.

Tutorials and Talks PHP Best Practices

There are a number of good practices that you should follow when developing web applications in PHP. Most of these are extremely easy to pick up and some of them will even apply to web application development in general.



Risks and Challenges of Password Hashing

In a past article, password hashing was discussed as a way to securely store user credentials in an application. Security is always a very controversial topic, much like politics and religion, where many points of view exist and a ‘perfect solution’ for someone is not the same to others. Miguel Ibarra Romero believes that breaking an application’s security measures is just a matter of time. With computer power and complexity increasing every day, today’s secure applications will not be so secure tomorrow.



PHPUNIT 4.0: Code Coverage Improvements

One of the highlights of PHPUnit 4.0, which was recently released, is an improvement of the @covers annotation and the addition of the @uses annotation for better code coverage analysis.



Simple Captchas with PHP and GD

By now, we’ve all encountered captcha images in online forms. Captchas are a necessary evil, and this article will teach you how they’re made.



Building a Simple Blog App with MongoDB and PHP

If you want to create a blog using MongoDB and PHP, this article will teach you to connect to a MongoDB database, save documents in a collection, query documents in a collection, perform range queries, and sort, update and delete one or more documents from a collection



Building Engaging Web Apps with Game Mechanics

Going beyond the simple visual appeal of JavaScript animations, and CSS transforms, into game design and mechanics to create engaging websites and web applications.



Working With PHP and Beanstalkd

Lorna Mitchell has recently introduced Beanstalkd into her current PHP project; it was super-easy so she has shared some examples and thoughts on how a job queue fits in with a PHP web application.



Basic PHP Form Validation

A quick tutorial showing how easy it is to validate form data with PHP. This can help cut down on spammers, and it can help to ensure that email addresses are at least formatted correctly.



Why I Don't Recommend Script

Anthony Ferrara demonstrates why he doesn't recommend using Scrypt in production systems for password storage.



Understanding Drupal’s EntityFieldQuery

When building complex web apps, you’ll eventually have to interact with a database. To retrieve data in Drupal one can use the database abstraction layer provided, which requires some SQL knowledge to be used properly. From Drupal 7 EntityFieldQuery API is provided, which lets you fetch information about entities from Drupal without actually building SQL queries. This article demonstrates how to use the EntityFieldQuery API to fetch data from Drupal and use it in modules. There are a number of good practices that you should follow when developing web applications in PHP. Most of these are extremely easy to pick up and some of them will even apply to web application development in general.In a past article, password hashing was discussed as a way to securely store user credentials in an application. Security is always a very controversial topic, much like politics and religion, where many points of view exist and a ‘perfect solution’ for someone is not the same to others. Miguel Ibarra Romero believes that breaking an application’s security measures is just a matter of time. With computer power and complexity increasing every day, today’s secure applications will not be so secure tomorrow.One of the highlights of PHPUnit 4.0, which was recently released, is an improvement of the @covers annotation and the addition of the @uses annotation for better code coverage analysis.By now, we’ve all encountered captcha images in online forms. Captchas are a necessary evil, and this article will teach you how they’re made.If you want to create a blog using MongoDB and PHP, this article will teach you to connect to a MongoDB database, save documents in a collection, query documents in a collection, perform range queries, and sort, update and delete one or more documents from a collectionGoing beyond the simple visual appeal of JavaScript animations, and CSS transforms, into game design and mechanics to create engaging websites and web applications.Lorna Mitchell has recently introduced Beanstalkd into her current PHP project; it was super-easy so she has shared some examples and thoughts on how a job queue fits in with a PHP web application.A quick tutorial showing how easy it is to validate form data with PHP. This can help cut down on spammers, and it can help to ensure that email addresses are at least formatted correctly.Anthony Ferrara demonstrates why he doesn't recommend using Scrypt in production systems for password storage.When building complex web apps, you’ll eventually have to interact with a database. To retrieve data in Drupal one can use the database abstraction layer provided, which requires some SQL knowledge to be used properly. From Drupal 7 EntityFieldQuery API is provided, which lets you fetch information about entities from Drupal without actually building SQL queries. This article demonstrates how to use the EntityFieldQuery API to fetch data from Drupal and use it in modules.

