From 6ffa3013994a19f715973c63d7f71b55837bb43b Mon Sep 17 00:00:00 2001 From: Vladimir Kovpak Date: Sun, 15 Mar 2015 01:31:17 +0200 Subject: [PATCH 01/65] Add information about SOLID. --- _posts/06-03-01-Complex-Problem.md | 32 ++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/_posts/06-03-01-Complex-Problem.md b/_posts/06-03-01-Complex-Problem.md index 0d6f907..1ab6c12 100644 --- a/_posts/06-03-01-Complex-Problem.md +++ b/_posts/06-03-01-Complex-Problem.md @@ -22,9 +22,37 @@ instead of loosening dependencies, this method simply moved them. Dependency Injection allows us to more elegantly solve this problem by only injecting the dependencies we need, when we need them, without the need for any hard coded dependencies at all. -### Dependency Inversion Principle +### SOLID -Dependency Inversion Principle is the "D" in the S.O.L.I.D set of object oriented design principles that states one +#### Single responsibility principle + +It's very helpful principle because it improve code reusability and +states that every class should have responsibility over a single part of the functionality provided by the software. +Your class should do just one thing and no more. And you can use it in any place of program without changing it. + +#### Open/closed principle + +States that classes should be open for extension, but closed for modification. +it's very important and helpful especially in production, +because it provides ability to change program behaviour without changing source code. + +#### Liskov substitution principle + +This principle extends previous principle, and states +if S is a subtype of T, then objects of type T in a program may be replaced with objects of type S +without altering any class of the program. +That's amazing principle provides ability to build very flexible and easily configurable programs +because when you change one object to another you don't need to change anything in your program. + +#### Interface segregation principle + +Splits interfaces which are very large into smaller and more specific ones. +It provides to work in each time only with methods that interesting for client, +and facilitate conceptual explanation of the code. + +#### Dependency Inversion Principle + +Dependency Inversion Principle set of object oriented design principles that states one should *"Depend on Abstractions. Do not depend on concretions."*. Put simply, this means our dependencies should be interfaces/contracts or abstract classes rather than concrete implementations. We can easily refactor the above example to follow this principle. From d57d2f142f8d48737055228136bdd88f13457bd2 Mon Sep 17 00:00:00 2001 From: Ryan Parman Date: Sun, 4 Oct 2015 12:50:22 -0700 Subject: [PATCH 02/65] Expanded and clarified the language around SOLID principles. --- _posts/06-03-01-Complex-Problem.md | 69 +++++++++++++++++++----------- 1 file changed, 44 insertions(+), 25 deletions(-) diff --git a/_posts/06-03-01-Complex-Problem.md b/_posts/06-03-01-Complex-Problem.md index 1ab6c12..61aecc8 100644 --- a/_posts/06-03-01-Complex-Problem.md +++ b/_posts/06-03-01-Complex-Problem.md @@ -15,47 +15,66 @@ separate from our objects. In terms of Dependency Injection, this means loosenin instantiating them elsewhere in the system. For years, PHP frameworks have been achieving Inversion of Control, however, the question became, which part of control -are you inverting, and where to? For example, MVC frameworks would generally provide a super object or base controller +are we inverting, and where to? For example, MVC frameworks would generally provide a super object or base controller that other controllers must extend to gain access to its dependencies. This **is** Inversion of Control, however, instead of loosening dependencies, this method simply moved them. Dependency Injection allows us to more elegantly solve this problem by only injecting the dependencies we need, when we need them, without the need for any hard coded dependencies at all. -### SOLID +### S.O.L.I.D. -#### Single responsibility principle +#### Single Responsibility Principle -It's very helpful principle because it improve code reusability and -states that every class should have responsibility over a single part of the functionality provided by the software. -Your class should do just one thing and no more. And you can use it in any place of program without changing it. +The Single Responsibility Principle is about actors and high-level architecture. It states that “A class should have +only one reason to change.” This means that every class should _only_ have responsibility over a single part of the +functionality provided by the software. The largest benefit of this approach is that it enables improved code +_reusability_. By designing our class to do just one thing, we can use (or re-use) it in any other program without +changing it. -#### Open/closed principle +#### Open/Closed Principle -States that classes should be open for extension, but closed for modification. -it's very important and helpful especially in production, -because it provides ability to change program behaviour without changing source code. +The Open/Closed Principle is about class design and feature extensions. It states that “Software entities (classes, +modules, functions, etc.) should be open for extension, but closed for modification.” This means that we should design +our modules, classes and functions in a way that when a new functionality is needed, we should not modify our existing +code but rather write new code that will be used by existing code. Practically speaking, this means that we should write +classes that implement and adhere to _interfaces_, then type-hint against those interfaces instead of specific classes. -#### Liskov substitution principle +The largest benefit of this approach is that we can very easily extend our code with support for something new without +having to modify existing code, meaning that we can reduce QA time, and the risk for negative impact to the application +is substantially reduced. We can deploy new code, faster, and with more confidence. -This principle extends previous principle, and states -if S is a subtype of T, then objects of type T in a program may be replaced with objects of type S -without altering any class of the program. -That's amazing principle provides ability to build very flexible and easily configurable programs -because when you change one object to another you don't need to change anything in your program. +#### Liskov Substitution Principle -#### Interface segregation principle +The Liskov Substitution Principle is about subtyping and inheritance. It states that “Child classes should never break +the parent class’ type definitions.” Or, in Robert C. Martin’s words, “Subtypes must be substitutable for their base +types.” -Splits interfaces which are very large into smaller and more specific ones. -It provides to work in each time only with methods that interesting for client, -and facilitate conceptual explanation of the code. +For example, if we have a `FileInterface` interface which defines an `embed()` method, and we have `Audio` and `Video` +classes which both implement the `embed()` method, then we can expect that the usage of the `embed()` method will always +do the thing that we intend. If we later create a `PDF` class or a `Gist` class which implement the `FileInterface` +interface, we will already know and understand what the `embed()` method will do. The largest benefit of this approach +is that we have the ability to build flexible and easily-configurable programs, because when we change one object of a +type (e.g., `FileInterface`) to another we don't need to change anything else in our program. + +#### Interface Segregation Principle + +The Interface Segregation Principle (ISP) is about _business-logic-to-clients_ communication. It states that “No client +should be forced to depend on methods it does not use.” This means that instead of having a single monolithic interface +that all conforming classes need to implement, we should instead provide a set of smaller, concept-specific interfaces +that a conforming class implements one or more of. + +For example, a `Car` or `Bus` class would be interested in a `steeringWheel()` method, but a `Motorcycle` or `Tricycle` +class would not. Conversely, a `Motorcycle` or `Tricycle` class would be interested in a `handlebars()` method, but a +`Car` or `Bus` class would not. There is no need to have all of these types of vehicles implement support for both +`steeringWheel()` as well as `handlebars()`, so we should break-apart the source interface. #### Dependency Inversion Principle -Dependency Inversion Principle set of object oriented design principles that states one -should *"Depend on Abstractions. Do not depend on concretions."*. Put simply, this means our dependencies should be -interfaces/contracts or abstract classes rather than concrete implementations. We can easily refactor the above example -to follow this principle. +The Dependency Inversion Principle is about removing hard-links between discrete classes so that new functionality can +be leveraged by passing a different class. It states that one should *"Depend on Abstractions. Do not depend on +concretions."*. Put simply, this means our dependencies should be interfaces/contracts or abstract classes rather than +concrete implementations. We can easily refactor the above example to follow this principle. {% highlight php %} Date: Tue, 25 Oct 2016 02:06:14 +0200 Subject: [PATCH 03/65] Add Arabic translation to README and sync translations --- README.md | 1 + _includes/welcome.md | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cae591c..b372de6 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,7 @@ developers know where to find good information! * [English](http://www.phptherightway.com) +* [Arabic](https://adaroobi.github.io/php-the-right-way/) * [Bulgarian](http://bg.phptherightway.com) * [Chinese (Simplified)](http://laravel-china.github.io/php-the-right-way/) * [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) diff --git a/_includes/welcome.md b/_includes/welcome.md index b074bdd..6b9889d 100644 --- a/_includes/welcome.md +++ b/_includes/welcome.md @@ -21,6 +21,7 @@ and examples as they become available. _PHP: The Right Way_ is translated into many different languages: * [English](http://www.phptherightway.com) +* [Arabic](https://adaroobi.github.io/php-the-right-way/) * [Bulgarian](http://bg.phptherightway.com/) * [Chinese (Simplified)](http://laravel-china.github.io/php-the-right-way/) * [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) @@ -41,7 +42,6 @@ _PHP: The Right Way_ is translated into many different languages: * [Thai](https://apzentral.github.io/php-the-right-way/) * [Turkish](http://hkulekci.github.io/php-the-right-way/) * [Ukrainian](http://iflista.github.com/php-the-right-way/) -* [العربية](https://adaroobi.github.io/php-the-right-way/) ## How to Contribute From 551300ebb20a3564bf5e5a11c50f13aff7e0888e Mon Sep 17 00:00:00 2001 From: Igor Santos Date: Thu, 17 Nov 2016 04:28:54 -0200 Subject: [PATCH 04/65] Proof-writing the i18n chapter, against [Grammarly](http://gram.ly/tYyH) --- ...1-Internationalization-and-Localization.md | 111 +++++++++--------- 1 file changed, 56 insertions(+), 55 deletions(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index c52b3a9..9981f28 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -12,27 +12,27 @@ words - in our case, internationalization becomes i18n and localization, l10n._ First of all, we need to define those two similar concepts and other related things: - **Internationalization** is when you organize your code so it can be adapted to different languages or regions -without refactorings. This is usually done once - preferably, in the beginning of the project, or else you'll probably -need some huge changes in the source! +without refactorings. This action is usually done once - preferably, at the beginning of the project, or else you will +probably need some huge changes in the source! - **Localization** happens when you adapt the interface (mainly) by translating contents, based on the i18n work done before. It usually is done every time a new language or region needs support and is updated when new interface pieces are added, as they need to be available in all supported languages. -- **Pluralization** defines the rules needed between different languages to interoperate strings containing numbers and -counters. For instance, in English when you have only one item, it's singular, and anything different from that is +- **Pluralization** defines the rules required between distinct languages to interoperate strings containing numbers and +counters. For instance, in English when you have only one item, it is singular, and anything different from that is called plural; plural in this language is indicated by adding an S after some words, and sometimes changes parts of it. In other languages, such as Russian or Serbian, there are two plural forms in addition to the singular - you may even find languages with a total of four, five or six forms, such as Slovenian, Irish or Arabic. ## Common ways to implement The easiest way to internationalize PHP software is by using array files and using those strings in templates, such as -`

`. This is, however, hardly a recommended way for serious projects, as it poses +`

`. This way is, however, hardly recommended for serious projects, as it poses some maintenance issues along the road - some might appear in the very beginning, such as pluralization. So, please, don't try this if your project will contain more than a couple of pages. The most classic way and often taken as reference for i18n and l10n is a [Unix tool called `gettext`][gettext]. It dates -back to 1995 and is still a complete implementation for translating software. It is pretty easy to get running, while -it still sports powerful supporting tools. It's about Gettext we will be talking here. Also, to help you not get messy -over the command-line, we will be presenting a great GUI application that can be used to easily update your l10n source +back to 1995 and is still a complete implementation for translating software. It is easy enough to get running, while +it still sports powerful supporting tools. It is about Gettext we will be talking here. Also, to help you not get messy +over the command-line, we will be presenting a great GUI application that can be used easily update your l10n source files. ### Other tools @@ -43,8 +43,8 @@ PHP core, but here we list others for completion: - [oscarotero/Gettext][oscarotero]: Gettext support with an OO interface; includes improved helper functions, powerful extractors for several file formats (some of them not supported natively by the `gettext` command), and can also export -to other formats besides `.mo/.po` files. Can be useful if you need to integrate your translation files into other parts -of the system, like a JavaScript interface. +to other formats besides `.mo/.po` files. Can be useful if you need to integrate your translation files into other +parts of the system, like a JavaScript interface. - [symfony/translation][symfony]: supports a lot of different formats, but recommends using verbose XLIFF's. Doesn't include helper functions nor a built-in extractor, but supports placeholders using `strtr()` internally. - [zend/i18n][zend]: supports array and INI files, or Gettext formats. Implements a caching layer to save you from @@ -52,6 +52,7 @@ reading the filesystem every time. It also includes view helpers, and locale-awa However, it has no message extractor. Other frameworks also include i18n modules, but those are not available outside of their codebases: + - [Laravel] supports basic array files, has no automatic extractor but includes a `@lang` helper for template files. - [Yii] supports array, Gettext, and database-based translation, and includes a messages extractor. It is backed by the [`Intl`][intl] extension, available since PHP 5.3, and based on the [ICU project]; this enables Yii to run powerful @@ -68,7 +69,7 @@ After installed, enable it by adding `extension=gettext.so` (Linux/Unix) or `ext your `php.ini`. Here we will also be using [Poedit] to create translation files. You will probably find it in your system's package -manager; it's available for Unix, Mac, and Windows, and can be [downloaded for free on their website][poedit_download] +manager; it is available for Unix, Mac, and Windows, and can be [downloaded for free on their website][poedit_download] as well. ### Structure @@ -76,31 +77,31 @@ as well. #### Types of files There are three files you usually deal with while working with gettext. The main ones are PO (Portable Object) and MO (Machine Object) files, the first being a list of readable "translated objects" and the second, the corresponding -binary to be interpreted by gettext when doing localization. There's also a POT (Template) file, that simply