Syndicate content
People blogging about PHP
Updated: 7 min 57 sec ago

Learn OOD - to unlearn it again

Tue, 11/02/2014 - 08:09
One topic we regularly teach in workshops for our customers is object oriented design (ODD), i.e. the art of crafting classes/interfaces in a way that the result is an easy-to-understand, maintainable and flexible code base. With the agile focus on shipping working software, some might consider the skill of OOD less important. One popular argument is that quick reaction to change is more important than designing objects and their interaction carefully. I personally look at it the exact other way around. This blog post summarizes why you need to learn OOD first, in order to avoid it to some degree again.
Categories: Open Source, PHP Community

It’s the Booze Talking #6 – APIs Part 1

Tue, 11/02/2014 - 07:00

Recorded live at Sunshine PHP 2014.

Show Notes:

This episode carries the EXPLICIT tag for language. It is not family friendly. I do apologize if this offends our regular listeners. Feel free to skip this episode and we will return to our normal format soon.

Categories: Open Source, PHP Community

Coding Standards: Humans Are Not Computers

Mon, 10/02/2014 - 23:51

The Computer in Society - April 1965 ... Feeli...

The Computer in Society - April 1965

This is part rant and part poking fun, but I’ve grown weary with the sight of source code running through phpcs for PSR-2 compliance and finding that it’s riddled with dozens and dozens (and dozens of dozens) of errors and an apparently infinite number of warnings. If I actually fixed all the reported problems, I’d drive myself crazy. I’m not crazy. I’ve avoided insanity because I quit using a coding standard. It’s too much and I freely admit it: I loathe coding standards.

Or do I?

The problem with coding standards is not the notion of following conventions to ensure all programmer can quickly read and understand code (and other good stuff), but that someone created a tool to actually check compliance: PHP_CodeSniffer. This isn’t a complaint about the operation of phpcs, but to complain about the mere fact of its existence. Automated tools catch everything. Every minor deviation, every judgement call about what looks neat, tidy or pretty, and every crucial space character found out of place is tallied into a wall of text in your console demanding that all these crucial lapses are fixed post haste. It doesn’t even have the decency to use smilie faces.

Using the cover of such automated tools, we can make judgement calls about code quality, integrate style checks into Continuous Integration scoring schemes, complain about pull requests and patches, and generally impose a time penalty on writing code. There is a point at which common sense morphs into sheer nitpicking, and an automated tool is the perfect nitpicker.

Get Outta My Way!

For me, a coding standard must have flexibility and it must remain invisible 99% of the time. If the damn thing makes sense, a programmer should have it learned inside of a week. If they have it learned then why would they need constant monitoring? Rather than catering to everyone by dictating everything (and then failing to do even that!), a coding standard should instead state a subset of common sense rules that everyone already uses. In otherwords, it should be almost utterly pointless to an experienced programmer. There’s already a good example of this. PHP-FIG has PSR-1. It’s basic, adheres to standard practice, and you’d have to be doing something completely weird to fail compliance. In other words, it’s perfect.

Beyond PSR-1, we then have PSR-2. Plug PSR-2 into PHP_CodeSniffer and a gateway to Hell will spawn. Most of the standard itself is actually quite logical. In fact, most of it is! The problem is when PSR-2 descends into seemingly trivial matters or omits specific use cases, and then implicitly demands total unquestioning obedience. The trivial matters are those that just never occur to me as being problematic (yes, that would be “opinion”) or which my editor does by default. The omissions are cases where PHP_CodeSniffer feels the need to fill in the blanks, or worse, where an interpretation of the existing wording is in doubt. Both fill my screen and CI reports with utter junk (which is more opinion).

Am I expected to waste my time fixing this junk? I don’t think so. I have better things to do like writing more code, more tests, more documentation, and more rants about the state of security in PHPland. Perhaps eating and sleeping in between ;) .

PSR-2 !== PSR-2

What h

Truncated by Planet PHP, read more at the original (another 4322 bytes)

Categories: Open Source, PHP Community

Managing Gettext Translations on Shared Hosting

Mon, 10/02/2014 - 19:00

If you’re working for a big company, chances there are that sooner or later your employers will start to target the global market. With this ambition will come the need to translate the company’s website into one or more languages. Even if you don’t work for a big company, you may have a new service to launch in your native language (assuming you’re not a native English speaker) to target your local market, and in English for the global one. As developers, our role isn’t to translate texts but to prepare the website to support translations. The most popular method to do that in PHP is via Gettext. It’s a great method because it allows to separate translations from the application, enabling the parallelization of the process. The problem with it, is that Apache caches the translations, so unless you can restart the engine, any update to a translation file won’t be seen. This fact is particularly annoying if you work on a shared hosting where you don’t have administrator permissions. In this article, I’ll describe this issue in detail and explain the solution I found to avoid it.

Note: If you aren’t familiar with the concepts of I18N, translations, and Gettext, I strongly encourage you to read this series before exploring this article further. It will provide you with more details than the brief overview you’ll find here, and will help you have a better comprehension of these topics.