News and Announcements



PHP 5.5.10 Released

The PHP development team announced the immediate availability of PHP 5.5.10. Several bugs were fixed in this release, including security issues related to CVEs. CVE-2014-1943, CVE-2014-2270 and CVE-2013-7327 have been addressed in this release. We recommend all PHP 5.5 users upgrade to this version.



PHP 5.6.0alpha3 Released

The PHP development team announced the immediate availability of PHP 5.6.0alpha3. This release adds new features and fixes bugs. All users of PHP are encouraged to test this version carefully, and report any bugs in the bug tracking system.



PHP 5.4.26 Released

The PHP development team announced the immediate availability of PHP 5.4.26. 5 bugs were fixed in this release, including CVE-2014-1943. All PHP 5.4 users are encouraged to upgrade to this version.



Release Announcement for PHPUnit 4.0.0

The PHPUnit development team announces the immediate availability of PHPUnit 4.0.0. This release adds new features, removes existing features and fixes bugs.



WordPress 3.9 Beta 1

The first beta of WordPress 3.9 is now available for testing.

Reading and Viewing dev/hell Podcast Episode #41: Let Me Wet My Beak

This week the team are joined by David Rogers, aka @al_the_x, to hear how he’s teaching PHP in college courses for brand-new progammers. They also talk about what possessed Ed to develop his own unit testing framework.



PHP Town Hall #20 - A Nice Friendly Chat About Sculpin, Guzzle 4 and PSR-7

Phil and Ben chat with two more prominent figures, who also happen to be involved with FIG stuff: Beau Simensen, lead developer of Sculpin and Michael Dowling, lead developer of the wonderful HTTP library Guzzle, who also works at AWS on their PHP SDK. They discussed each of their projects, some of the plans for the future, specifically whats coming up in Guzzle 4 and how that all ties in with the new PSR-7: HTTP Message, currently in “Draft” status. Conveniently Beau, Michael and Phil are the three FIG members who make up the working group for PSR-7, who will all be working to get this “Accepted”.



Multiple Virtual Hosts WAMP

Setting up your own PHP web server is pretty easy thanks to packages like WAMP (Windows Apache MySQL Php) or MAMP (Mac). This video shows how you can configure your local machine to host multiple sites.



Magento vs. X-Cart (+ Screencast)

To see how Magento and X-Cart come together, Jacco Blankenspoor has included an example of Magento’s insane file system and database in this video, and shows how X-Cart looks under the hood. He also takes a look at the attribute system of both products. He has always found this to be a great part of Magento, and was curious how X-Cart handles this. What you don’t see in the video is the use of pre-defined attributes. It is possible with X-Cart though, just not as he shows it, unfortunately.



Securing PHP: Core Concepts (by Chris Cornutt)

Securing PHP: Core Concepts acts as a guide to some of the most common security terms and provides some examples of them in every day PHP. Anything's easier to learn when you're all speaking the same language. This book starts you in the right direction, providing directions on the path to more secure development.

Interesting Projects, Tools and Libraries kphp-kdb

This is VK/KittenPHP-DB-Engine project, consisting of an efficient PHP-to-C++ translator called "KPHP" or "KittenPHP", and several auxiliary high-performance "engines" (specialised non-relational databases), needed for its deployment.



Phartitura

Phartitura is an application that shows you the current state of a library on composer.



jumper

PHP Remote Executor Service



flags

A GNU-style Go-lang 'Flag' inspired PHP command line argument parser.



lazy

A small PHP 5.4+ framework.



blizzard-starcraft-api

A PHP 5.3+ wrapper for the Starcraft 2 API, stand-alone or as a Symfony 2 Bundle.



sendyphp

A PHP class built to interface with the Sendy API.



psysh

An interactive shell for modern PHP.



shoplo-php

PHP client for shoplo api.



ztal

ZTal makes integrating the PHP templating system PHPTAL into Zend Framework easy.



minisuite

MiniSuite is a very concise and flexible unit testing tool.



flintstone

A key/value database store using flat files for PHP.



bono-cache

Laravel Cache for Bono PHP Framework.



php-hostip

PHP Interface to hostip.info.



twitter-php

Small and easy PHP library for sending messages to Twitter and receiving statuses.

So, how did you like this issue?

We are still trying to grow our list. If you find PHP Weekly useful please tweet about us! Thanks



unsubscribe from this list | update subscription preferences

We are still trying to grow our list. If you find PHP Weekly useful please tweet about us! Thanks