contains +binary to be interpreted by gettext when doing localization. There's also a POT (Template) file, which simply contains all existing keys from your source files, and can be used as a guide to generate and update all PO files. Those template -files are not mandatory: depending on the tool you're using to do l10n, you can go just fine with only PO/MO files. -You'll always have one pair of PO/MO files per language and region, but only one POT per domain. +files are not mandatory: depending on the tool you are using to do l10n, you can go just fine with only PO/MO files. +You will always have one pair of PO/MO files per language and region, but only one POT per domain. ### Domains There are some cases, in big projects, where you might need to separate translations when the same words convey -different meaning given a context. In those cases, you split them into different _domains_. They're basically named +different meaning given a context. In those cases, you split them into different _domains_. They are, basically, named groups of POT/PO/MO files, where the filename is the said _translation domain_. Small and medium-sized projects usually, for simplicity, use only one domain; its name is arbitrary, but we will be using "main" for our code samples. In [Symfony] projects, for example, domains are used to separate the translation for validation messages. #### Locale code -A locale is simply a code that identifies one version of a language. It's defined following the [ISO 639-1][639-1] and +A locale is simply a code that identifies one version of a language. It is defined following the [ISO 639-1][639-1] and [ISO 3166-1 alpha-2][3166-1] specs: two lower-case letters for the language, optionally followed by an underline and two upper-case letters identifying the country or regional code. For [rare languages][rare], three letters are used. For some speakers, the country part may seem redundant. In fact, some languages have dialects in different countries, such as Austrian German (`de_AT`) or Brazilian Portuguese (`pt_BR`). The second part is used to distinguish -between those dialects - when it's not present, it's taken as a "generic" or "hybrid" version of the language. +between those dialects - when it is not present, it is taken as a "generic" or "hybrid" version of the language. ### Directory structure -To use Gettext, we will need to adhere to a specific structure of folders. First, you'll need to select an arbitrary -root for your l10n files in your source repository. Inside it, you'll have a folder for each needed locale, and a fixed -`LC_MESSAGES` folder that will contain all your PO/MO pairs. Example: +To use Gettext, we will need to adhere to a specific structure of folders. First, you will need to select an arbitrary +root for your l10n files in your source repository. Inside it, you will have a folder for each needed locale, and a +fixed `LC_MESSAGES` folder that will contain all your PO/MO pairs. Example: {% highlight console %} @@ -128,9 +129,9 @@ root for your l10n files in your source repository. Inside it, you'll have a fol ### Plural forms As we said in the introduction, different languages might sport different plural rules. However, gettext saves us from -this trouble once again. When creating a new `.po` file, you'll have to declare the [plural rules][plural] for that +this trouble once again. When creating a new `.po` file, you will have to declare the [plural rules][plural] for that language, and translated pieces that are plural-sensitive will have a different form for each of those rules. When -calling Gettext in code, you'll have to specify the number related to the sentence, and it will work out the correct +calling Gettext in code, you will have to specify the number related to the sentence, and it will work out the correct form to use - even using string substitution if needed. Plural rules include the number of plurals available and a boolean test with `n` that would define in which rule the @@ -144,13 +145,13 @@ Now that you understood the basis of how plural rules works - and if you didn't, on the [LingoHub tutorial](lingohub_plurals) -, you might want to copy the ones you need from a [list][plural] instead of writing them by hand. -When calling out Gettext to do localization on sentences with counters, you'll have to give him the +When calling out Gettext to do localization on sentences with counters, you will have to give him the related number as well. Gettext will work out what rule should be in effect and use the correct localized version. You will need to include in the `.po` file a different sentence for each plural rule defined. ### Sample implementation After all that theory, let's get a little practical. Here's an excerpt of a `.po` file - don't mind with its format, -but instead the overall content, you'll learn how to edit it easily later: +but with the overall content instead; you will learn how to edit it easily later: {% highlight po %} msgid "" @@ -159,7 +160,7 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -msgid "We're now translating some strings" +msgid "We are now translating some strings" msgstr "Nós estamos traduzindo algumas strings agora" msgid "Hello %1$s! Your last visit was on %2$s" @@ -179,11 +180,11 @@ translation may contain the user name and visit date. The last section is a sample of pluralization forms, displaying the singular and plural version as `msgid` in English and their corresponding translations as `msgstr` 0 and 1 (following the number given by the plural rule). There, string replacement is used as well so the number can be seen -directly in the sentence, by using `%d`. The plural forms always have two `msgid` (singular and plural), so it's -advised to not use a complex language as the source of translation. +directly in the sentence, by using `%d`. The plural forms always have two `msgid` (singular and plural), so it is +advised not to use a complex language as the source of translation. ### Discussion on l10n keys -As you might have noticed, we're using as source ID the actual sentence in English. That `msgid` is the same used +As you might have noticed, we are using as source ID the actual sentence in English. That `msgid` is the same used throughout all your `.po` files, meaning other languages will have the same format and the same `msgid` fields but translated `msgstr` lines. @@ -195,7 +196,7 @@ Talking about translation keys, there are two main "schools" here: meaning. Example: if you happen to translate by heart from English to Spanish but need help to translate to French, you might publish the new page with missing French sentences, and parts of the website would be displayed in English instead; - - it's much easier for the translator to understand what's going on and make a proper translation based on the + - it is much easier for the translator to understand what's going on and do a proper translation based on the `msgid`; - it gives you "free" l10n for one language - the source one; - The only disadvantage: if you need to change the actual text, you would need to replace the same `msgid` @@ -204,21 +205,21 @@ Talking about translation keys, there are two main "schools" here: 2. _`msgid` as a unique, structured key_. It would describe the sentence role in the application in a structured way, including the template or part where the string is located instead of its content. - - it's a great way to have the code organized, separating the text content from the template logic. + - it is a great way to have the code organized, separating the text content from the template logic. - however, that could bring problems to the translator that would miss the context. A source language file would be needed as a basis for other translations. Example: the developer would ideally have an `en.po` file, that translators would read to understand what to write in `fr.po` for instance. - missing translations would display meaningless keys on screen (`top_menu.welcome` instead of `Hello there, User!` - on the said untranslated French page). That's good it as would force translation to be complete before publishing - - but bad as translation issues would be really awful in the interface. Some libraries, though, include an option to - specify a given language as "fallback", having a similar behavior as the other approach. + on the said untranslated French page). That is good it as would force translation to be complete before publishing - + however, bad as translation issues would be remarkably awful in the interface. Some libraries, though, include an + option to specify a given language as "fallback", having a similar behavior as the other approach. -The [Gettext manual][manual] favors the first approach as, in general, it's easier for translators and users in -case of trouble. That's how we will be working here as well. However, the [Symfony documentation][symfony-keys] favors +The [Gettext manual][manual] favors the first approach as, in general, it is easier for translators and users in +case of trouble. That is how we will be working here as well. However, the [Symfony documentation][symfony-keys] favors keyword-based translation, to allow for independent changes of all translations without affecting templates as well. ### Everyday usage -In a common application, you would use some Gettext functions while writing static text in your pages. Those sentences +In a typical application, you would use some Gettext functions while writing static text in your pages. Those sentences would then appear in `.po` files, get translated, compiled into `.mo` files and then, used by Gettext when rendering the actual interface. Given that, let's tie together what we have discussed so far in a step-by-step example: @@ -308,13 +309,13 @@ textdomain('main'); #### 3. Preparing translation for the first run To make matters easier - and one of the powerful advantages Gettext has over custom framework i18n packages - is its -custom file type. "Oh man, that's quite hard to understand and edit by hand, a simple array would be easier!" Make no +custom file type. "Oh man, that is quite hard to understand and edit by hand, a simple array would be easier!" Make no mistake, applications like [Poedit] are here to help - _a lot_. You can get the program from -[their website](poedit_download), it's free and available for all platforms. It's a pretty easy tool to get used to, +[their website](poedit_download), it's free and available for all platforms. It is a pretty easy tool to get used to, and a very powerful one at the same time - using all powerful features Gettext has available. -In the first run, you should select "File > New Catalog" from the menu. There you'll have a small screen where we will -set the terrain so everything else runs smoothly. You'll be able to find those settings later through +In the first run, you should select "File > New Catalog" from the menu. There you will have a small screen where we will +set the terrain so everything else runs smoothly. You will be able to find those settings later through "Catalog > Properties": - Project name and version, Translation Team and email address: useful information that goes in the `.po` file header; @@ -328,46 +329,46 @@ is usually your templates folder(s) powerful points of Gettext. The underlying software knows how the `gettext()` calls look like in several programming languages, but you might as well create your own translation forms. This will be discussed later in the "Tips" section. -After setting those points you'll be prompted to save the file - using that directory structure we mentioned as well, -and then it will run a scan through your source files to find the localization calls. They'll be fed empty into the -translation table, and you'll start typing in the localized versions of those strings. Save it and a `.mo` file will be -(re)compiled into the same folder and ta-dah: your project is internationalized. +After setting those points, you will be prompted to save the file - using that directory structure we mentioned as well, +and then it will run a scan through your source files to find the localization calls. They will be fed empty into the +translation table, and you will start typing in the localized versions of those strings. Save it and a `.mo` file will +be (re)compiled into the same folder and ta-dah: your project is internationalized. #### 4. Translating strings As you may have noticed before, there are two main types of localized strings: simple ones and the ones with plural -forms. The first ones have simply two boxes: source and localized string. The source string can't be modified as +forms. The first ones have simply two boxes: source and localized string. The source string cannot be modified as Gettext/Poedit do not include the powers to alter your source files - you should change the source itself and rescan -the files. Tip: you may right-click a translation line and it will hint you with the source files and lines where that -string is being used. +the files. Tip: you may right-click a translation line, and it will hint you with the files and lines where that string +is being used. On the other hand, plural form strings include two boxes to show the two source strings, and tabs so you can configure the different final forms. Whenever you change your sources and need to update the translations, just hit Refresh and Poedit will rescan the code, removing non-existent entries, merging the ones that changed and adding new ones. It may also try to guess some translations, based on other ones you did. Those guesses and the changed entries will receive a "Fuzzy" marker, -indicating it needs review, being highlighted in the list. It's also useful if you have a translation team and someone -tries to write something they're not sure about: just mark Fuzzy and someone else will review later. +indicating it needs review, being highlighted in the list. It is also useful if you have a translation team and someone +tries to write something they are not sure about: just mark Fuzzy, and someone else will review later. -Finally, it's advised to leave "View > Untranslated entries first" marked, as it will help you _a lot_ to not forget +Finally, it is advised to leave "View > Untranslated entries first" marked, as it will help you _a lot_ to not forget any entry. From that menu, you can also open parts of the UI that allow you to leave contextual information for translators if needed. ### Tips & Tricks #### Possible caching issues -If you're running PHP as a module on Apache (`mod_php`), you might face issues with the `.mo` file being cached. It -happens the first time it's read, and then, to update it, you might need to restart the server. On Nginx and PHP5 it +If you are running PHP as a module on Apache (`mod_php`), you might face issues with the `.mo` file being cached. It +happens the first time it is read, and then, to update it, you might need to restart the server. On Nginx and PHP5 it usually takes only a couple of page refreshes to refresh the translation cache, and on PHP7 it is rarely needed. #### Additional helper functions -As preferred by many people, it's easier to use `_()` instead of `gettext()`. Many custom i18n libraries from -frameworks use something similar to `t()` as well, to make translated code shorter. However, that's the only function +As preferred by many people, it is easier to use `_()` instead of `gettext()`. Many custom i18n libraries from +frameworks use something similar to `t()` as well, to make translated code shorter. However, that is the only function that sports a shortcut. You might want to add in your project some others, such as `__()` or `_n()` for `ngettext()`, or maybe a fancy `_r()` that would join `gettext()` and `sprintf()` calls. Other libraries, such as [oscarotero's Gettext][oscarotero] also provide helper functions like these. In those cases, you'll need to instruct the Gettext utility on how to extract the strings from those new functions. -Don't be afraid, it's very easy. It's just a field in the `.po` file, or a Settings screen on Poedit. In the editor, +Don't be afraid; it is very easy. It is just a field in the `.po` file, or a Settings screen on Poedit. In the editor, that option is inside "Catalog > Properties > Source keywords". You need to include there the specifications of those new functions, following [a specific format](func_format): From feb05f2e0cdbdbe17a3528971054c7e66a9b5699 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9o=20FIDRY?= Date: Wed, 30 Nov 2016 00:23:58 +0000 Subject: [PATCH 05/65] Add php-mock and humbug --- _posts/11-04-01-Complementary-Testing-Tools.