Setting up the Environment

There a lot of ways to use translations in PHP. The simplest one I can recall is to have an associative array containing all the translated strings and then use the keys to retrieve the right. As you may guess, this solution doesn’t scale well and should be avoided unless you’re working on a very very small project (perhaps something not longer than 5 lines of code). For serious translations we can use Gettext. This approach enables us to have different files for every targeted language which helps in maintaining separation between the business logic, the presentation layer, and the translations (which we can see as an add-on of the presentation layer). With Gettext, we can parallelize the process because while we’re working on some features of the website, translators can still work on translations using software like Poedit.

Translations should be stored in a path having a fixed structure. First of all, we’ll have a root folder named to your taste (for example “languages”). Inside it, we have to create a folder for every targeted language whose name must comply to the ISO 3166 standard. So, valid names for an Italian translation can be “it_IT” (Italian of Italy), “it_CH” (Italian of Switzerland), “en_US” (English of USA), and so on. Within the folder having the language code, we must have a folder named “LC_MESSAGES” where, finally, we’ll store the translation files.

Poedit, analyzing the source of the website, extracts the strings to translate based on one or more patterns we set in the software. It saves the strings in a single file having .po (Portable Object) as its extention that this software (or one equivalent) will compile into binary .mo file. The latter is the format of interest for us and for the PHP’s gettext() function. The .mo file is the one we must place inside the “LC_MESSAGES” directory we created earlier.

A sample code that uses gettext() is the following (the code is commented to give you a quick grasp of what it does):

   // The name of the root folder containing the translation files
   $translationsPath = 'languages';
       // The language into which to translate
       $language = 'it_IT';
   // The name of the translation file (referred as domain in gettext)
   $domain = 'audero';

   // Instructs which language will be used for this session
   putenv("LANG=" . $language); 
       setlocale(LC_ALL, $language);

   // Sets the path for the current domain
   bindtextdomain($domain, $translationsPath);
   // Specifies the character encoding
   bind_textdomain_codeset($domain, 'UTF-8');

   // Choose domain

   // Call the gettext() function (it has an alias called _())
   echo gettext("HELLO_WORLD"); // equivalent to echo _("HELLO_WORLD");

Once you save the previous code in a page and load it in your browser, if gettext() is able to find the translation file, you’ll see the translations you made on the screen.

So far, so good. The bad news is that once a translation is loaded, Apache caches it. Therefore, unless we can restart the engine, any update to a tr

Truncated by Planet PHP, read more at the original (another 6688 bytes)

Categories: Open Source, PHP Community

Integrate Social Sign On in your PHP apps using HybridAuth

Mon, 10/02/2014 - 18:30
Integrating social sign-ons in a web application can become a tedious task because you need to take care of different endpoints, credentials and finally manage the oauth dance to get the access token. However, using HybridAuth package, this task can be easy as pie Let’s have a look In this example I will show you... Read More in Integrate Social Sign On in your PHP apps using HybridAuth
Categories: Open Source, PHP Community

PhpStorm – Top Productivity Hacks and Shortcuts

Sun, 09/02/2014 - 21:00

We all have our favorite IDEs/editors when coding. Mine is PhpStorm, and it took a while to master all its shortcuts and establish a rapid workflow. In this article, I’ll share some keyboard shortcuts and tips with you which you should make part of your regular routine if you, too, do your work in this IDE. This article was partially inspired by this Reddit thread, and will be mentioning and demonstrating some of the shortcuts found there as well.

Note that as I’m doing my development on Linux in a vagrant box hosted on Windows, I’ll be using CTRL instead of CMD. If you’re on OS X, just imagine it says CMD.

Keyboard shortcuts and hacks

PhpStorm’s high configurability (it’s almost an “Android” of the PHP IDE world) lets you fine tune it to infinity – you can make it into a tool so personal, it might seem like a different IDE to anyone opening your settings. Let’s see some shortcuts and hacks we can take advantage of:

  • CTRL + ALT + L, one of my most used keyboard combos, will immediately format your code according to the preferred style guidelines:

    What’s more, as you can see by the popup that appears in the animation above, you can choose to reformat your entire project. If you use this excessively and don’t often work on other people’s projects, you take it up another notch – bind a macro to the CTRL+S shortcut, and make PhpStorm automatically reformat your code on every manual save. Note, however, that if you’re working on a project with someone else, this might cause refactors in various files far too often, and pollute your version control system with changes that aren’t changes at all. If you’re on Linux, your CTRL+ALT+L shortcut might already be bound to “Lock Screen”, and you’ll need to unbind it from the system, or change it in PhpStorm’s settings.

  • Pressing CTRL+SHIFT+Backspace, or the “Forward” and “Back” buttons on your mouse if you have them, will walk you through your previous edit locations. This is very useful when dealing with large files and having to reference another part only to come back to the original to continue the work:

  • Holding down CTRL when hovering over variables or methods will give you their full names or locations of declaration, while CTRL+Clicking on a variable or method, or pressing CTRL+B when on a method’s call or on a variable will take you directly to where it’s defined:

  • CTRL+Space will summon a code hinting dialog, if you accidentally closed it or for some reason it didn’t open:

  • When PhpStorm detects some problems, it will underline the problematic area and summon a lightblub on top of it when you hover your mouse or keyboard cursor in that area. Clicking this light bulb or pressing ALT+Enter will suggest solutions – in any language. This can range from turning off error reports for suppressed notices (something I recommend against), to merging CSS rules:

  • CTRL+N and CTRL+SHIFT+N will let you instantly move to any part of any class or file in your entire project:

    The search is fuzzy, and also supports line numbers – you can use abbreviations followed by :XX where XX is the line number:

  • PhpStorm remembers multiple clipboard contents – you can press CTRL+SHIFT+V to summon a popup which lets you paste clipboard content that’s less recent than the latest.

  • If you’re in love with Sublime’s ability to search for commands of the IDE itself, you can do that too. CTRL+SHIFT+A will spawn a command search popup. Forgot how the code reformat shortcut goes? Just CTRL+SHIFT+A and type “refor..”:

Truncated by Planet PHP, read more at the original (another 9743 bytes)

Categories: Open Source, PHP Community

Sunshine PHP 2014

Sat, 08/02/2014 - 18:05

Due to uncertainties in my work schedule, I decided this year not to submit to the Sunshine PHP 2014 conference. However, the schedule turned out such that I was able to attend the conference. Many thanks to my awesome employer Blopboard for providing the time and funding to make this possible.

I was a speaker at the inaugural Sunshine PHP conference in 2013 and enjoyed that experience, but being able to just be an attendee this year was a nice change of pace. I’ve enjoyed the awesome content presented by excellent speakers.

With this year’s Sunshine PHP came a new member of the elePHPant family: Sonny, the yellow elePHPant. The process of obtaining your very own Sonny was a rather novel idea thought up by the hosts of Sunshine PHP. Attendees were given a bingo sheet where each space was branded for a sponsor and would visit the sponsor’s booth to get that space stamped. Once all spaces were stamped, you could turn in the bingo sheet to get Sonny.

In going through this process, I spoke with some very friendly guys at AppDynamics. I was able to learn more about their product, which is an alternative to the New Relic service I currently use at work for monitoring the performance of our product. I noted that AppDynamics isn’t currently listed in the Heroku add-on marketplace, but they clarified for me that it can still be installed on Heroku and pointed out related documentation.

The interaction was great and I’ll certainly be checking out the product further, but this quest to get Sonny is what instigated that conversation, which I think is awesome. Many thanks to Zend for sponsoring this fun activity within the conference.

Thanks to everyone who made Sunshine PHP a spectacular event to attend. I hope to see you again next year.

Sonny the yellow elePHPant


Categories: Open Source, PHP Community

SunshinePHP: Application Logic Security Slides

Fri, 07/02/2014 - 23:10
My slides from the "Application Logic Security" talk at SunshinePHP are now available here. If you've attended talk, I'd love to hear your feedback via Joind.In.
Categories: Open Source, PHP Community

The Pros and Cons of Zend Certification

Fri, 07/02/2014 - 19:00

As a PHP developer, you may have been asking yourself how to improve your skills, gain reputation or become more professional in your work. One of the ways of doing so is to get through a certification programme. The only one that covers PHP itself (not a particular framework or software solution) is being delivered by the Zend company. In the remainder of the article I will focus on this particular certificate and describe its advantages and disadvantages. At the end I will also mention some other certification programs that may be valuable to a PHP developer.

Please note that I’m not affiliated in any way with the companies that offer the certification programs described in the article.

Zend certification – general info

The Zend company offers the Zend Certified PHP Engineer certification programme which covers different areas of developing applications in PHP 5.5. The topics that you have to learn for the exam are grouped in several categories like PHP Basics, Object Oriented Programming, Security or Arrays. The company offers a course that prepares for the exam but it’s not mandatory. The exam itself may be taken in one of Pearson VUE Testing Centers which are available all over the world, so it probably won’t be difficult to find a testing center near your location. The cost of the exam is $195.

Possible benefits

1. A way of confirming your skills
Of course the basic goal of getting certified is to get a formal confirmation of your programming skills. After passing the exam you can describe yourself as a Zend Certified Engineer (e.g. in your CV) and you will be listed in the directory containing all of those who passed.

In my opinion, getting certified may be especially important if you’re an intermediate PHP developer and you want to distinguish yourself from beginners. As the exam itself isn’t simple, I think it will probably be too difficult for those who are just starting out. The exam covers different areas of PHP in a detailed way which probably won’t be necessary and will be too complex for newbies. On the other hand, it’s worth keeping in mind that advanced PHP programmers can prove their skills just by referring to their professional experience. The applications they have worked on in the past, the code they have written or their commitment to open source projects may be a more valuable proof of their skills than the certificate.