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/_posts/11-04-01-Complementary-Testing-Tools.md b/_posts/11-04-01-Complementary-Testing-Tools.md index e0af3a4..b7ed173 100644 --- a/_posts/11-04-01-Complementary-Testing-Tools.md +++ b/_posts/11-04-01-Complementary-Testing-Tools.md @@ -14,6 +14,8 @@ libraries useful for any preferred approach taken. * [Mockery] is a Mock Object Framework which can be integrated with [PHPUnit] or [PHPSpec] * [Prophecy] is a highly opinionated yet very powerful and flexible PHP object mocking framework. It's integrated with [PHPSpec] and can be used with [PHPUnit]. +* [php-mock] is a library to help to mock PHP native functions. +* [Humbug] is a PHP implementation of [Mutation Testing] to help to measure the effectiveness of your tests. [Selenium]: http://seleniumhq.org/ @@ -22,3 +24,6 @@ libraries useful for any preferred approach taken. [PHPUnit]: http://phpunit.de/ [PHPSpec]: http://www.phpspec.net/ [Prophecy]: https://github.com/phpspec/prophecy +[php-mock]: https://github.com/php-mock/php-mock +[Humbug]: https://github.com/padraic/humbug +[Mutation Testing]: https://en.wikipedia.org/wiki/Mutation_testing From 920d2164f37fca03a89b60c21d9c48a1240357ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emir=20Kars=CC=A7=C4=B1yakal=C4=B1?= Date: Fri, 23 Dec 2016 23:58:28 +0300 Subject: [PATCH 06/65] updated current stable version section to 7.1 and added php71 option to brewing --- _posts/01-02-01-Use-the-Current-Stable-Version.md | 10 +++++----- _posts/01-04-01-Mac-Setup.md | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/_posts/01-02-01-Use-the-Current-Stable-Version.md b/_posts/01-02-01-Use-the-Current-Stable-Version.md index d2994c0..caed092 100644 --- a/_posts/01-02-01-Use-the-Current-Stable-Version.md +++ b/_posts/01-02-01-Use-the-Current-Stable-Version.md @@ -1,16 +1,16 @@ --- -title: Use the Current Stable Version (7.0) +title: Use the Current Stable Version (7.1) isChild: true anchor: use_the_current_stable_version --- -## Use the Current Stable Version (7.0) {#use_the_current_stable_version_title} +## Use the Current Stable Version (7.1) {#use_the_current_stable_version_title} -If you are getting started with PHP, start with the current stable release of [PHP 7.0][php-release]. PHP 7.0 is very +If you are getting started with PHP, start with the current stable release of [PHP 7.1][php-release]. PHP 7.1 is very new, and adds many amazing [new features](#language_highlights) over the older 5.x versions. The engine has been largely re-written, and PHP is now even quicker than older versions. -Most commonly in the near future you will find PHP 5.x being used, and the latest 5.x version is 5.6. This is not a bad option, but you should try to upgrade to the latest stable quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is really quite easy, as there are not many [backwards compatibility breaks][php70-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. +Most commonly in the near future you will find PHP 5.x being used, and the latest 5.x version is 5.6. This is not a bad option, but you should try to upgrade to the latest stable quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is really quite easy, as there are not many [backwards compatibility breaks][php71-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. [php-release]: http://php.net/downloads.php [php-docs]: http://php.net/manual/ -[php70-bc]: http://php.net/manual/migration70.incompatible.php +[php71-bc]: http://php.net/manual/migration71.incompatible.php diff --git a/_posts/01-04-01-Mac-Setup.md b/_posts/01-04-01-Mac-Setup.md index 74abe62..b9b706e 100644 --- a/_posts/01-04-01-Mac-Setup.md +++ b/_posts/01-04-01-Mac-Setup.md @@ -15,7 +15,7 @@ There are multiple ways to install PHP on OS X. [Homebrew] is a powerful package manager for OS X, which can help you install PHP and various extensions easily. [Homebrew PHP] is a repository that contains PHP-related "formulae" for Homebrew, and will let you install PHP. -At this point, you can install `php53`, `php54`, `php55`, `php56` or `php70` using the `brew install` command, and switch +At this point, you can install `php53`, `php54`, `php55`, `php56`, `php70` or `php71` using the `brew install` command, and switch between them by modifying your `PATH` variable. Alternatively you can use [brew-php-switcher][brew-php-switcher] which will switch automatically for you. ### Install PHP via Macports From 7ed32b8dca0eb7aa74495378ad0e64ebc3a65b23 Mon Sep 17 00:00:00 2001 From: Igor Santos Date: Wed, 4 Jan 2017 12:02:41 -0200 Subject: [PATCH 07/65] Fixing a broken link --- _posts/05-06-01-Internationalization-and-Localization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 9981f28..9907124 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -370,7 +370,7 @@ or maybe a fancy `_r()` that would join `gettext()` and `sprintf()` calls. Other In those cases, you'll need to instruct the Gettext utility on how to extract the strings from those new functions. Don't be afraid; it is very easy. It is just a field in the `.po` file, or a Settings screen on Poedit. In the editor, that option is inside "Catalog > Properties > Source keywords". You need to include there the specifications of those -new functions, following [a specific format](func_format): +new functions, following [a specific format][func_format]: - if you create something like `t()` that simply returns the translation for a string, you can specify it as `t`. Gettext will know the only function argument is the string to be translated; From 91218fea03173577c11f3663632d1b3cf95bf8db Mon Sep 17 00:00:00 2001 From: Igor Santos Date: Wed, 4 Jan 2017 12:15:51 -0200 Subject: [PATCH 08/65] small link and text improvement --- _posts/05-06-01-Internationalization-and-Localization.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 9907124..64cd276 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -308,10 +308,9 @@ textdomain('main'); {% endhighlight %} #### 3. Preparing translation for the first run -To make matters easier - and one of the powerful advantages Gettext has over custom framework i18n packages - is its -custom file type. "Oh man, that is quite hard to understand and edit by hand, a simple array would be easier!" Make no +One of the great advantages Gettext has over custom framework i18n packages is its extensive and powerful file format. "Oh man, that is quite hard to understand and edit by hand, a simple array would be easier!" Make no mistake, applications like [Poedit] are here to help - _a lot_. You can get the program from -[their website](poedit_download), it's free and available for all platforms. It is a pretty easy tool to get used to, +[their website][poedit_download], it's free and available for all platforms. It is a pretty easy tool to get used to, and a very powerful one at the same time - using all powerful features Gettext has available. In the first run, you should select "File > New Catalog" from the menu. There you will have a small screen where we will From 08dffd329d30924ec96f5f40128b022a82088fdb Mon Sep 17 00:00:00 2001 From: Igor Santos Date: Wed, 4 Jan 2017 13:54:33 -0200 Subject: [PATCH 09/65] Updating PoEdit guide to reflect 1.8 and other small changes --- ...1-Internationalization-and-Localization.md | 56 +++++++++++-------- 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 64cd276..caeb9e0 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -308,33 +308,40 @@ textdomain('main'); {% endhighlight %} #### 3. Preparing translation for the first run -One of the great advantages Gettext has over custom framework i18n packages is its extensive and powerful file format. "Oh man, that is quite hard to understand and edit by hand, a simple array would be easier!" Make no -mistake, applications like [Poedit] are here to help - _a lot_. You can get the program from -[their website][poedit_download], it's free and available for all platforms. It is a pretty easy tool to get used to, -and a very powerful one at the same time - using all powerful features Gettext has available. +One of the great advantages Gettext has over custom framework i18n packages is its extensive and powerful file format. +“Oh man, that’s quite hard to understand and edit by hand, a simple array would be easier!” Make no mistake, +applications like [Poedit] are here to help - _a lot_. You can get the program from their website, it’s free and +available for all platforms. It’s a pretty easy tool to get used to, and a very powerful one at the same time - +using all features Gettext has available. This small guide is based on PoEdit 1.8. -In the first run, you should select "File > New Catalog" from the menu. There you will have a small screen where we will -set the terrain so everything else runs smoothly. You will be able to find those settings later through -"Catalog > Properties": +In the first run, you should select “File > New...” from the menu. You’ll be asked straight ahead for the language: +here you can select/filter the language you want to translate to, or use that format we mentioned before, such as +`en_US` or `pt_BR`. -- Project name and version, Translation Team and email address: useful information that goes in the `.po` file header; -- Language: here you should use that format we mentioned before, such as `en_US` or `pt_BR`; -- Charsets: UTF-8, preferably; -- Source charset: set here the charset used by your PHP files - probably UTF-8 as well, right? -- plural forms: here go those rules we mentioned before - there's a link in there with samples as well; -- Source paths: here you must include all folders from the project where `gettext()` (and siblings) will happen - this -is usually your templates folder(s) -- Source keywords: this last part is filled by default, but you might need to alter it later - and is one of the -powerful points of Gettext. The underlying software knows how the `gettext()` calls look like in several programming -languages, but you might as well create your own translation forms. This will be discussed later in the "Tips" section. +Now, save the file - using that directory structure we mentioned as well. Then you should click “Extract from sources”, +and here you’ll configure various settings for the extraction and translation tasks. You’ll be able to find all those +later through “Catalog > Properties”: -After setting those points, you will be prompted to save the file - using that directory structure we mentioned as well, -and then it will run a scan through your source files to find the localization calls. They will be fed empty into the -translation table, and you will start typing in the localized versions of those strings. Save it and a `.mo` file will -be (re)compiled into the same folder and ta-dah: your project is internationalized. +- Source paths: here you must include all folders from the project where `gettext()` (and siblings) are called - this +is usually your templates/views folder(s). This is the only mandatory setting; +- Translation properties: + - Project name and version, Team and Team’s email address: useful information that goes in the .po file header; + - Plural forms: here go those rules we mentioned before - there’s a link in there with samples as well. You can + leave it with the default option most of the time, as PoEdit already includes a handy database of plural rules for + many languages. + - Charsets: UTF-8, preferably; + - Source code charset: set here the charset used by your codebase - probably UTF-8 as well, right? +- Source keywords: The underlying software knows how `gettext()` and similar function calls look like in several +programming languages, but you might as well create your own translation functions. It will be here you’ll add those +other methods. This will be discussed later in the “Tips” section. + +After setting those points it will run a scan through your source files to find all the localization calls. After every +scan PoEdit will display a summary of what was found and what was removed from the source files. New entries will fed +empty into the translation table, and you’ll start typing in the localized versions of those strings. Save it and a .mo +file will be (re)compiled into the same folder and ta-dah: your project is internationalized. #### 4. Translating strings -As you may have noticed before, there are two main types of localized strings: simple ones and the ones with plural +As you may have noticed before, there are two main types of localized strings: simple ones and those with plural forms. The first ones have simply two boxes: source and localized string. The source string cannot be modified as Gettext/Poedit do not include the powers to alter your source files - you should change the source itself and rescan the files. Tip: you may right-click a translation line, and it will hint you with the files and lines where that string @@ -345,7 +352,7 @@ the different final forms. Whenever you change your sources and need to update the translations, just hit Refresh and Poedit will rescan the code, removing non-existent entries, merging the ones that changed and adding new ones. It may also try to guess some translations, based on other ones you did. Those guesses and the changed entries will receive a "Fuzzy" marker, -indicating it needs review, being highlighted in the list. It is also useful if you have a translation team and someone +indicating it needs review, appearing golden in the list. It is also useful if you have a translation team and someone tries to write something they are not sure about: just mark Fuzzy, and someone else will review later. Finally, it is advised to leave "View > Untranslated entries first" marked, as it will help you _a lot_ to not forget @@ -368,7 +375,8 @@ or maybe a fancy `_r()` that would join `gettext()` and `sprintf()` calls. Other In those cases, you'll need to instruct the Gettext utility on how to extract the strings from those new functions. Don't be afraid; it is very easy. It is just a field in the `.po` file, or a Settings screen on Poedit. In the editor, -that option is inside "Catalog > Properties > Source keywords". You need to include there the specifications of those +that option is inside "Catalog > Properties > Source keywords". Remember: Gettext already knows the default functions +for many languages, so don’t be afraid if that list seems empty. You need to include there the specifications of those new functions, following [a specific format][func_format]: - if you create something like `t()` that simply returns the translation for a string, you can specify it as `t`. From 6e5fdee5884ae8f3d2345144f78f8d5b823b4970 Mon Sep 17 00:00:00 2001 From: Daniel Saavedra Date: Thu, 19 Jan 2017 17:55:15 -0400 Subject: [PATCH 10/65] Fixed Broken links --- _posts/01-05-01-Windows-Setup.md | 34 +++++++++---------- ...1-Internationalization-and-Localization.md | 10 +++--- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/_posts/01-05-01-Windows-Setup.md b/_posts/01-05-01-Windows-Setup.md index 4fafe09..438fe52 100644 --- a/_posts/01-05-01-Windows-Setup.md +++ b/_posts/01-05-01-Windows-Setup.md @@ -1,22 +1,22 @@ ---- -isChild: true -anchor: windows_setup ---- - -## Windows Setup {#windows_setup_title} - -You can download the binaries from [windows.php.net/download][php-downloads]. After the extraction of PHP, it is recommended to set the [PATH][windows-path] to the root of your PHP folder (where php.exe is located) so you can execute PHP from anywhere. - +--- +isChild: true +anchor: windows_setup +--- + +## Windows Setup {#windows_setup_title} + +You can download the binaries from [windows.php.net/download][php-downloads]. After the extraction of PHP, it is recommended to set the [PATH][windows-path] to the root of your PHP folder (where php.exe is located) so you can execute PHP from anywhere. + For learning and local development, you can use the built in webserver with PHP 5.4+ so you don't need to worry about -configuring it. If you would like an "all-in-one" which includes a full-blown webserver and MySQL too then tools such -as the [Web Platform Installer][wpi], [XAMPP][xampp], [EasyPHP][easyphp], [OpenServer][openserver] and [WAMP][wamp] will -help get a Windows development environment up and running fast. That said, these tools will be a little different from -production so be careful of environment differences if you are working on Windows and deploying to Linux. +configuring it. If you would like an "all-in-one" which includes a full-blown webserver and MySQL too then tools such +as the [Web Platform Installer][wpi], [XAMPP][xampp], [EasyPHP][easyphp], [OpenServer][openserver] and [WAMP][wamp] will +help get a Windows development environment up and running fast. That said, these tools will be a little different from +production so be careful of environment differences if you are working on Windows and deploying to Linux. If you need to run your production system on Windows, then IIS7 will give you the most stable and best performance. You -can use [phpmanager][phpmanager] (a GUI plugin for IIS7) to make configuring and managing PHP simple. IIS7 comes with -FastCGI built in and ready to go, you just need to configure PHP as a handler. For support and additional resources -there is a [dedicated area on iis.net][php-iis] for PHP. +can use [phpmanager][phpmanager] (a GUI plugin for IIS7) to make configuring and managing PHP simple. IIS7 comes with +FastCGI built in and ready to go, you just need to configure PHP as a handler. For support and additional resources +there is a [dedicated area on iis.net][php-iis] for PHP. Generally running your application on different environment in development and production can lead to strange bugs popping up when you go live. If you are developing on Windows and deploying to Linux (or anything non-Windows) then you should consider using a [Virtual Machine](/#virtualization_title). @@ -31,5 +31,5 @@ Chris Tankersley has a very helpful blog post on what tools he uses to do [PHP d [php-iis]: http://php.iis.net/ [windows-path]: http://www.windows-commandline.com/set-path-command-line/ [windows-tools]: http://ctankersley.com/2016/11/13/developing-on-windows-2016/ -[wpi]: http://www.microsoft.com/web/downloads/platform.aspx +[wpi]: https://www.microsoft.com/web/downloads/platform.aspx [xampp]: http://www.apachefriends.org/en/xampp.html diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index c52b3a9..7b38284 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -141,7 +141,7 @@ given number falls (starting the count with 0). For example: - Brazilian Portuguese: `nplurals=2; plural=(n > 1);` - two rules, second if N is bigger than one, first otherwise Now that you understood the basis of how plural rules works - and if you didn't, please look at a deeper explanation -on the [LingoHub tutorial](lingohub_plurals) -, you might want to copy the ones you need from a [list][plural] instead +on the [LingoHub tutorial][lingohub_plurals] -, you might want to copy the ones you need from a [list][plural] instead of writing them by hand. When calling out Gettext to do localization on sentences with counters, you'll have to give him the @@ -174,7 +174,7 @@ msgstr[1] "%d mensagens não lidas" The first section works like a header, having the `msgid` and `msgstr` especially empty. It describes the file encoding, plural forms and other things that are less relevant. The second section translates a simple string from English to -Brazilian Portuguese, and the third does the same, but leveraging string replacement from [`sprintf`](sprintf) so the +Brazilian Portuguese, and the third does the same, but leveraging string replacement from [`sprintf`][sprintf] so the translation may contain the user name and visit date. The last section is a sample of pluralization forms, displaying the singular and plural version as `msgid` in English and their corresponding translations as `msgstr` 0 and 1 @@ -310,7 +310,7 @@ textdomain('main'); To make matters easier - and one of the powerful advantages Gettext has over custom framework i18n packages - is its custom file type. "Oh man, that's quite hard to understand and edit by hand, a simple array would be easier!" Make no mistake, applications like [Poedit] are here to help - _a lot_. You can get the program from -[their website](poedit_download), it's free and available for all platforms. It's a pretty easy tool to get used to, +[their website][poedit_download], it's free and available for all platforms. It's a pretty easy tool to get used to, and a very powerful one at the same time - using all powerful features Gettext has available. In the first run, you should select "File > New Catalog" from the menu. There you'll have a small screen where we will @@ -369,7 +369,7 @@ or maybe a fancy `_r()` that would join `gettext()` and `sprintf()` calls. Other In those cases, you'll need to instruct the Gettext utility on how to extract the strings from those new functions. Don't be afraid, it's very easy. It's just a field in the `.po` file, or a Settings screen on Poedit. In the editor, that option is inside "Catalog > Properties > Source keywords". You need to include there the specifications of those -new functions, following [a specific format](func_format): +new functions, following [a specific format][func_format]: - if you create something like `t()` that simply returns the translation for a string, you can specify it as `t`. Gettext will know the only function argument is the string to be translated; @@ -385,7 +385,7 @@ After including those new rules in the `.po` file, a new scan will bring in your * [Wikipedia: i18n and l10n](https://en.wikipedia.org/wiki/Internationalization_and_localization) * [Wikipedia: Gettext](https://en.wikipedia.org/wiki/Gettext) -* [LingoHub: PHP internationalization with gettext tutorial](lingohub) +* [LingoHub: PHP internationalization with gettext tutorial][lingohub] * [PHP Manual: Gettext](http://php.net/manual/en/book.gettext.php) * [Gettext Manual][manual] From d628ff4fb9a95834e07458fb0361b4ded938c47b Mon Sep 17 00:00:00 2001 From: Peter Kokot Date: Mon, 23 Jan 2017 06:06:25 +0100 Subject: [PATCH 11/65] Add native languages for translations --- README.md | 42 +++++++++++++++++++++--------------------- _includes/welcome.md | 42 +++++++++++++++++++++--------------------- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/README.md b/README.md index b372de6..af713c4 100644 --- a/README.md +++ b/README.md @@ -34,27 +34,27 @@ developers know where to find good information! * [English](http://www.phptherightway.com) -* [Arabic](https://adaroobi.github.io/php-the-right-way/) -* [Bulgarian](http://bg.phptherightway.com) -* [Chinese (Simplified)](http://laravel-china.github.io/php-the-right-way/) -* [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) -* [French](http://eilgin.github.io/php-the-right-way/) -* [German](http://rwetzlmayr.github.io/php-the-right-way) -* [Indonesian](http://id.phptherightway.com) -* [Italian](http://it.phptherightway.com) -* [Japanese](http://ja.phptherightway.com) -* [Korean](http://modernpug.github.io/php-the-right-way) -* [Persian](http://novid.github.io/php-the-right-way/) -* [Polish](http://pl.phptherightway.com) -* [Portuguese](http://br.phptherightway.com) -* [Romanian](https://bgui.github.io/php-the-right-way/) -* [Russian](http://getjump.github.io/ru-php-the-right-way) -* [Serbian](http://phpsrbija.github.io/php-the-right-way/) -* [Slovenian](http://sl.phptherightway.com) -* [Spanish](http://phpdevenezuela.github.io/php-the-right-way) -* [Thai](https://apzentral.github.io/php-the-right-way/) -* [Turkish](http://hkulekci.github.io/php-the-right-way/) -* [Ukrainian](http://iflista.github.com/php-the-right-way) +* [Deutsch](http://rwetzlmayr.github.io/php-the-right-way) +* [Español](http://phpdevenezuela.github.io/php-the-right-way) +* [Français](http://eilgin.github.io/php-the-right-way/) +* [Indonesia](http://id.phptherightway.com) +* [Italiano](http://it.phptherightway.com) +* [Polski](http://pl.phptherightway.com) +* [Português do Brasil](http://br.phptherightway.com) +* [Română](https://bgui.github.io/php-the-right-way/) +* [Slovenščina](http://sl.phptherightway.com) +* [Srpski](http://phpsrbija.github.io/php-the-right-way/) +* [Türkçe](http://hkulekci.github.io/php-the-right-way/) +* [български](http://bg.phptherightway.com) +* [Русский язык](http://getjump.github.io/ru-php-the-right-way) +* [Українська](http://iflista.github.com/php-the-right-way) +* [العربية](https://adaroobi.github.io/php-the-right-way/) +* [فارسى](http://novid.github.io/php-the-right-way/) +* [ภาษาไทย](https://apzentral.github.io/php-the-right-way/) +* [한국어판](http://modernpug.github.io/php-the-right-way) +* [日本語](http://ja.phptherightway.com) +* [简体中文](http://laravel-china.github.io/php-the-right-way/) +* [繁體中文](http://laravel-taiwan.github.io/php-the-right-way) ### Translations diff --git a/_includes/welcome.md b/_includes/welcome.md index 6b9889d..9ab0407 100644 --- a/_includes/welcome.md +++ b/_includes/welcome.md @@ -21,27 +21,27 @@ and examples as they become available. _PHP: The Right Way_ is translated into many different languages: * [English](http://www.phptherightway.com) -* [Arabic](https://adaroobi.github.io/php-the-right-way/) -* [Bulgarian](http://bg.phptherightway.com/) -* [Chinese (Simplified)](http://laravel-china.github.io/php-the-right-way/) -* [Chinese (Traditional)](http://laravel-taiwan.github.io/php-the-right-way) -* [French](http://eilgin.github.io/php-the-right-way/) -* [German](http://rwetzlmayr.github.io/php-the-right-way/) -* [Indonesian](http://id.phptherightway.com/) -* [Italian](http://it.phptherightway.com/) -* [Japanese](http://ja.phptherightway.com) -* [Korean](http://modernpug.github.io/php-the-right-way/) -* [Persian](http://novid.github.io/php-the-right-way/) -* [Polish](http://pl.phptherightway.com/) -* [Portuguese (Brazil)](http://br.phptherightway.com/) -* [Romanian](https://bgui.github.io/php-the-right-way/) -* [Russian](http://getjump.github.io/ru-php-the-right-way) -* [Serbian](http://phpsrbija.github.io/php-the-right-way/) -* [Slovenian](http://sl.phptherightway.com) -* [Spanish](http://phpdevenezuela.github.io/php-the-right-way/) -* [Thai](https://apzentral.github.io/php-the-right-way/) -* [Turkish](http://hkulekci.github.io/php-the-right-way/) -* [Ukrainian](http://iflista.github.com/php-the-right-way/) +* [Deutsch](http://rwetzlmayr.github.io/php-the-right-way) +* [Español](http://phpdevenezuela.github.io/php-the-right-way) +* [Français](http://eilgin.github.io/php-the-right-way/) +* [Indonesia](http://id.phptherightway.com) +* [Italiano](http://it.phptherightway.com) +* [Polski](http://pl.phptherightway.com) +* [Português do Brasil](http://br.phptherightway.com) +* [Română](https://bgui.github.io/php-the-right-way/) +* [Slovenščina](http://sl.phptherightway.com) +* [Srpski](http://phpsrbija.github.io/php-the-right-way/) +* [Türkçe](http://hkulekci.github.io/php-the-right-way/) +* [български](http://bg.phptherightway.com) +* [Русский язык](http://getjump.github.io/ru-php-the-right-way) +* [Українська](http://iflista.github.com/php-the-right-way) +* [العربية](https://adaroobi.github.io/php-the-right-way/) +* [فارسى](http://novid.github.io/php-the-right-way/) +* [ภาษาไทย](https://apzentral.github.io/php-the-right-way/) +* [한국어판](http://modernpug.github.io/php-the-right-way) +* [日本語](http://ja.phptherightway.com) +* [简体中文](http://laravel-china.github.io/php-the-right-way/) +* [繁體中文](http://laravel-taiwan.github.io/php-the-right-way) ## How to Contribute From 05c3400ef6b175f03450b1fa56af23d3b6504cce Mon Sep 17 00:00:00 2001 From: Peter Kokot Date: Mon, 23 Jan 2017 20:56:55 +0100 Subject: [PATCH 12/65] Update information about PHP 7 --- _posts/01-04-01-Mac-Setup.md | 10 +++++----- _posts/07-02-01-Databases_MySQL.md | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/_posts/01-04-01-Mac-Setup.md b/_posts/01-04-01-Mac-Setup.md index b9b706e..0e88359 100644 --- a/_posts/01-04-01-Mac-Setup.md +++ b/_posts/01-04-01-Mac-Setup.md @@ -6,7 +6,7 @@ anchor: mac_setup ## Mac Setup {#mac_setup_title} OS X comes prepackaged with PHP but it is normally a little behind the latest stable. Mavericks has 5.4.17, -Yosemite 5.5.9, El Capitan 5.5.29 and Sierra 5.6.24, but with PHP 7.0 out that is often not good enough. +Yosemite 5.5.9, El Capitan 5.5.29 and Sierra 5.6.24, but with PHP 7.1 out that is often not good enough. There are multiple ways to install PHP on OS X. @@ -29,14 +29,14 @@ MacPorts supports pre-compiled binaries, so you don't need to recompile every dependency from the source tarball files, it saves your life if you don't have any package installed on your system. -At this point, you can install `php54`, `php55`, `php56` or `php70` using the `port install` command, for example: +At this point, you can install `php54`, `php55`, `php56`, `php70` or `php71` using the `port install` command, for example: sudo port install php56 - sudo port install php70 + sudo port install php71 And you can run `select` command to switch your active PHP: - sudo port select --set php php70 + sudo port select --set php php71 ### Install PHP via phpbrew @@ -45,7 +45,7 @@ applications/projects require different versions of PHP, and you are not using v ### Install PHP via Liip's binary installer -Another popular option is [php-osx.liip.ch] which provides one liner installation methods for versions 5.3 through 7.0. +Another popular option is [php-osx.liip.ch] which provides one liner installation methods for versions 5.3 through 7.1. It doesn't overwrite the PHP binaries installed by Apple, but installs everything in a separate location (/usr/local/php5). ### Compile from Source diff --git a/_posts/07-02-01-Databases_MySQL.md b/_posts/07-02-01-Databases_MySQL.md index c1d5e55..476ffc9 100644 --- a/_posts/07-02-01-Databases_MySQL.md +++ b/_posts/07-02-01-Databases_MySQL.md @@ -6,7 +6,7 @@ anchor: mysql_extension ## MySQL Extension {#mysql_extension_title} -The [mysql] extension for PHP is incredibly old and has superseded by two other extensions: +The [mysql] extension for PHP is incredibly old and has superseded by two other extensions: - [mysqli] - [pdo] @@ -14,12 +14,12 @@ The [mysql] extension for PHP is incredibly old and has superseded by two other Not only did development stop long ago on [mysql], but it was [deprecated as of PHP 5.5.0] [mysql_deprecated], and **has been [officially removed in PHP 7.0][mysql_removed]**. -To save digging into your `php.ini` settings to see which module you are using, one option is to search for `mysql_*` -in your editor of choice. If any functions such as `mysql_connect()` and `mysql_query()` show up, then `mysql` is +To save digging into your `php.ini` settings to see which module you are using, one option is to search for `mysql_*` +in your editor of choice. If any functions such as `mysql_connect()` and `mysql_query()` show up, then `mysql` is in use. -Even if you are not using PHP 7.0 yet, failing to consider this upgrade as soon as possible will lead to greater -hardship when the PHP 7.0 upgrade does come about. The best option is to replace mysql usage with [mysqli] or [PDO] in +Even if you are not using PHP 7.x yet, failing to consider this upgrade as soon as possible will lead to greater +hardship when the PHP 7.x upgrade does come about. The best option is to replace mysql usage with [mysqli] or [PDO] in your applications within your own development schedules so you won't be rushed later on. **If you are upgrading from [mysql] to [mysqli], beware lazy upgrade guides that suggest you can simply find and replace `mysql_*` with `mysqli_*`. Not only is that a gross oversimplification, it misses out on the advantages that mysqli provides, such as parameter binding, which is also offered in [PDO][pdo].** From 5cad0d04c671edf41d3a3a2c74f871b066a012d1 Mon Sep 17 00:00:00 2001 From: "Paul M. Jones" Date: Tue, 31 Jan 2017 10:52:47 -0600 Subject: [PATCH 13/65] add aura/intl --- _posts/05-06-01-Internationalization-and-Localization.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 7b38284..5bec5d9 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -41,6 +41,9 @@ There are common libraries used that support Gettext and other implementations o install or sport additional features or i18n file formats. In this document, we focus on the tools provided with the PHP core, but here we list others for completion: +- [aura/intl][aura-intl]: Provides internationalization (I18N) tools, specifically package-oriented per-locale message +translation. It uses array formats for message. Does not provide a message extractor, but does provide advanced +message formatting via the `intl` extension (including pluralized messages). - [oscarotero/Gettext][oscarotero]: Gettext support with an OO interface; includes improved helper functions, powerful extractors for several file formats (some of them not supported natively by the `gettext` command), and can also export to other formats besides `.mo/.po` files. Can be useful if you need to integrate your translation files into other parts @@ -400,6 +403,7 @@ After including those new rules in the `.po` file, a new scan will bring in your [3166-1]: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 [rare]: http://www.gnu.org/software/gettext/manual/gettext.html#Rare-Language-Codes [func_format]: https://www.gnu.org/software/gettext/manual/gettext.html#Language-specific-options +[aura-intl]: https://github.com/auraphp/Aura.Intl [oscarotero]: https://github.com/oscarotero/Gettext [symfony]: https://symfony.com/doc/current/components/translation.html [zend]: https://docs.zendframework.com/zend-i18n/translation From 3b848d855f9438d2d382f26d96a3f8445f09478f Mon Sep 17 00:00:00 2001 From: Jagroop Singh Date: Fri, 10 Mar 2017 13:10:56 +0530 Subject: [PATCH 14/65] fixed missing square bracket in array --- _posts/05-06-01-Internationalization-and-Localization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 7b38284..7e53a5d 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -257,7 +257,7 @@ call. More on domain configuration in the next example. * @return bool */ function valid($locale) { - return in_array($locale, ['en_US', 'en', 'pt_BR', 'pt', 'es_ES', 'es'); + return in_array($locale, ['en_US', 'en', 'pt_BR', 'pt', 'es_ES', 'es']); } //setting the source/default locale, for informational purposes From 0d9637ccf7b6665a6d62ef8f03104034ef61c823 Mon Sep 17 00:00:00 2001 From: Euge Starr Date: Wed, 3 May 2017 20:32:29 +1200 Subject: [PATCH 15/65] grammar fixes --- _posts/01-04-01-Mac-Setup.md | 2 +- _posts/02-01-01-Code-Style-Guide.md | 2 +- _posts/05-03-01-Date-and-Time.md | 2 +- _posts/06-02-01-Basic-Concept.md | 2 +- _posts/06-03-01-Complex-Problem.md | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/_posts/01-04-01-Mac-Setup.md b/_posts/01-04-01-Mac-Setup.md index 0e88359..dc06ddf 100644 --- a/_posts/01-04-01-Mac-Setup.md +++ b/_posts/01-04-01-Mac-Setup.md @@ -16,7 +16,7 @@ There are multiple ways to install PHP on OS X. [Homebrew PHP] is a repository that contains PHP-related "formulae" for Homebrew, and will let you install PHP. At this point, you can install `php53`, `php54`, `php55`, `php56`, `php70` or `php71` using the `brew install` command, and switch -between them by modifying your `PATH` variable. Alternatively you can use [brew-php-switcher][brew-php-switcher] which will switch automatically for you. +between them by modifying your `PATH` variable. Alternatively, you can use [brew-php-switcher][brew-php-switcher] which will switch automatically for you. ### Install PHP via Macports diff --git a/_posts/02-01-01-Code-Style-Guide.md b/_posts/02-01-01-Code-Style-Guide.md index 3365509..65e7bb5 100644 --- a/_posts/02-01-01-Code-Style-Guide.md +++ b/_posts/02-01-01-Code-Style-Guide.md @@ -15,7 +15,7 @@ recommendations are merely a set of rules that many projects like Drupal, Zend, FuelPHP, Lithium, etc are adopting. You can use them for your own projects, or continue to use your own personal style. -Ideally you should write PHP code that adheres to a known standard. This could be any combination of PSRs, or one +Ideally, you should write PHP code that adheres to a known standard. This could be any combination of PSRs, or one of the coding standards made by PEAR or Zend. This means other developers can easily read and work with your code, and applications that implement the components can have consistency even when working with lots of third-party code. diff --git a/_posts/05-03-01-Date-and-Time.md b/_posts/05-03-01-Date-and-Time.md index c56781a..499d074 100644 --- a/_posts/05-03-01-Date-and-Time.md +++ b/_posts/05-03-01-Date-and-Time.md @@ -43,7 +43,7 @@ On DateTime objects you can use standard comparison: {% highlight php %} Date: Mon, 15 May 2017 01:05:29 +0200 Subject: [PATCH 16/65] Example code consistency Added surrounding