2. A way to review and extend your knowledge
If you plan to take the exam, you will certainly have to prepare for it. As it covers all of the PHP basic functionalities, the preparation for the exam may be a good way of learning different aspects of PHP or reviewing your knowledge.

When you started writing PHP applications, you probably went through some basic tutorials or a book or two. Then, as you were becoming more advanced, you read more on the topics that you needed to learn about. You searched the web looking for solutions to specific problems, you read different books and articles concerning the subjects you were working on. But have you done a course that covers all of the PHP concepts in a thorough way, from beginning to end? Probably not. That’s why the preparation for the PHP certification exam may be valuable. It may be an opportunity to review the knowledge in the areas that you are already familiar with and learn something new about the other topics you may have skipped.

The Zend certificate covers a lot of ground, from basic concepts like the syntax, operators or language constructs, to all of the different features of the PHP like working with files, string and array manipulation, handling sessions, cookies and form data etc. During the exam you may be also asked about databases and SQL, basics of HTTP requests or different data types (JSON, XML etc.). So if you want to get the certificate you will have to get familiar with all aspects of the language, not only the ones that are, for example, needed in your work right now. As a result, you may gain a wider perspective on PHP itself and find some tools or solutions that you didn’t know of before. You may also discover some areas that you are weak in and get motivated to work on them.

The drawbacks

1. The construction of some of the exam questions
The exam consists of about 70 questions. You can find sample questions on the Zend website to see how they are built. Some of them just ask you What will the following code produce? and contain a code sample that you

Truncated by Planet PHP, read more at the original (another 3732 bytes)

Categories: Open Source, PHP Community

Mockery 0.9.0 Has Landed…Mostly In One Piece!

Thu, 06/02/2014 - 22:28

The Enterprise ' s saucer section crash landing

The Enterprise ' s saucer section crash landing (Photo credit: Wikipedia)

I’m very happy to announce the release of Mockery 0.9.0.

Mockery is a simple yet flexible PHP mock object framework for use in unit testing with PHPUnit, PHPSpec or any other testing framework. Its core goal is to offer a test double framework with a succint API capable of clearly defining all possible object operations and interactions using a human readable Domain Specific Language (DSL). Designed as a drop in alternative to PHPUnit’s phpunit-mock-objects library, Mockery is easy to integrate with PHPUnit and can operate alongside phpunit-mock-objects without the World ending.

According to the number crunching machines over at VersionEye, Mockery is the 7th most referenced Composer package for PHP with 1,051 packages currently referencing Mockery as a development dependency. That is a great achievement and I appreciate the efforts of everyone who has taken the time to send in issues and pull requests.

Thanks to the efforts of Dave Marshall (@davedevelopment), who has taken point on Mockery for most of 2013, the new release improves stability, performance and compatibility with HHVM. I was going to trawl through the commits to write a summary of changes, but Dave was kind enough to do that for me too so here are the highlights. The new 0.9.0 release is now available on and through the PEAR channel.

Mocking Protected Methods

Contentious point for purists, but Mockery now allows you to mock protected methods, but it’s specifically opt-in. Its main use case will be shorthand for making fake derivatives of abstract classes.


require "vendor/autoload.php";

abstract class Foo
 public function bar()
 $res = $this->doBar();
 return $res * 2;

 abstract protected function doBar();

$foo = Mockery::mock("Foo")->makePartial()


echo $foo->bar(); // 256
Generator Rewrite

The code generation has been completely rewritten, it’s a little cleaner and has more unit tests. This new generator is now wrapped with a caching layer by default. This means that Mockery wont generate a new mock class if it’s already generated a suitable class.


$fooMock1 = Mockery::mock("Foo"); // generates a mock class deriving from Foo
$fooMock2 = Mockery::mock("Foo"); // re-uses the same mock class

$partialFoo = Mockery::mock("Foo[bar]"); // can't reuse class, so generates new

This brings significant performance boosts on larger suites, particularly with memory consumption. It’s not all that important to some, but I like a fast feedback loop and it will definitely help some people running their suites on travis with xdebug for coverage.

laravel/framework with Mockery 0.8.0 and Zend PHP 5.5.6
Time: 3.9 seconds, Memory: 276.50Mb

laravel/framework with Mockery 0.9.0 and Zend PHP 5.5.6
Time: 1.61 seconds, Memory: 66.50Mb

laravel/framework with Mockery 0.8.0 and Zend PHP 5.5.6 w/xdebug
Time: 5.96 seconds, Memory: 334.25Mb

laravel/framework with Mockery 0.9.0 and Zend PHP 5.5.6 w/xdebug
Time: 3.38 seconds, Memory: 74.00Mb

laravel/framework with Mockery 0.8.0 and HHVM
Time: 42.91 seconds, Memory: 388.57Mb

laravel/framework with

Truncated by Planet PHP, read more at the original (another 1621 bytes)

Categories: Open Source, PHP Community

PHP 5.4.25 Released!