  • tags just to be consistent with code examples at line 16 and 37 --- _posts/07-04-01-Interacting-via-Code.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index 5cae4f0..3004664 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -86,7 +86,7 @@ class FooModel {% highlight php %} - - +
  • -
    • {% endhighlight %} From 165f7f9bc894d7e77cd6626e555d44b3060c6698 Mon Sep 17 00:00:00 2001 From: Kushal Date: Wed, 14 Jun 2017 13:50:10 +0530 Subject: [PATCH 17/65] Create 09-02-01-Errors.md --- _posts/09-02-01-Errors.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/_posts/09-02-01-Errors.md b/_posts/09-02-01-Errors.md index a99a9bb..c510a70 100644 --- a/_posts/09-02-01-Errors.md +++ b/_posts/09-02-01-Errors.md @@ -132,7 +132,9 @@ make the switch. Basically you can throw your "errors" as "exceptions" using the the `Exception` class. This is a common practice implemented by a large number of modern frameworks such as Symfony and Laravel. In debug -mode *(or dev mode)* both of these frameworks will display a nice and clean *stack trace*. +mode *(or dev mode)* both of these frameworks will display a nice and clean *stack trace*. + +There are also some packages available for better error and exception handling and reporting. Like [Whoops!], which comes with the default installation of Laravel and can be used in any framework as well. By throwing errors as exceptions in development you can handle them better than the usual result, and if you see an exception during development you can wrap it in a catch statement with specific instructions on how to handle the From 1dbbd39d62762f5d806ebb6dcd3b9cbdb7de22de Mon Sep 17 00:00:00 2001 From: Eric Poe Date: Thu, 29 Jun 2017 13:12:05 -0500 Subject: [PATCH 18/65] Add new list of PHP leaders compiled by OGProgrammer --- _posts/16-03-01-People-to-Follow.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/_posts/16-03-01-People-to-Follow.md b/_posts/16-03-01-People-to-Follow.md index ab23369..2ddf768 100644 --- a/_posts/16-03-01-People-to-Follow.md +++ b/_posts/16-03-01-People-to-Follow.md @@ -11,7 +11,9 @@ community members when you are first starting out. You can find a comprehensive list of PHP community members and their Twitter handles at: -* [25 PHP Developers to Follow Online][php-developers-to-follow] +* [New Relic: 25 PHP Developers to Follow Online][php-developers-to-follow] +* [OGProgrammer: How to get connected with the PHP community][og-twitter-list] [php-developers-to-follow]: https://blog.newrelic.com/2014/05/02/25-php-developers-follow-online/ +[og-twitter-list]: https://www.ogprogrammer.com/2017/06/28/how-to-get-connected-with-the-php-community/ From 88329152a7ab7b2f19546fb4b9bdba2e7869849f Mon Sep 17 00:00:00 2001 From: Eric Poe Date: Fri, 7 Jul 2017 01:49:22 -0500 Subject: [PATCH 19/65] Add information about the common directory structure used for php dev work This information is based on the great analysis done by Paul M. Jones. --- _posts/01-06-01-Common-Directory-Structure.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 _posts/01-06-01-Common-Directory-Structure.md diff --git a/_posts/01-06-01-Common-Directory-Structure.md b/_posts/01-06-01-Common-Directory-Structure.md new file mode 100644 index 0000000..69a16f9 --- /dev/null +++ b/_posts/01-06-01-Common-Directory-Structure.md @@ -0,0 +1,19 @@ +--- +title: Common Directory Structure +isChild: true +anchor: common_directory_structure +--- + +## Common Directory structure {#common_directory_structure_title} + +A common question among those starting out with writing programs for the web is, "where do I put my stuff?" Over the years, this answer has consistently been "where the `DocumentRoot` is." Although this answer is not complete, it's a great place to start. + +For security reasons, configuration files should not be accessible by a site's visitors; therefore, public scripts are kept in a public directory and private configurations and data are kept outside of that directory. + +For each team, CMS, or framework one works in, a standard directory structure is used by each of those entities. However, if one is starting a project alone, knowing which filesystem structure to use can be daunting. + +[Paul M. Jones] has done some fantastic research into common practices of tens of thousands of github projects in the realm of PHP. He has compiled a standard file and directory structure, the [Standard PHP Package Skeleton], based on this research. In this directory structure, `DocumentRoot` should point to `public/`, unit tests should be in the `tests/` directory, and third party libraries, as installed by [composer], belong in the `vendor/` directory. For other files and directories, abiding by the [Standard PHP Package Skeleton] will make the most sense to contributors of a project. + +[Paul M. Jones]: https://twitter.com/pmjones +[Standard PHP Package Skeleton]: https://github.com/php-pds/skeleton +[Composer]: /#composer_and_packagist From cc6557ed4ebf950fa456b421944ac73210c44575 Mon Sep 17 00:00:00 2001 From: Brian Jackson Date: Wed, 4 Oct 2017 10:21:35 -0700 Subject: [PATCH 20/65] Update best practices Add article discussing the importance of using the latest support PHP versions. --- _posts/16-08-01-Sites.md | 1 + 1 file changed, 1 insertion(+) diff --git a/_posts/16-08-01-Sites.md b/_posts/16-08-01-Sites.md index 7eaedca..b6e8403 100644 --- a/_posts/16-08-01-Sites.md +++ b/_posts/16-08-01-Sites.md @@ -16,6 +16,7 @@ PHP versions * [PHP Best Practices](https://phpbestpractices.org/) * [Best practices for Modern PHP Development](https://www.airpair.com/php/posts/best-practices-for-modern-php-development) +* [Why You Should Be Using Supported PHP Versions](https://kinsta.com/blog/php-versions/) ### News around the PHP and web development communities You can subscribe to weekly newsletters to keep yourself informed on new libraries, latest news, events and general From fc6acc0daad23218e9b8e3161a75705832c3f7c8 Mon Sep 17 00:00:00 2001 From: Mamat Rahmat Date: Tue, 21 Nov 2017 01:05:48 +0700 Subject: [PATCH 21/65] Fix broken link --- _posts/06-05-01-Further-Reading.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/06-05-01-Further-Reading.md b/_posts/06-05-01-Further-Reading.md index dd18d1c..f9553b4 100644 --- a/_posts/06-05-01-Further-Reading.md +++ b/_posts/06-05-01-Further-Reading.md @@ -9,4 +9,4 @@ anchor: further_reading * [What is Dependency Injection?](http://fabien.potencier.org/article/11/what-is-dependency-injection) * [Dependency Injection: An analogy](https://mwop.net/blog/260-Dependency-Injection-An-analogy.html) * [Dependency Injection: Huh?](http://net.tutsplus.com/tutorials/php/dependency-injection-huh/) -* [Dependency Injection as a tool for testing](http://philipobenito.github.io/dependency-injection-as-a-tool-for-testing/) +* [Dependency Injection as a tool for testing](https://medium.com/philipobenito/dependency-injection-as-a-tool-for-testing-902c21c147f1) From 1a62ece55b19d2bf70beb5e4c1424c2feb3c6706 Mon Sep 17 00:00:00 2001 From: NJ Date: Wed, 7 Feb 2018 15:17:50 -0800 Subject: [PATCH 22/65] Use utf8mb4 instead of utf8 in MySQL database connection string --- _posts/07-04-01-Interacting-via-Code.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index 5cae4f0..8f7d2b3 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -48,7 +48,7 @@ logic in and you have a "View", which is very nearly [MVC] - a common OOP archit {% highlight php %} Date: Mon, 26 Feb 2018 11:19:29 +0100 Subject: [PATCH 23/65] Update Functional-Programming.md --- pages/Functional-Programming.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pages/Functional-Programming.md b/pages/Functional-Programming.md index 85bb97f..2ad68dd 100644 --- a/pages/Functional-Programming.md +++ b/pages/Functional-Programming.md @@ -8,7 +8,7 @@ sitemap: true PHP supports first-class functions, meaning that a function can be assigned to a variable. Both user-defined and built-in functions can be referenced by a variable and invoked dynamically. Functions can be passed as arguments to -other functions and a function can return other functions (a feature called higher-order functions). +other functions and a function can return other functions (a feature called higher-order functions). Recursion, a feature that allows a function to call itself, is supported by the language, but most of the PHP code focus is on iteration. @@ -71,12 +71,12 @@ $output = array_filter($input, criteria_greater_than(3)); print_r($output); // items > 3 {% endhighlight %} -Each filter function in the family accepts only elements greater than some minimum value. Single filter returned by +Each filter function in the family accepts only elements greater than some minimum value. The single filter returned by `criteria_greater_than` is a closure with `$min` argument closed by the value in the scope (given as an argument when `criteria_greater_than` is called). Early binding is used by default for importing `$min` variable into the created function. For true closures with late -binding one should use a reference when importing. Imagine a templating or input validation library, where closure is +binding one should use a reference when importing. Imagine a templating or input validation library, where a closure is defined to capture variables in scope and access them later when the anonymous function is evaluated. * [Read about Anonymous functions][anonymous-functions] From 8fbfb9f8c59bc1429ebb5e5041417066045838e9 Mon Sep 17 00:00:00 2001 From: Oluwafemi Sule Date: Fri, 23 Mar 2018 14:34:44 +0100 Subject: [PATCH 24/65] highlight statement syntax for multiline strings --- pages/The-Basics.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/pages/The-Basics.md b/pages/The-Basics.md index b13ceb2..bfb3a9f 100644 --- a/pages/The-Basics.md +++ b/pages/The-Basics.md @@ -290,6 +290,26 @@ EOD; // closing 'EOD' must be on it's own line, and to th * [Heredoc syntax](http://php.net/language.types.string#language.types.string.syntax.heredoc) +> It should be noted that multiline strings can also be formed by continuing them across multilines in a statement. _e.g._ + +{% highlight php %} +$str = " +Example of string +spanning multiple lines +using statement syntax. +$a are parsed. +"; + +/** + * Output: + * + * Example of string + * spanning multiple lines + * using statement syntax. + * Variables are parsed. + */ +{% endhighlight %} + ### Which is quicker? There is a myth floating around that single quote strings are fractionally quicker than double quote strings. This is From 0166b9e232bbd3fd77cb520325ac5151efbb087b Mon Sep 17 00:00:00 2001 From: ADmad Date: Thu, 5 Apr 2018 01:51:16 +0530 Subject: [PATCH 25/65] Add CakePHP's standalone packages/components --- _posts/16-07-01-Components.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/_posts/16-07-01-Components.md b/_posts/16-07-01-Components.md index c614d9b..616ea7d 100644 --- a/_posts/16-07-01-Components.md +++ b/_posts/16-07-01-Components.md @@ -20,6 +20,13 @@ another source of packages which ideally have little to no dependencies on other For example, you can use the [FuelPHP Validation package], without needing to use the FuelPHP framework itself. * [Aura] +* CakePHP Components + * [Collection] + * [Database] + * [Datasource] + * [Event] + * [I18n] + * [ORM] * [FuelPHP] * [Hoa Project] * [Orno] @@ -48,3 +55,9 @@ components best decoupled from the Laravel framework are listed above._ [Eloquent ORM]: https://github.com/illuminate/database [Queue]: https://github.com/illuminate/queue [Illuminate components]: https://github.com/illuminate +[Collection]: https://github.com/cakephp/collection +[Database]: https://github.com/cakephp/database +[Datasource]: https://github.com/cakephp/datasource +[Event]: https://github.com/cakephp/event +[I18n]: https://github.com/cakephp/i18n +[ORM]: https://github.com/cakephp/orm From 131843b5b2e3fe4f938915ed958de7305ae7e314 Mon Sep 17 00:00:00 2001 From: "Brian A. Weston" Date: Thu, 19 Apr 2018 14:19:14 -0700 Subject: [PATCH 26/65] Update Gettext introduction phrasing --- _posts/05-06-01-Internationalization-and-Localization.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 7e53a5d..9c36dec 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -31,9 +31,9 @@ don't try this if your project will contain more than a couple of pages. The most classic way and often taken as reference for i18n and l10n is a [Unix tool called `gettext`][gettext]. It dates back to 1995 and is still a complete implementation for translating software. It is pretty easy to get running, while -it still sports powerful supporting tools. It's about Gettext we will be talking here. Also, to help you not get messy -over the command-line, we will be presenting a great GUI application that can be used to easily update your l10n source -files. +it still sports powerful supporting tools. We will talk about Gettext in more detail below. If you would prefer to not +have to get your hands dirty with the command line, we will also be presenting a great GUI application that can be used +to easily update your l10n source files. ### Other tools From a1f8e83a3fd9403fec685dfa9cf871bf6c529797 Mon Sep 17 00:00:00 2001 From: Christopher Date: Fri, 1 Jun 2018 16:01:11 +0100 Subject: [PATCH 27/65] Using php 7 feature in example --- _posts/09-02-01-Errors.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/_posts/09-02-01-Errors.md b/_posts/09-02-01-Errors.md index c510a70..66befbd 100644 --- a/_posts/09-02-01-Errors.md +++ b/_posts/09-02-01-Errors.md @@ -87,7 +87,8 @@ rewritten like this: {% highlight php %} Date: Mon, 11 Jun 2018 11:43:22 +0100 Subject: [PATCH 28/65] Change Humbug for Infection --- _posts/11-04-01-Complementary-Testing-Tools.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_posts/11-04-01-Complementary-Testing-Tools.md b/_posts/11-04-01-Complementary-Testing-Tools.md index b7ed173..b797647 100644 --- a/_posts/11-04-01-Complementary-Testing-Tools.md +++ b/_posts/11-04-01-Complementary-Testing-Tools.md @@ -15,7 +15,7 @@ libraries useful for any preferred approach taken. * [Prophecy] is a highly opinionated yet very powerful and flexible PHP object mocking framework. It's integrated with [PHPSpec] and can be used with [PHPUnit]. * [php-mock] is a library to help to mock PHP native functions. -* [Humbug] is a PHP implementation of [Mutation Testing] to help to measure the effectiveness of your tests. +* [Infection] is a PHP implementation of [Mutation Testing] to help to measure the effectiveness of your tests. [Selenium]: http://seleniumhq.org/ @@ -25,5 +25,5 @@ libraries useful for any preferred approach taken. [PHPSpec]: http://www.phpspec.net/ [Prophecy]: https://github.com/phpspec/prophecy [php-mock]: https://github.com/php-mock/php-mock -[Humbug]: https://github.com/padraic/humbug +[Infection]: https://github.com/infection/infection [Mutation Testing]: https://en.wikipedia.org/wiki/Mutation_testing From d25acf38eea18bf06378f5d84262e5c7f8dde5ec Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 11:44:16 -0400 Subject: [PATCH 29/65] Add note about Paragon Initiative security guide --- Gemfile | 2 +- Gemfile.lock | 105 +++++++++++++++++++----------------- _posts/10-01-01-Security.md | 3 ++ 3 files changed, 61 insertions(+), 49 deletions(-) diff --git a/Gemfile b/Gemfile index 5bf72b3..259b873 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,3 @@ source 'https://rubygems.org' -gem 'github-pages' +gem 'github-pages', group: :jekyll_plugins gem 'rouge' diff --git a/Gemfile.lock b/Gemfile.lock index da11494..ae52d2b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,57 +2,61 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.2.9) - activesupport (5.0.0.1) + activesupport (5.2.0) concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (~> 0.7) + i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) addressable (2.4.0) blankslate (2.1.2.4) - classifier-reborn (2.0.4) + classifier-reborn (2.2.0) fast-stemmer (~> 1.0) coffee-script (2.4.1) coffee-script-source execjs - coffee-script-source (1.10.0) + coffee-script-source (1.12.2) colorator (0.1) - concurrent-ruby (1.0.2) - ethon (0.9.1) + concurrent-ruby (1.0.5) + ethon (0.11.0) ffi (>= 1.3.0) execjs (2.7.0) - faraday (0.10.0) + faraday (0.15.2) multipart-post (>= 1.2, < 3) fast-stemmer (1.0.2) - ffi (1.9.14) - ffi (1.9.14-x64-mingw32) + ffi (1.9.25) gemoji (2.1.0) - github-pages (39) + github-pages (43) RedCloth (= 4.2.9) - github-pages-health-check (~> 0.2) + github-pages-health-check (= 0.6.0) jekyll (= 2.4.0) jekyll-coffeescript (= 1.0.1) jekyll-feed (= 0.3.1) + jekyll-gist (= 1.4.0) jekyll-mentions (= 0.2.1) - jekyll-redirect-from (= 0.8.0) + jekyll-paginate (= 1.1.0) + jekyll-redirect-from (= 0.9.1) jekyll-sass-converter (= 1.3.0) - jekyll-sitemap (= 0.8.1) + jekyll-seo-tag (= 0.1.4) + jekyll-sitemap (= 0.9.0) jemoji (= 0.5.0) - kramdown (= 1.5.0) + kramdown (= 1.9.0) liquid (= 2.6.2) maruku (= 0.7.0) mercenary (~> 0.3) pygments.rb (= 0.6.3) - rdiscount (= 2.1.7) - redcarpet (= 3.3.2) + rdiscount (= 2.1.8) + redcarpet (= 3.3.3) terminal-table (~> 1.4) - github-pages-health-check (0.3.2) - net-dns (~> 0.6) + github-pages-health-check (0.6.0) + addressable (~> 2.3) + net-dns (~> 0.8) public_suffix (~> 1.4) typhoeus (~> 0.7) html-pipeline (1.9.0) activesupport (>= 2) nokogiri (~> 1.4) - i18n (0.7.0) + i18n (1.0.1) + concurrent-ruby (~> 1.0) jekyll (2.4.0) classifier-reborn (~> 2.0) colorator (~> 0.1) @@ -77,71 +81,76 @@ GEM html-pipeline (~> 1.9.0) jekyll (~> 2.0) jekyll-paginate (1.1.0) - jekyll-redirect-from (0.8.0) + jekyll-redirect-from (0.9.1) jekyll (>= 2.0) jekyll-sass-converter (1.3.0) sass (~> 3.2) - jekyll-sitemap (0.8.1) - jekyll-watch (1.5.0) - listen (~> 3.0, < 3.1) + jekyll-seo-tag (0.1.4) + jekyll (>= 2.0) + jekyll-sitemap (0.9.0) + jekyll-watch (1.5.1) + listen (~> 3.0) jemoji (0.5.0) gemoji (~> 2.0) html-pipeline (~> 1.9) jekyll (>= 2.0) - kramdown (1.5.0) + kramdown (1.9.0) liquid (2.6.2) - listen (3.0.8) + listen (3.1.5) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) + ruby_dep (~> 1.2) maruku (0.7.0) mercenary (0.3.6) - mini_portile2 (2.1.0) - minitest (5.9.1) + mini_portile2 (2.3.0) + minitest (5.11.3) multipart-post (2.0.0) net-dns (0.8.0) - nokogiri (1.6.8.1) - mini_portile2 (~> 2.1.0) - nokogiri (1.6.8.1-x64-mingw32) - mini_portile2 (~> 2.1.0) - octokit (4.6.1) + nokogiri (1.8.3) + mini_portile2 (~> 2.3.0) + octokit (4.9.0) sawyer (~> 0.8.0, >= 0.5.3) parslet (1.5.0) blankslate (~> 2.0) - posix-spawn (0.3.12) + posix-spawn (0.3.13) public_suffix (1.5.3) pygments.rb (0.6.3) posix-spawn (~> 0.3.6) yajl-ruby (~> 1.2.0) - rb-fsevent (0.9.8) - rb-inotify (0.9.7) - ffi (>= 0.5.0) - rdiscount (2.1.7) - redcarpet (3.3.2) - rouge (2.0.7) + rb-fsevent (0.10.3) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) + rdiscount (2.1.8) + redcarpet (3.3.3) + rouge (3.1.1) + ruby_dep (1.5.0) safe_yaml (1.0.4) - sass (3.4.22) + sass (3.5.6) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) sawyer (0.8.1) addressable (>= 2.3.5, < 2.6) faraday (~> 0.8, < 1.0) - terminal-table (1.7.3) - unicode-display_width (~> 1.1.1) - thread_safe (0.3.5) + terminal-table (1.8.0) + unicode-display_width (~> 1.1, >= 1.1.1) + thread_safe (0.3.6) toml (0.1.2) parslet (~> 1.5.0) typhoeus (0.8.0) ethon (>= 0.8.0) - tzinfo (1.2.2) + tzinfo (1.2.5) thread_safe (~> 0.1) - unicode-display_width (1.1.1) - yajl-ruby (1.2.1) + unicode-display_width (1.4.0) + yajl-ruby (1.2.3) PLATFORMS ruby - x64-mingw32 DEPENDENCIES github-pages rouge BUNDLED WITH - 1.13.6 + 1.16.2 diff --git a/_posts/10-01-01-Security.md b/_posts/10-01-01-Security.md index c8e3b48..cf553ad 100644 --- a/_posts/10-01-01-Security.md +++ b/_posts/10-01-01-Security.md @@ -3,3 +3,6 @@ anchor: security --- # Security {#security_title} + +The best resource I've found on PHP security is [The 2018 Guide to Building Secure PHP Software](https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software) by +[Paragon Initiative](https://paragonie.com/). From 8133128d4af2f3075c028e5e1ef05a3823c91936 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 11:47:07 -0400 Subject: [PATCH 30/65] Bump PHP version number --- _posts/01-02-01-Use-the-Current-Stable-Version.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/_posts/01-02-01-Use-the-Current-Stable-Version.md b/_posts/01-02-01-Use-the-Current-Stable-Version.md index caed092..d60b096 100644 --- a/_posts/01-02-01-Use-the-Current-Stable-Version.md +++ b/_posts/01-02-01-Use-the-Current-Stable-Version.md @@ -4,13 +4,13 @@ isChild: true anchor: use_the_current_stable_version --- -## Use the Current Stable Version (7.1) {#use_the_current_stable_version_title} +## Use the Current Stable Version (7.2) {#use_the_current_stable_version_title} -If you are getting started with PHP, start with the current stable release of [PHP 7.1][php-release]. PHP 7.1 is very +If you are getting started with PHP, start with the current stable release of [PHP 7.2][php-release]. PHP 7.2 is very new, and adds many amazing [new features](#language_highlights) over the older 5.x versions. The engine has been largely re-written, and PHP is now even quicker than older versions. -Most commonly in the near future you will find PHP 5.x being used, and the latest 5.x version is 5.6. This is not a bad option, but you should try to upgrade to the latest stable quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is really quite easy, as there are not many [backwards compatibility breaks][php71-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. +Most commonly in the near future you will find PHP 5.x being used, and the latest 5.x version is 5.6. This is not a bad option, but you should try to upgrade to the latest stable quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is really quite easy, as there are not many [backwards compatibility breaks][php72-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. [php-release]: http://php.net/downloads.php [php-docs]: http://php.net/manual/ -[php71-bc]: http://php.net/manual/migration71.incompatible.php +[php72-bc]: http://php.net/manual/migration72.incompatible.php From d94d387b56b82d74d4a93b23eec71ebe70805485 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 11:48:15 -0400 Subject: [PATCH 31/65] Bump PHP version number --- _posts/01-02-01-Use-the-Current-Stable-Version.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/01-02-01-Use-the-Current-Stable-Version.md b/_posts/01-02-01-Use-the-Current-Stable-Version.md index d60b096..a5db8d9 100644 --- a/_posts/01-02-01-Use-the-Current-Stable-Version.md +++ b/_posts/01-02-01-Use-the-Current-Stable-Version.md @@ -1,5 +1,5 @@ --- -title: Use the Current Stable Version (7.1) +title: Use the Current Stable Version (7.2) isChild: true anchor: use_the_current_stable_version --- From 7d9e4ad5ea0103a065a7294ae14aafa13a9d71eb Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 11:57:32 -0400 Subject: [PATCH 32/65] Delete CNAME --- CNAME | 1 - 1 file changed, 1 deletion(-) delete mode 100644 CNAME diff --git a/CNAME b/CNAME deleted file mode 100644 index 182118a..0000000 --- a/CNAME +++ /dev/null @@ -1 +0,0 @@ -www.phptherightway.com From bde7163132eec8808f04828548ecd72dc85149e2 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 11:57:37 -0400 Subject: [PATCH 33/65] Create CNAME --- CNAME | 1 + 1 file changed, 1 insertion(+) create mode 100644 CNAME diff --git a/CNAME b/CNAME new file mode 100644 index 0000000..bf46d9b --- /dev/null +++ b/CNAME @@ -0,0 +1 @@ +www.phptherightway.com \ No newline at end of file From afa6718501512091c48bed80c0922c10f95e4dde Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 12:56:14 -0400 Subject: [PATCH 34/65] Update macOS Homebrew notes --- ...01-02-01-Use-the-Current-Stable-Version.md | 5 ++-- _posts/01-04-01-Mac-Setup.md | 26 +++++++++---------- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/_posts/01-02-01-Use-the-Current-Stable-Version.md b/_posts/01-02-01-Use-the-Current-Stable-Version.md index a5db8d9..8d49377 100644 --- a/_posts/01-02-01-Use-the-Current-Stable-Version.md +++ b/_posts/01-02-01-Use-the-Current-Stable-Version.md @@ -6,10 +6,9 @@ anchor: use_the_current_stable_version ## Use the Current Stable Version (7.2) {#use_the_current_stable_version_title} -If you are getting started with PHP, start with the current stable release of [PHP 7.2][php-release]. PHP 7.2 is very -new, and adds many amazing [new features](#language_highlights) over the older 5.x versions. The engine has been largely re-written, and PHP is now even quicker than older versions. +If you are getting started with PHP, start with the current stable release of [PHP 7.2][php-release]. PHP 7.x adds many [new features](#language_highlights) over the older 5.x versions. The engine has been largely re-written, and PHP is now even quicker than older versions. -Most commonly in the near future you will find PHP 5.x being used, and the latest 5.x version is 5.6. This is not a bad option, but you should try to upgrade to the latest stable quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is really quite easy, as there are not many [backwards compatibility breaks][php72-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. +You should try to upgrade to the latest stable version quickly - PHP 5.6 [will not receive security updates beyond 2018](http://php.net/supported-versions.php). Upgrading is easy, as there are not many [backwards compatibility breaks][php72-bc]. If you are not sure which version a function or feature is in, you can check the PHP documentation on the [php.net][php-docs] website. [php-release]: http://php.net/downloads.php [php-docs]: http://php.net/manual/ diff --git a/_posts/01-04-01-Mac-Setup.md b/_posts/01-04-01-Mac-Setup.md index dc06ddf..2a2fb35 100644 --- a/_posts/01-04-01-Mac-Setup.md +++ b/_posts/01-04-01-Mac-Setup.md @@ -5,18 +5,17 @@ anchor: mac_setup ## Mac Setup {#mac_setup_title} -OS X comes prepackaged with PHP but it is normally a little behind the latest stable. Mavericks has 5.4.17, -Yosemite 5.5.9, El Capitan 5.5.29 and Sierra 5.6.24, but with PHP 7.1 out that is often not good enough. - -There are multiple ways to install PHP on OS X. +macOS comes prepackaged with PHP but it is normally a little behind the latest stable release. There are multiple ways to install the latest PHP version on macOS. ### Install PHP via Homebrew -[Homebrew] is a powerful package manager for OS X, which can help you install PHP and various extensions easily. -[Homebrew PHP] is a repository that contains PHP-related "formulae" for Homebrew, and will let you install PHP. +[Homebrew] is a package manager for macOS that helps you easily install PHP and various extensions. The Homebrew core repository provides "formulae" for PHP 5.6, 7.0, 7.1, and 7.2. Install the latest version with this command: -At this point, you can install `php53`, `php54`, `php55`, `php56`, `php70` or `php71` using the `brew install` command, and switch -between them by modifying your `PATH` variable. Alternatively, you can use [brew-php-switcher][brew-php-switcher] which will switch automatically for you. +``` +brew install php@7.2 +``` + +You can switch between Homebrew PHP versions by modifying your `PATH` variable. Alternatively, you can use [brew-php-switcher][brew-php-switcher] to switch PHP versions automatically. ### Install PHP via Macports @@ -60,15 +59,14 @@ The solutions listed above mainly handle PHP itself, and do not supply things li "All-in-one" solutions such as [MAMP][mamp-downloads] and [XAMPP][xampp] will install these other bits of software for you and tie them all together, but ease of setup comes with a trade-off of flexibility. - -[Homebrew]: http://brew.sh/ +[Homebrew]: https://brew.sh/ [Homebrew PHP]: https://github.com/Homebrew/homebrew-php#installation [MacPorts]: https://www.macports.org/install.php [phpbrew]: https://github.com/phpbrew/phpbrew -[php-osx.liip.ch]: http://php-osx.liip.ch/ -[mac-compile]: http://php.net/install.macosx.compile +[php-osx.liip.ch]: https://php-osx.liip.ch/ +[mac-compile]: https://secure.php.net/install.macosx.compile [xcode-gcc-substitution]: https://github.com/kennethreitz/osx-gcc-installer ["Command Line Tools for XCode"]: https://developer.apple.com/downloads -[mamp-downloads]: http://www.mamp.info/en/downloads/ -[xampp]: http://www.apachefriends.org/en/xampp.html +[mamp-downloads]: https://www.mamp.info/en/downloads/ +[xampp]: https://www.apachefriends.org/index.html [brew-php-switcher]: https://github.com/philcook/brew-php-switcher From 4fd12a474258386c10316bfe0425cfbb59dd300b Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:04:28 -0400 Subject: [PATCH 35/65] Remove deprecated PSR0 from code style section --- _posts/02-01-01-Code-Style-Guide.md | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/_posts/02-01-01-Code-Style-Guide.md b/_posts/02-01-01-Code-Style-Guide.md index 65e7bb5..2497cb7 100644 --- a/_posts/02-01-01-Code-Style-Guide.md +++ b/_posts/02-01-01-Code-Style-Guide.md @@ -10,7 +10,7 @@ PHP developers to choose several of these and combine them into a single project their projects. The [Framework Interop Group][fig] has proposed and approved a series of style recommendations. Not all of them related -to code-style, but those that do are [PSR-0][psr0], [PSR-1][psr1], [PSR-2][psr2] and [PSR-4][psr4]. These +to code-style, but those that do are [PSR-1][psr1], [PSR-2][psr2] and [PSR-4][psr4]. These recommendations are merely a set of rules that many projects like Drupal, Zend, Symfony, Laravel, CakePHP, phpBB, AWS SDK, FuelPHP, Lithium, etc are adopting. You can use them for your own projects, or continue to use your own personal style. @@ -19,7 +19,6 @@ Ideally, you should write PHP code that adheres to a known standard. This could of the coding standards made by PEAR or Zend. This means other developers can easily read and work with your code, and applications that implement the components can have consistency even when working with lots of third-party code. -* [Read about PSR-0][psr0] * [Read about PSR-1][psr1] * [Read about PSR-2][psr2] * [Read about PSR-4][psr4] @@ -57,14 +56,13 @@ English is preferred for all symbol names and code infrastructure. Comments may readable by all current and future parties who may be working on the codebase. -[fig]: http://www.php-fig.org/ -[psr0]: http://www.php-fig.org/psr/psr-0/ -[psr1]: http://www.php-fig.org/psr/psr-1/ -[psr2]: http://www.php-fig.org/psr/psr-2/ -[psr4]: http://www.php-fig.org/psr/psr-4/ -[pear-cs]: http://pear.php.net/manual/en/standards.php -[symfony-cs]: http://symfony.com/doc/current/contributing/code/standards.html -[phpcs]: http://pear.php.net/package/PHP_CodeSniffer/ +[fig]: https://www.php-fig.org/ +[psr1]: https://www.php-fig.org/psr/psr-1/ +[psr2]: https://www.php-fig.org/psr/psr-2/ +[psr4]: https://www.php-fig.org/psr/psr-4/ +[pear-cs]: https://pear.php.net/manual/en/standards.php +[symfony-cs]: https://symfony.com/doc/current/contributing/code/standards.html +[phpcs]: https://pear.php.net/package/PHP_CodeSniffer/ [phpcbf]: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Fixing-Errors-Automatically [st-cs]: https://github.com/benmatselby/sublime-phpcs -[phpcsfixer]: http://cs.sensiolabs.org/ +[phpcsfixer]: https://cs.sensiolabs.org/ From e0a9956160c86c4bfb3330e6eaba6d454f5c4fb5 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:09:34 -0400 Subject: [PATCH 36/65] Update links to HTTPS in programming paradigms section --- _posts/03-02-01-Programming-Paradigms.