Thu, 06/02/2014 - 02:00
The PHP development team announces the immediate availability of PHP 5.4.25. 5 bugs were fixed in this release. All PHP 5.4 users are encouraged to upgrade to this version. For source downloads of PHP 5.4.25 please visit our downloads page, Windows binaries can be found on The list of changes is recorded in the ChangeLog.
Categories: Open Source, PHP Community

Cursors in MySQL Stored Procedures

Wed, 05/02/2014 - 19:00

After my previous article on Stored Procedures was published on SitePoint, I received quite a number of comments. One of them suggested further elaboration on CURSOR, an important feature in Stored Procedures.

As cursors are a part of a Stored Procedure, we will elaborate a bit more on SP in this article as well. In particular, we will see how to return a dataset from an SP.

What is a CURSOR?

A cursor can’t be used by itself in MySQL. It is an essential component in stored procedures. I would be inclined to treat a cursor as a “pointer” in C/C++, or an iterator in PHP’s foreach statement.

With cursors, we can traverse a dataset and manipulate each record to accomplish certain tasks. When such an operation on a record can also be done in the PHP layer, it saves data transfer amounts as we can just return the processed aggregation/statistical result back to the PHP layer (thus eliminating the selectforeach – manipulation process at the client side).

Since a cursor is implemented in a stored procedure, it has all the benefits (and limitations) of an SP (access control, pre-compiled, hard to debug, etc).

The official documentation on cursors is located here. It contains only four commands that are related to cursor declaration, opening, closing, and fetching. As mentioned above, we will also touch on some other stored procedure statements. Let’s get started.

A real world question

My personal website has a page showing the scores of my favorite NBA team: LA Lakers. The table structure behind it is straightforward:

Fig 1. The Lakers matches status table structure

I have been updating this table since 2008. Some of the latest records showing Lakers’ 2013-14 season are shown below:

Fig 2. The Lakers matches status table data (partial) for 2013-2014 season

(I am using MySQL Workbench as the GUI tool to manage my MySQL databases. You can use your favorite tool.)

Well, I have to admit Lakers are not playing very well these days. 6 consecutive losses up to Jan 15th. I get this “6 consecutive losses” by manually counting from the last played match all the way up (towards earlier games) and see how long an “L” (meaning a loss) in winlose column can appear. This is certainly doable but if the requirement becomes more complicated in a larger table, it takes more time and is more error prone.

Can we do this with a single SQL statement? I am not an SQL expert and I haven’t been able to figure out how to achieve the desired result (“6 consecutive losses”) from one SQL statement. The input of gurus will be highly appreciated – leave it in the comments below.

Can we do this in PHP? Yes, of course. We can retrieve the game data (particularly, the winlose column) for current season and do a traverse on the records to calculate the current longest win/lose streak. But to do that, we will have to grab all data for that year and most of the data will be wasted (as it is not likely for a team to have a win/lose streak for more than 20+ games in a 82-game regular season). However, we don’t know how many records should be retrieved into PHP to determine the streak, so this waste is a must. And finally, if the current win/lose streak is the only thing we want to know from that table, why pull all the raw data?

Can we do this via other means? Yes, it is possible. For example, we can create a redundant table specifically designed to store the current win/lose streak. Every insertion of the record will update that table too. But this is way too cumbersome and too error prone.

So, what is a better way to achieve this result?

Using Cursor in a Stored Procedure

As the name of this article suggests, we will see a better alternative (in my view) to solve this problem: using cursor in a Stored Procedure.

Let’s create the first SP in MySQL Workbench as follows:



Truncated by Planet PHP, read more at the original (another 19617 bytes)

Categories: Open Source, PHP Community

4 Reasons Why All PHP Frameworks Suck?

Wed, 05/02/2014 - 10:30
By Manuel Lemos
Recently, Rasmus Lerdorf, the creator of PHP, stated in a PHP frameworks conference that all PHP frameworks suck.

He also answered several interesting questions about the present and future solutions in PHP 7 or beyond.

Read this article to learn more about Rasmus said and the what it means for the way you develop PHP now and in the future.
Categories: Open Source, PHP Community

PHP 5.5.9 is ready for download

Wed, 05/02/2014 - 02:00
The PHP development team announces the immediate availability of PHP 5.5.9. This release fixes several bugs against PHP 5.5.8. For source downloads of PHP 5.5.9 please visit our downloads page, Windows binaries are located on The list of changes can be found in the ChangeLog.
Categories: Open Source, PHP Community

Parallelization monster framework for Pentaho Kettle

Tue, 04/02/2014 - 16:46
We always end up with ROFL in our team, when trying to find a name for strange looking ETL processes diagrams. This monster has no name yet:

This is a parallelization framework for Pentaho Kettle 4.x. As you probably know in the upcoming version of Kettle (5.0) there's native ability to launch job entries in parallel, but we haven't got there yet.