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/_posts/03-02-01-Programming-Paradigms.md b/_posts/03-02-01-Programming-Paradigms.md index f971f37..7484c02 100644 --- a/_posts/03-02-01-Programming-Paradigms.md +++ b/_posts/03-02-01-Programming-Paradigms.md @@ -50,14 +50,14 @@ available as `__call()` and `__callStatic()`. * [Read about Overloading][overloading] -[oop]: http://php.net/language.oop5 -[traits]: http://php.net/language.oop5.traits -[anonymous-functions]: http://php.net/functions.anonymous -[closure-class]: http://php.net/class.closure +[oop]: https://secure.php.net/language.oop5 +[traits]: https://secure.php.net/language.oop5.traits +[anonymous-functions]: https://secure.php.net/functions.anonymous +[closure-class]: https://secure.php.net/class.closure [closures-rfc]: https://wiki.php.net/rfc/closures -[callables]: http://php.net/language.types.callable -[call-user-func-array]: http://php.net/function.call-user-func-array -[magic-methods]: http://php.net/language.oop5.magic -[reflection]: http://php.net/intro.reflection -[overloading]: http://php.net/language.oop5.overloading +[callables]: https://secure.php.net/language.types.callable +[call-user-func-array]: https://secure.php.net/function.call-user-func-array +[magic-methods]: https://secure.php.net/language.oop5.magic +[reflection]: https://secure.php.net/intro.reflection +[overloading]: https://secure.php.net/language.oop5.overloading From 172a25f913c997011be6a66314ddcc74a7076fe6 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:11:36 -0400 Subject: [PATCH 37/65] Update links to HTTPS in namespaces and SPL sections --- _posts/03-03-01-Namespaces.md | 6 +++--- _posts/03-04-01-Standard-PHP-Library.md | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/_posts/03-03-01-Namespaces.md b/_posts/03-03-01-Namespaces.md index f821dad..64261fd 100644 --- a/_posts/03-03-01-Namespaces.md +++ b/_posts/03-03-01-Namespaces.md @@ -28,6 +28,6 @@ If you're going to use an autoloader standard for a new application or package, * [Read about PSR-4][psr4] -[namespaces]: http://php.net/language.namespaces -[psr0]: http://www.php-fig.org/psr/psr-0/ -[psr4]: http://www.php-fig.org/psr/psr-4/ +[namespaces]: https://secure.php.net/language.namespaces +[psr0]: https://www.php-fig.org/psr/psr-0/ +[psr4]: https://www.php-fig.org/psr/psr-4/ diff --git a/_posts/03-04-01-Standard-PHP-Library.md b/_posts/03-04-01-Standard-PHP-Library.md index 6275976..57e845b 100644 --- a/_posts/03-04-01-Standard-PHP-Library.md +++ b/_posts/03-04-01-Standard-PHP-Library.md @@ -14,5 +14,5 @@ over these datastructures or your own classes which implement SPL interfaces. * [SPL video course on Lynda.com(Paid)][spllynda] -[spl]: http://php.net/book.spl -[spllynda]: http://www.lynda.com/PHP-tutorials/Up-Running-Standard-PHP-Library/175038-2.html +[spl]: https://secure.php.net/book.spl +[spllynda]: https://www.lynda.com/PHP-tutorials/Up-Running-Standard-PHP-Library/175038-2.html From 522c7c5454dc77018016848e8a24a9a89ad6d398 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:14:57 -0400 Subject: [PATCH 38/65] Update links to use HTTPS in CLI section Remove bad link to Windows CLI setup --- _posts/03-05-01-Command-Line-Interface.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/_posts/03-05-01-Command-Line-Interface.md b/_posts/03-05-01-Command-Line-Interface.md index 825e1c3..f03345d 100644 --- a/_posts/03-05-01-Command-Line-Interface.md +++ b/_posts/03-05-01-Command-Line-Interface.md @@ -52,13 +52,10 @@ Hello, world * [Learn about running PHP from the command line][php-cli] - * [Learn about setting up Windows to run PHP from the command line][php-cli-windows] - -[phpinfo]: http://php.net/function.phpinfo -[cli-options]: http://php.net/features.commandline.options -[argc]: http://php.net/reserved.variables.argc -[argv]: http://php.net/reserved.variables.argv -[exit-codes]: http://www.gsp.com/cgi-bin/man.cgi?section=3&topic=sysexits -[php-cli]: http://php.net/features.commandline -[php-cli-windows]: http://php.net/install.windows.commandline +[phpinfo]: https://secure.php.net/function.phpinfo +[cli-options]: https://secure.php.net/features.commandline.options +[argc]: https://secure.php.net/reserved.variables.argc +[argv]: https://secure.php.net/reserved.variables.argv +[exit-codes]: https://www.gsp.com/cgi-bin/man.cgi?section=3&topic=sysexits +[php-cli]: https://secure.php.net/features.commandline.options From 9b6dbc302b8db59bc40891e63b8d85465783e406 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:19:12 -0400 Subject: [PATCH 39/65] Update Xdebug links to use https --- _posts/03-06-01-XDebug.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/_posts/03-06-01-XDebug.md b/_posts/03-06-01-XDebug.md index e5de055..ae29790 100644 --- a/_posts/03-06-01-XDebug.md +++ b/_posts/03-06-01-XDebug.md @@ -41,6 +41,6 @@ stand-alone Xdebug GUI for Mac. * [Learn more about MacGDBp][macgdbp-install] -[xdebug-install]: http://xdebug.org/docs/install -[xdebug-docs]: http://xdebug.org/docs/ -[macgdbp-install]: http://www.bluestatic.org/software/macgdbp/ +[xdebug-install]: https://xdebug.org/docs/install +[xdebug-docs]: https://xdebug.org/docs/ +[macgdbp-install]: https://www.bluestatic.org/software/macgdbp/ From ae37a768d08787fe97e03039ba08d9207be9a0d7 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:28:42 -0400 Subject: [PATCH 40/65] Update Composer install section, let links use https --- _posts/04-02-01-Composer-and-Packagist.md | 70 ++++++----------------- 1 file changed, 19 insertions(+), 51 deletions(-) diff --git a/_posts/04-02-01-Composer-and-Packagist.md b/_posts/04-02-01-Composer-and-Packagist.md index bd4d831..24c94b4 100644 --- a/_posts/04-02-01-Composer-and-Packagist.md +++ b/_posts/04-02-01-Composer-and-Packagist.md @@ -6,20 +6,20 @@ anchor: composer_and_packagist ## Composer and Packagist {#composer_and_packagist_title} -Composer is a **brilliant** dependency manager for PHP. List your project's dependencies in a `composer.json` file and, +Composer is the recommended dependency manager for PHP. List your project's dependencies in a `composer.json` file and, with a few simple commands, Composer will automatically download your project's dependencies and setup autoloading for you. Composer is analogous to NPM in the node.js world, or Bundler in the Ruby world. -There are already a lot of PHP libraries that are compatible with Composer, ready to be used in your project. These +There is a plethora of PHP libraries that are compatible with Composer and ready to be used in your project. These "packages" are listed on [Packagist], the official repository for Composer-compatible PHP libraries. ### How to Install Composer -The safest way to download composer is by [following the official instructions](https://getcomposer.org/download/). -This will verify the installer is not corrupt or tampered with. -The installer installs Composer *locally*, in your current working directory. +The safest way to download composer is by [following the official instructions](https://getcomposer.org/download/). +This will verify the installer is not corrupt or tampered with. +The installer installs a `composer.phar` binary in your _current working directory_. -We recommend installing it *globally* (e.g. a single copy in /usr/local/bin) - to do so, run this afterwards: +We recommend installing Composer *globally* (e.g. a single copy in `/usr/local/bin`). To do so, run this command next: {% highlight console %} mv composer.phar /usr/local/bin/composer @@ -35,42 +35,10 @@ For Windows users the easiest way to get up and running is to use the [ComposerS performs a global install and sets up your `$PATH` so that you can just call `composer` from any directory in your command line. -### How to Install Composer (manually) - -Manually installing Composer is an advanced technique; however, there are various reasons why a -developer might prefer this method vs. using the interactive installation routine. The interactive -installation checks your PHP installation to ensure that: - -- a sufficient version of PHP is being used -- `.phar` files can be executed correctly -- certain directory permissions are sufficient -- certain problematic extensions are not loaded -- certain `php.ini` settings are set - -Since a manual installation performs none of these checks, you have to decide whether the trade-off is -worth it for you. As such, below is how to obtain Composer manually: - -{% highlight console %} -curl -s https://getcomposer.org/composer.phar -o $HOME/local/bin/composer -chmod +x $HOME/local/bin/composer -{% endhighlight %} - -The path `$HOME/local/bin` (or a directory of your choice) should be in your `$PATH` environment -variable. This will result in a `composer` command being available. - -When you come across documentation that states to run Composer as `php composer.phar install`, you can -substitute that with: - -{% highlight console %} -composer install -{% endhighlight %} - -This section will assume you have installed composer globally. - ### How to Define and Install Dependencies Composer keeps track of your project's dependencies in a file called `composer.json`. You can manage it -by hand if you like, or use Composer itself. The `composer require` command adds a project dependency +by hand if you like, or use Composer itself. The `composer require` command adds a project dependency and if you don't have a `composer.json` file, one will be created. Here's an example that adds [Twig] as a dependency of your project. @@ -80,14 +48,14 @@ composer require twig/twig:~1.8 Alternatively, the `composer init` command will guide you through creating a full `composer.json` file for your project. Either way, once you've created your `composer.json` file you can tell Composer to -download and install your dependencies into the `vendor/` directory. This also applies to projects +download and install your dependencies into the `vendor/` directory. This also applies to projects you've downloaded that already provide a `composer.json` file: {% highlight console %} composer install {% endhighlight %} -Next, add this line to your application's primary PHP file; this will tell PHP to use Composer's +Next, add this line to your application's primary PHP file; this will tell PHP to use Composer's autoloader for your project dependencies. {% highlight php %} @@ -100,14 +68,14 @@ Now you can use your project dependencies, and they'll be autoloaded on demand. ### Updating your dependencies Composer creates a file called `composer.lock` which stores the exact version of each package it -downloaded when you first ran `composer install`. If you share your project with others, -ensure the `composer.lock` file is included, so that when they run `composer install` they'll -get the same versions as you. To update your dependencies, run `composer update`. Don't use -`composer update` when deploying, only `composer install`, otherwise you may end up with different +downloaded when you first ran `composer install`. If you share your project with others, +ensure the `composer.lock` file is included, so that when they run `composer install` they'll +get the same versions as you. To update your dependencies, run `composer update`. Don't use +`composer update` when deploying, only `composer install`, otherwise you may end up with different package versions on production. This is most useful when you define your version requirements flexibly. For instance, a version -requirement of `~1.8` means "anything newer than `1.8.0`, but less than `2.0.x-dev`". You can also use +requirement of `~1.8` means "anything newer than `1.8.0`, but less than `2.0.x-dev`". You can also use the `*` wildcard as in `1.8.*`. Now Composer's `composer update` command will upgrade all your dependencies to the newest version that fits the restrictions you define. @@ -125,7 +93,7 @@ file and tell you if you need to update any of your dependencies. ### Handling global dependencies with Composer Composer can also handle global dependencies and their binaries. Usage is straight-forward, all you need -to do is prefix your command with `global`. If for example you wanted to install PHPUnit and have it +to do is prefix your command with `global`. If for example you wanted to install PHPUnit and have it available globally, you'd run the following command: {% highlight console %} @@ -133,14 +101,14 @@ composer global require phpunit/phpunit {% endhighlight %} This will create a `~/.composer` folder where your global dependencies reside. To have the installed -packages' binaries available everywhere, you'd then add the `~/.composer/vendor/bin` folder to your +packages' binaries available everywhere, you'd then add the `~/.composer/vendor/bin` folder to your `$PATH` variable. * [Learn about Composer] -[Packagist]: http://packagist.org/ -[Twig]: http://twig.sensiolabs.org +[Packagist]: https://packagist.org/ +[Twig]: https://twig.symfony.com/ [VersionEye]: https://www.versioneye.com/ [Security Advisories Checker]: https://security.sensiolabs.org/ -[Learn about Composer]: http://getcomposer.org/doc/00-intro.md +[Learn about Composer]: https://getcomposer.org/doc/00-intro.md [ComposerSetup]: https://getcomposer.org/Composer-Setup.exe From e28e6a9171497feb1138563657a56b38a26f6101 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:30:52 -0400 Subject: [PATCH 41/65] Update examples in Composer usage section --- _posts/04-02-01-Composer-and-Packagist.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/04-02-01-Composer-and-Packagist.md b/_posts/04-02-01-Composer-and-Packagist.md index 24c94b4..4d59671 100644 --- a/_posts/04-02-01-Composer-and-Packagist.md +++ b/_posts/04-02-01-Composer-and-Packagist.md @@ -43,7 +43,7 @@ and if you don't have a `composer.json` file, one will be created. Here's an exa as a dependency of your project. {% highlight console %} -composer require twig/twig:~1.8 +composer require twig/twig:^2.0 {% endhighlight %} Alternatively, the `composer init` command will guide you through creating a full `composer.json` file From ca27935c8c82ce97e01aa6dc3159f0734d54e66b Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:34:42 -0400 Subject: [PATCH 42/65] Update PEAR links, let them use https --- _posts/04-03-01-PEAR.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/_posts/04-03-01-PEAR.md b/_posts/04-03-01-PEAR.md index 4410218..443d94a 100644 --- a/_posts/04-03-01-PEAR.md +++ b/_posts/04-03-01-PEAR.md @@ -18,10 +18,10 @@ version conflicts between two projects arise. ### How to install PEAR -You can install PEAR by downloading the `.phar` installer and executing it. The PEAR documentation has +You can install PEAR by downloading the `.phar` installer and executing it. The PEAR documentation has detailed [install instructions][2] for every operating system. -If you are using Linux, you can also have a look at your distribution package manager. Debian and Ubuntu, +If you are using Linux, you can also have a look at your distribution package manager. Debian and Ubuntu, for example, have an apt `php-pear` package. ### How to install a package @@ -47,7 +47,7 @@ handle your PEAR dependencies. This example will install code from `pear2.php.ne "repositories": [ { "type": "pear", - "url": "http://pear2.php.net" + "url": "https://pear2.php.net" } ], "require": { @@ -80,9 +80,9 @@ $request = new pear2\HTTP\Request(); * [Learn more about using PEAR with Composer][6] -[1]: http://pear.php.net/ -[2]: http://pear.php.net/manual/en/installation.getting.php -[3]: http://pear.php.net/packages.php -[4]: http://pear.php.net/manual/en/guide.users.commandline.channels.php +[1]: https://pear.php.net/ +[2]: https://pear.php.net/manual/installation.getting.php +[3]: https://pear.php.net/packages.php +[4]: https://pear.php.net/manual/guide.users.commandline.channels.php [5]: /#composer_and_packagist -[6]: http://getcomposer.org/doc/05-repositories.md#pear +[6]: https://getcomposer.org/doc/05-repositories.md#pear From 0d158d2e897a2ec907f3b120771270c18aa4927d Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:39:25 -0400 Subject: [PATCH 43/65] Update DateTime links to use https --- _posts/05-03-01-Date-and-Time.