In order to run a job in parallel, you have to call this abstract monster job, and provide it with 3 parameters:

  • Path to your job (which is supposed to run in parallel).
  • Number of threads (concurrency level).
  • Optional flag that says whether to wait for completion of all jobs or not.
Regarding the number of threads, as you can see the framework supports up to 8 threads, but it can be easily extended.

How this stuff works. "Thread #N" transformations are executed in parallel on all rows copies. Rows are split then, and filtered in these transformations by the given number of threads, so only a relevant portion of rows is passed to the needed job (Job - Thread #N). For example, if the original row set was:

           ["Apple", "Banana", "Orange", "Lemon", "Cucumber"]

and the concurrency level was 2, then the first job (Job - Thread #1) will get the ["Apple", "Banana", "Orange"] and the second job will get the rest: ["Lemon", "Cucumber"]. All the other jobs will get an empty row set.

Finally, there's a flag which tells whether we should wait until all jobs are completed.

I hope one will find attached transformations useful. And if not, at least help me find a name for the ETL diagram. Fish, maybe? :)

Categories: Open Source, PHP Community

It’s the Booze Talking #5: Core Developers

Tue, 04/02/2014 - 16:27

Recorded live at ZendCon 2013.

Show Notes:

Categories: Open Source, PHP Community

Understanding Valgrind errors (1)

Tue, 04/02/2014 - 11:22
Understanding Valgrind errors (1)

While debugging segmentation faults (crashes) in PHP and its extensions, I often use Valgrind to assist me finding the root cause. Valgrind is an instrumentation framework for building dynamic analysis tools. It contains several tools, and its Memcheck tool is the one that detects memory-management problems. Memcheck is really valuable for C and C++ developers and something you should learn, especially when you write PHP extensions.

Memcheck's error messages can sometimes be difficult to understand, so with this (infrequent series), I hope to shed some light on it.

Let's have a look at the following Valgrind error output, which I encountered while debugging issue PHP-963 of the MongoDB driver for PHP:

==18500== Invalid read of size 8
==18500==    at 0xC5FB7F1: zim_MongoCursor_info (cursor.c:866)
==18500==    by 0x9AF93F: execute_internal (zend_execute.c:1480)
==18500==    by 0xBF1B8FD: xdebug_execute_internal (xdebug.c:1565)
==18500==    by 0x9B0715: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:645)
==18500==    by 0x9B0D88: ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (zend_vm_execute.h:756)
==18500==    by 0x9AFCAA: execute (zend_vm_execute.h:410)
==18500==    by 0xBF1B47C: xdebug_execute (xdebug.c:1453)
==18500==    by 0x976CC6: zend_execute_scripts (zend.c:1315)
==18500==    by 0x8F3340: php_execute_script (main.c:2502)
==18500==    by 0xA172B9: do_cli (php_cli.c:989)
==18500==    by 0xA1825E: main (php_cli.c:1365)
==18500==  Address 0x38 is not stack'd, malloc'd or (recently) free'd

An Invalid read means that the memory location that the process was trying to read is outside of the memory addresses that are available to the process. size 8 means that the process was trying to read 8 bytes. On 64-bit platforms this could be a pointer, but also for example a long int.

The last line of the error report says Address 0x38 is not stack'd, malloc'd or (recently) free'd, which means that the address that the process was trying to read 8 bytes from starts at 0x38. The line also says that the address is unavailable through stack space, heap space (malloc), or that it was recently a valid memory location.

A very low address, such as 0x38 (56 in decimal), combined with size 8 often indicates that you tried to dereference an element of a struct which was pointed to by a NULL pointer.

When I checked line 866 of cursor.c I saw:

add_assoc_string(return_value, "server", cursor->connection->hash, 1);

cursor is a struct of type mongo_cursor which is defined as:

typedef struct {
        zend_object std;

        /* Connection */
        mongo_connection *connection;
} mongo_cursor;

The zend_object std; is a general struct that is part of every overloaded object (overloaded in the PHP Internals sense) and contains four pointers that make up the first 32 bytes. This means that connection starts at offset 32.

The connection member is a struct of type mongo_connection that is defined as:

typedef struct _mongo_connection
        time_t last_ping;         //  0
        int    ping_ms;           //  4
        int    last_ismaster;     //  8
        int    last_reqid;        // 16
        void  *socket;            // 24
        int    connection_type;   // 32
        int    max_bson_size;     // 36
        int    max_message_size;  // 40
        int    tag_count;         // 44
        char **tags;              // 48
        char  *hash;              // 56
        mongo_connection_deregister_callback *cleanup_list; // 64
} mongo_connection;

I've added the offsets as they are on a 64-bit platform as comments.

In C the code cursor->connection->hash gets converted to an address as follows:

  1. Take the address in cursor

  2. Find the offset for the connection member (32)

  3. Find the address that is stored at offset 32 (In my example, that'd be NULL)

  4. Find the off

Truncated by Planet PHP, read more at the original (another 1031 bytes)

Categories: Open Source, PHP Community

Understanding Symfony Bundle Configuration and Service Container

Mon, 03/02/2014 - 19:00

In this post we’ll cover different ways on how to configure Bundles in Symfony2 and how the dependency injection container works with the configuration. The Bundle configuration and Symfony dependency injection container (also known as service container) can be difficult concepts to grasp when first starting development with Symfony2, especially if dependency injection is not a familiar concept beforehand. Bundle configuration can also be a little bit confusing, since there are multiple ways to do it and the best approach depends on the situation.

All of the configuration examples in this post are in YAML. Symfony also supports other configuration formats (XML and PHP array) and they are valid options. I am used to working with YAML because I think it’s more readable than XML, but you do get the benefit of schema validation when using XML. The choice of the configuration format is up to you (or your project team) and there is no right or wrong option here. Just use the one you feel most comfortable with.

Bundle creation

A Bundle is a directory containing a set of files (PHP files, stylesheets, JavaScripts, images, …) that implement a single feature (a blog, a forum, etc). In Symfony2, (almost) everything lives inside a bundle.

or, in other words, from the docs

A bundle is similar to a plugin in other software, but even better. The key difference is that everything is a bundle in Symfony2, including both the core framework functionality and the code written for your application. Bundles are first-class citizens in Symfony2. This gives you the flexibility to use pre-built features packaged in third-party bundles or to distribute your own bundles. It makes it easy to pick and choose which features to enable in your application and to optimize them the way you want.

When you create a new bundle, either by auto-generating it (php app/console generate:bundle --namespace=Acme/TestBundle) or manually, you need the BundleNameBundle.php file at the root directory of the bundle. The class in this file, while mostly empty, extends the Symfony core Symfony\Component\HttpKernel\Bundle\Bundle class and it is what you need to register in the AppKernel registerBundles method. When the kernel boots, it creates instances of each bundle and loads the container extension of each bundle (using methods in the parent Bundle class). The container extension is the class in BundleNameExtension.php file inside the DependencyInjection folder of the bundle. The container extension class loads and manages the bundle configuration. The whole extension class is optional and the bundle will work without it, but it’s good to know how things work to better understand the configuration system.

Loading the bundle configuration, the easy way

As I stated above, the extension class is optional and there are other ways to configure a bundle. The simplest form of bundle configuration is to configure the parameters and services inside the application’s main configuration file (app/config/config.yml). This is a totally valid option, although you need to understand the implications of this to better understand when this really is appropriate. Having bundle configuration in the main config file makes your bundle tightly coupled to the current application, and therefore not very portable. This might be okay, if the bundle doesn’t have many services or parameters and you know it will be used only in the current application. This said, I really don’t recommend using this approach even then, because things tend to change and more configuration might be needed later on and other developers will probably look for the configuration inside the bundle.

Another simple method is to have a separate configuration file inside the bundle (Resources/config/services.yml for example) and import it in the main configuration. At the beginning of config.yml there are usually some imports already, so all you need to do is add one more import to the list that points to your bundle configuration file. Note, the path is relative to the main config file. Here is a small example:

    - { resource: parameters

Truncated by Planet PHP, read more at the original (another 27394 bytes)

Categories: Open Source, PHP Community

“Page Script” As A Degenerate Controller

Mon, 03/02/2014 - 17:51

I read a good conversation on Reddit last week titled Thoughts on MVC vs. Pages for Everything?. Short version: the OP asks about the advantges of using a formalized model-view-controller system vs a series of typical PHP page scripts. The entire discussion is worth reading.

As the author of a book on modernizing legacy applications in PHP, this is a topic I am very familiar with. Almost all of the legacy applications I’ve had to deal with were page-based. In doing the work to modernize them, there comes a time where the page script has been refactored to look very much like a page controller, with some distinct but not critical differences. As such, I have come to consider the typical PHP page script to be a degenerate form of a page controller. With a little imagination, I think it’s easy to see why.

First, recall the basic operational cycle of almost every PHP framework ever, including the micro-frameworks:

  • a bootstrap index.php file that does some setup work, which hands off to …

  • a front-controller (typically a router/dispatch system) which picks …

  • a page controller or action method that calls services and collates the results into a data structure, which is passed to …

  • a view layer that renders the results for the client.

(In an earlier version of this dispatch cycle I split “page controller” and “action method” into two separate steps, and in many cases they may still be two separate steps.)

When we look at this cycle, it’s not so hard to envision a plain PHP script doing the same things. The web server itself becomes a simplified front controller+router+dispatcher, picking the “controller” (page script) to run based on the URL path mapped to the file system. After that the work is exactly the same, albeit combined into a single blob of code.

Even then, the page script can keep itself in good order by using service objects instead of embedding all the logic in one place. It should be easy to imagine converting a page script that combines the setup, data retrieval, data manipulation, and data output concerns as a blob of intermingled code, into something more like the following, where the concerns are in blocks:

// config, global vars, autoloader, etc
require_once '../setup.php';

// dependencies
$request = new Request($GLOBALS);
$response = new Response($GLOBALS);
$db = new Database($user, $pass, $host);
$service = new Service($db);
$view = new View;

// data retrieval
$page_number = (int) $request->get('page', 1);
$records = $service->fetchPage($page_number);

// data rendering
$view->assign('records', $records);
$content = $view->render();

// send back to client

That page script is not wildly different from what goes on inside a formal MVC framework. Yes, there are still some legacy elements. These include the global require setup at the top, the use of query parameters instead of path-info parameters, and the lack of a formal DI container (although for scripts like this a container proper might be overkill at the start).

On the other hand, most of the work is being done in classes and objects, not embeddded directly in the page script itself, just as you would see in a formal controller class method. These support classes and objects are independently testable; only the page script “controller” itself is not. But be honest here: of all the formal controller methods you have seen in the wild, how many were independently testable? My guess is “not many.”

Once we have refactored a page script to something like the above form, it becomes a lot easier to see how we might convert this degenerate controller over to a formal MVC framework with even further separation of concerns.


Are you overwhelmed by a legacy application full of page scripts, spaghetti includes, and global variables? Do you want to improve the quality of the code, but don’t know where to begin or how to proceeed?

My new book, Modernizing Legacy Applications in PHP, gives step-by-step instructions on how to get your code under control and keep your application running the whole time.

Buy the early access version now and get free updates as it is completed, or sign up on the mailing list below for more information and a free sample chapter.


Truncated by Planet PHP, read more at the original (another 1722 bytes)

Categories: Open Source, PHP Community

Collecting performance data with varnish and statsd

Mon, 03/02/2014 - 09:01

One of our currently bigger projects is soon going online and one part of it is an API, which only delivers JSON and XML to a lot of possible clients. To speed things up, we use varnish in front of the application (a lot of requests are easily cacheable, since they only change once a day at most). We also use HHVM for some of the requests, for now just the ones which will have many misses (from livesearch requests for example). We don’t dare yet to use HHVM for all requests, we’d like to gather some experience first with it.

One important task for such a project is to monitor the performance of the application. We usually use New Relic for that, but there’s no New Relic for HHVM (yet), so we had to look into other solutions.

Since varnish is the entry point for all requests, be it PHP or HHVM or another backend, we searched for possibilities there. We found 2 vmods, libvmod-timers and libvmod-statsd, which make that possible.

Collecting response time and number of requests

It needs a statsd and a backend for collecting the data. We decided to test librato as the backend as we have heard good things about it (btw, if you have to configure many metrics in librato with the same attributes all over, use the API of librato, it's more powerful than their webfrontend and you can script it for later new metrics)

This setup allows us to collect detailed data about the performance of the different backends (and also monitor for example if there are too many 500 answers)

Compared to the examples in the blog posts about the vmods, I made some small changes, to get the correct data for us.

To be sure our API is "always" up, we use the fallback director of varnish, especially for the HHVM part (we have much more experience in running a PHP server than a HHVM, that's why). It looks like the following

director hhvm_api_fallback fallback {
  { .backend = hhvm_api; }
  { .backend = php_api; } // will only be used if hhvm_api is unhealthy.

This means, that varnish will normally use the hhvm_api backend, but if that is down, it will use the php_api backend. They run on the same server, but listen on different ports (of course, the whole thing is loadbalanced in front of it to have less single point of failures)

As we only route some requests to the hhvm_api, we have the following in vcl_recv:

if (req.url ~ "^/things.json?.*search=" ) {
    set req.backend = hhvm_api_fallback;

We can then later extend that URL matcher to include more requests.

The example of the author of the vmods uses req.http.X-Request-Backend for reporting which backend was used with statsd. Since with the fallback director defined above that is always hhvm_api_fallback, no matter which backend was used and we wanted to know when the fallback uses php_api instead of hhvm_api, we added the following to vcl_fetch:

set req.http.X-Stats-Backend =;

Now the backend that is actually used is reported later (at least for misses, for hits it's still hhvm_api_fallback, but that is ok, since it didn't use any backend at all, wthough I'm sure this could be changed as well somehow with some header trickery in the vcl).

The librato backend seems also to interpret some stats differently than for example the default graphite backend in statsd. Therefore we used the the following lines in vcl_deliver for sending the values to statsd:

### Key to use for statsd. Something like: config.hit.200
set req.http.X-Stats-Key =
    req.http.X-Stats-Backend + "." +
    req.http.X-Stats-HitMiss + "." +

### Increment the amount of requests here, and how long this 
### particular backend took.
statsd.incr(   req.http.X-Stats-Key + ".count");
statsd.timing( req.http.X-Stats-Key + ".time", timers.req_response_time() );

We basically added .count and .time to the key as librato gets confuesd if you use the same key for counters and timers.

With this data we can now plot graphs for each backend and each request type in librato. We immediatly see, if there are problems (for example too many non-200 responses or if one backend is slower than expected). We also can compare hits vs misses and collect the load of the servers with collectd.


Truncated by Planet PHP, read more at the original (another 2850 bytes)

Categories: Open Source, PHP Community