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/_posts/05-03-01-Date-and-Time.md b/_posts/05-03-01-Date-and-Time.md index 499d074..83d4373 100644 --- a/_posts/05-03-01-Date-and-Time.md +++ b/_posts/05-03-01-Date-and-Time.md @@ -61,10 +61,10 @@ foreach ($periodIterator as $date) { } {% endhighlight %} -A popular PHP API extension is [Carbon](http://carbon.nesbot.com). It inherits everything in the DateTime class, so involves minimal code alterations, but extra features include Localization support, further ways to add, subtract and format a DateTime object, plus a means to test your code by simulating a date and time of your choosing. +A popular PHP API extension is [Carbon](https://carbon.nesbot.com/). It inherits everything in the DateTime class, so involves minimal code alterations, but extra features include Localization support, further ways to add, subtract and format a DateTime object, plus a means to test your code by simulating a date and time of your choosing. * [Read about DateTime][datetime] * [Read about date formatting][dateformat] (accepted date format string options) -[datetime]: http://php.net/book.datetime -[dateformat]: http://php.net/function.date +[datetime]: https://secure.php.net/book.datetime +[dateformat]: https://secure.php.net/function.date From 5decaf9bbbfc2c95a4c1a1f6d4a21b2d5306c67d Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 13:51:05 -0400 Subject: [PATCH 44/65] Update UTF8 links to use https, remove broken links --- _posts/05-05-01-PHP-and-UTF8.md | 56 ++++++++++++++++----------------- 1 file changed, 27 insertions(+), 29 deletions(-) diff --git a/_posts/05-05-01-PHP-and-UTF8.md b/_posts/05-05-01-PHP-and-UTF8.md index b734d3b..c2d4af9 100644 --- a/_posts/05-05-01-PHP-and-UTF8.md +++ b/_posts/05-05-01-PHP-and-UTF8.md @@ -6,7 +6,7 @@ anchor: php_and_utf8 ## Working with UTF-8 {#php_and_utf8_title} -_This section was originally written by [Alex Cabal](https://alexcabal.com/) over at +_This section was originally written by [Alex Cabal](https://alexcabal.com/) over at [PHP Best Practices](https://phpbestpractices.org/#utf-8) and has been used as the basis for our own UTF-8 advice_. ### There's no one-liner. Be careful, detailed, and consistent. @@ -44,7 +44,7 @@ Finally, If you are building a distributed application and cannot be certain tha enabled, then consider using the [patchwork/utf8] Composer package. This will use `mbstring` if it is available, and fall back to non UTF-8 functions if not. -[Multibyte String Extension]: http://php.net/book.mbstring +[Multibyte String Extension]: https://secure.php.net/book.mbstring [patchwork/utf8]: https://packagist.org/packages/patchwork/utf8 ### UTF-8 at the Database level @@ -72,17 +72,17 @@ actually [much faster](https://developers.google.com/speed/docs/best-practices/r false ) ); - + // Store our transformed string as UTF-8 in our database // Your DB and tables are in the utf8mb4 character set and collation, right? $handle = $link->prepare('insert into ElvishSentences (Id, Body) values (?, ?)'); $handle->bindValue(1, 1, PDO::PARAM_INT); $handle->bindValue(2, $string); $handle->execute(); - + // Retrieve the string we just stored to prove it was stored correctly $handle = $link->prepare('select * from ElvishSentences where Id = ?'); $handle->bindValue(1, 1, PDO::PARAM_INT); $handle->execute(); - + // Store the result into an object that we'll output later in our HTML $result = $handle->fetchAll(\PDO::FETCH_OBJ); @@ -130,23 +130,21 @@ header('Content-Type: text/html; charset=UTF-8'); ### Further reading -* [PHP Manual: String Operations](http://php.net/language.operators.string) -* [PHP Manual: String Functions](http://php.net/ref.strings) - * [`strpos()`](http://php.net/function.strpos) - * [`strlen()`](http://php.net/function.strlen) - * [`substr()`](http://php.net/function.substr) -* [PHP Manual: Multibyte String Functions](http://php.net/ref.mbstring) - * [`mb_strpos()`](http://php.net/function.mb-strpos) - * [`mb_strlen()`](http://php.net/function.mb-strlen) - * [`mb_substr()`](http://php.net/function.mb-substr) - * [`mb_internal_encoding()`](http://php.net/function.mb-internal-encoding) - * [`mb_http_output()`](http://php.net/function.mb-http-output) - * [`htmlentities()`](http://php.net/function.htmlentities) - * [`htmlspecialchars()`](http://php.net/function.htmlspecialchars) -* [PHP UTF-8 Cheatsheet](http://blog.loftdigital.com/blog/php-utf-8-cheatsheet) -* [Handling UTF-8 with PHP](http://www.phpwact.org/php/i18n/utf-8) -* [Stack Overflow: What factors make PHP Unicode-incompatible?](http://stackoverflow.com/questions/571694/what-factors-make-php-unicode-incompatible) -* [Stack Overflow: Best practices in PHP and MySQL with international strings](http://stackoverflow.com/questions/140728/best-practices-in-php-and-mysql-with-international-strings) -* [How to support full Unicode in MySQL databases](http://mathiasbynens.be/notes/mysql-utf8mb4) -* [Bringing Unicode to PHP with Portable UTF-8](http://www.sitepoint.com/bringing-unicode-to-php-with-portable-utf8/) -* [Stack Overflow: DOMDocument loadHTML does not encode UTF-8 correctly](http://stackoverflow.com/questions/8218230/php-domdocument-loadhtml-not-encoding-utf-8-correctly) +* [PHP Manual: String Operations](https://secure.php.net/language.operators.string) +* [PHP Manual: String Functions](https://secure.php.net/ref.strings) + * [`strpos()`](https://secure.php.net/function.strpos) + * [`strlen()`](https://secure.php.net/function.strlen) + * [`substr()`](https://secure.php.net/function.substr) +* [PHP Manual: Multibyte String Functions](https://secure.php.net/ref.mbstring) + * [`mb_strpos()`](https://secure.php.net/function.mb-strpos) + * [`mb_strlen()`](https://secure.php.net/function.mb-strlen) + * [`mb_substr()`](https://secure.php.net/function.mb-substr) + * [`mb_internal_encoding()`](https://secure.php.net/function.mb-internal-encoding) + * [`mb_http_output()`](https://secure.php.net/function.mb-http-output) + * [`htmlentities()`](https://secure.php.net/function.htmlentities) + * [`htmlspecialchars()`](https://secure.php.net/function.htmlspecialchars) +* [Stack Overflow: What factors make PHP Unicode-incompatible?](https://stackoverflow.com/questions/571694/what-factors-make-php-unicode-incompatible) +* [Stack Overflow: Best practices in PHP and MySQL with international strings](https://stackoverflow.com/questions/140728/best-practices-in-php-and-mysql-with-international-strings) +* [How to support full Unicode in MySQL databases](https://mathiasbynens.be/notes/mysql-utf8mb4) +* [Bringing Unicode to PHP with Portable UTF-8](https://www.sitepoint.com/bringing-unicode-to-php-with-portable-utf8/) +* [Stack Overflow: DOMDocument loadHTML does not encode UTF-8 correctly](https://stackoverflow.com/questions/8218230/php-domdocument-loadhtml-not-encoding-utf-8-correctly) From 2eca59c891e0c0f293147c7bcb55c50370b87834 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:05:05 -0400 Subject: [PATCH 45/65] Update internationalization links --- ...1-Internationalization-and-Localization.md | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/_posts/05-06-01-Internationalization-and-Localization.md b/_posts/05-06-01-Internationalization-and-Localization.md index 7e53a5d..964323d 100644 --- a/_posts/05-06-01-Internationalization-and-Localization.md +++ b/_posts/05-06-01-Internationalization-and-Localization.md @@ -17,8 +17,8 @@ need some huge changes in the source! - **Localization** happens when you adapt the interface (mainly) by translating contents, based on the i18n work done before. It usually is done every time a new language or region needs support and is updated when new interface pieces are added, as they need to be available in all supported languages. -- **Pluralization** defines the rules needed between different languages to interoperate strings containing numbers and -counters. For instance, in English when you have only one item, it's singular, and anything different from that is +- **Pluralization** defines the rules needed between different languages to interoperate strings containing numbers and +counters. For instance, in English when you have only one item, it's singular, and anything different from that is called plural; plural in this language is indicated by adding an S after some words, and sometimes changes parts of it. In other languages, such as Russian or Serbian, there are two plural forms in addition to the singular - you may even find languages with a total of four, five or six forms, such as Slovenian, Irish or Arabic. @@ -38,7 +38,7 @@ files. ### Other tools There are common libraries used that support Gettext and other implementations of i18n. Some of them may seem easier to -install or sport additional features or i18n file formats. In this document, we focus on the tools provided with the +install or sport additional features or i18n file formats. In this document, we focus on the tools provided with the PHP core, but here we list others for completion: - [oscarotero/Gettext][oscarotero]: Gettext support with an OO interface; includes improved helper functions, powerful @@ -82,14 +82,14 @@ files are not mandatory: depending on the tool you're using to do l10n, you can You'll always have one pair of PO/MO files per language and region, but only one POT per domain. ### Domains -There are some cases, in big projects, where you might need to separate translations when the same words convey +There are some cases, in big projects, where you might need to separate translations when the same words convey different meaning given a context. In those cases, you split them into different _domains_. They're basically named groups of POT/PO/MO files, where the filename is the said _translation domain_. Small and medium-sized projects usually, -for simplicity, use only one domain; its name is arbitrary, but we will be using "main" for our code samples. +for simplicity, use only one domain; its name is arbitrary, but we will be using "main" for our code samples. In [Symfony] projects, for example, domains are used to separate the translation for validation messages. #### Locale code -A locale is simply a code that identifies one version of a language. It's defined following the [ISO 639-1][639-1] and +A locale is simply a code that identifies one version of a language. It's defined following the [ISO 639-1][639-1] and [ISO 3166-1 alpha-2][3166-1] specs: two lower-case letters for the language, optionally followed by an underline and two upper-case letters identifying the country or regional code. For [rare languages][rare], three letters are used. @@ -175,7 +175,7 @@ The first section works like a header, having the `msgid` and `msgstr` especiall plural forms and other things that are less relevant. The second section translates a simple string from English to Brazilian Portuguese, and the third does the same, but leveraging string replacement from [`sprintf`][sprintf] so the -translation may contain the user name and visit date. +translation may contain the user name and visit date. The last section is a sample of pluralization forms, displaying the singular and plural version as `msgid` in English and their corresponding translations as `msgstr` 0 and 1 (following the number given by the plural rule). There, string replacement is used as well so the number can be seen @@ -189,8 +189,8 @@ translated `msgstr` lines. Talking about translation keys, there are two main "schools" here: -1. _`msgid` as a real sentence_. - The main advantages are: +1. _`msgid` as a real sentence_. + The main advantages are: - if there are pieces of the software untranslated in any given language, the key displayed will still maintain some meaning. Example: if you happen to translate by heart from English to Spanish but need help to translate to French, you might publish the new page with missing French sentences, and parts of the website would be displayed in English @@ -201,7 +201,7 @@ Talking about translation keys, there are two main "schools" here: - The only disadvantage: if you need to change the actual text, you would need to replace the same `msgid` across several language files. -2. _`msgid` as a unique, structured key_. +2. _`msgid` as a unique, structured key_. It would describe the sentence role in the application in a structured way, including the template or part where the string is located instead of its content. - it's a great way to have the code organized, separating the text content from the template logic. @@ -338,7 +338,7 @@ As you may have noticed before, there are two main types of localized strings: s forms. The first ones have simply two boxes: source and localized string. The source string can't be modified as Gettext/Poedit do not include the powers to alter your source files - you should change the source itself and rescan the files. Tip: you may right-click a translation line and it will hint you with the source files and lines where that -string is being used. +string is being used. On the other hand, plural form strings include two boxes to show the two source strings, and tabs so you can configure the different final forms. @@ -386,7 +386,7 @@ After including those new rules in the `.po` file, a new scan will bring in your * [Wikipedia: i18n and l10n](https://en.wikipedia.org/wiki/Internationalization_and_localization) * [Wikipedia: Gettext](https://en.wikipedia.org/wiki/Gettext) * [LingoHub: PHP internationalization with gettext tutorial][lingohub] -* [PHP Manual: Gettext](http://php.net/manual/en/book.gettext.php) +* [PHP Manual: Gettext](https://secure.php.net/manual/book.gettext.php) * [Gettext Manual][manual] [Poedit]: https://poedit.net @@ -395,22 +395,22 @@ After including those new rules in the `.po` file, a new scan will bring in your [lingohub_plurals]: https://lingohub.com/blog/2013/07/php-internationalization-with-gettext-tutorial/#Plurals [plural]: http://docs.translatehouse.org/projects/localization-guide/en/latest/l10n/pluralforms.html [gettext]: https://en.wikipedia.org/wiki/Gettext -[manual]: http://www.gnu.org/software/gettext/manual/gettext.html +[manual]: https://www.gnu.org/software/gettext/manual/gettext.html [639-1]: https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes -[3166-1]: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -[rare]: http://www.gnu.org/software/gettext/manual/gettext.html#Rare-Language-Codes +[3166-1]: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 +[rare]: https://www.gnu.org/software/gettext/manual/gettext.html#Rare-Language-Codes [func_format]: https://www.gnu.org/software/gettext/manual/gettext.html#Language-specific-options [oscarotero]: https://github.com/oscarotero/Gettext [symfony]: https://symfony.com/doc/current/components/translation.html [zend]: https://docs.zendframework.com/zend-i18n/translation [laravel]: https://laravel.com/docs/master/localization -[yii]: http://www.yiiframework.com/doc-2.0/guide-tutorial-i18n.html -[intl]: http://br2.php.net/manual/en/intro.intl.php +[yii]: https://www.yiiframework.com/doc/guide/2.0/en/tutorial-i18n +[intl]: https://secure.php.net/manual/intro.intl.php [ICU project]: http://www.icu-project.org [symfony-keys]: https://symfony.com/doc/current/components/translation/usage.html#creating-translations -[sprintf]: http://php.net/manual/en/function.sprintf.php -[func]: http://php.net/manual/en/function.gettext.php -[n_func]: http://php.net/manual/en/function.ngettext.php -[d_func]: http://php.net/manual/en/function.dgettext.php -[dn_func]: http://php.net/manual/en/function.dngettext.php +[sprintf]: https://secure.php.net/manual/function.sprintf.php +[func]: https://secure.php.net/manual/function.gettext.php +[n_func]: https://secure.php.net/manual/function.ngettext.php +[d_func]: https://secure.php.net/manual/function.dgettext.php +[dn_func]: https://secure.php.net/manual/function.dngettext.php From 402f3f4030f733c7352f85ffb01b2368d844f532 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:09:17 -0400 Subject: [PATCH 46/65] Update DI links --- _posts/06-01-01-Dependency-Injection.md | 4 ++-- _posts/06-05-01-Further-Reading.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/_posts/06-01-01-Dependency-Injection.md b/_posts/06-01-01-Dependency-Injection.md index de77179..0db3cb7 100644 --- a/_posts/06-01-01-Dependency-Injection.md +++ b/_posts/06-01-01-Dependency-Injection.md @@ -5,9 +5,9 @@ anchor: dependency_injection # Dependency Injection {#dependency_injection_title} -From [Wikipedia](http://en.wikipedia.org/wiki/Dependency_injection): +From [Wikipedia](https://wikipedia.org/wiki/Dependency_injection): -> Dependency injection is a software design pattern that allows the removal of hard-coded dependencies and makes it +> Dependency injection is a software design pattern that allows the removal of hard-coded dependencies and makes it > possible to change them, whether at run-time or compile-time. This quote makes the concept sound much more complicated than it actually is. Dependency Injection is providing a diff --git a/_posts/06-05-01-Further-Reading.md b/_posts/06-05-01-Further-Reading.md index f9553b4..8545a80 100644 --- a/_posts/06-05-01-Further-Reading.md +++ b/_posts/06-05-01-Further-Reading.md @@ -8,5 +8,5 @@ anchor: further_reading * [Learning about Dependency Injection and PHP](http://ralphschindler.com/2011/05/18/learning-about-dependency-injection-and-php) * [What is Dependency Injection?](http://fabien.potencier.org/article/11/what-is-dependency-injection) * [Dependency Injection: An analogy](https://mwop.net/blog/260-Dependency-Injection-An-analogy.html) -* [Dependency Injection: Huh?](http://net.tutsplus.com/tutorials/php/dependency-injection-huh/) +* [Dependency Injection: Huh?](https://code.tutsplus.com/tutorials/dependency-injection-huh--net-26903) * [Dependency Injection as a tool for testing](https://medium.com/philipobenito/dependency-injection-as-a-tool-for-testing-902c21c147f1) From b3eed1117d0caa1bf45d198d47f53292c9f26a0d Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:12:15 -0400 Subject: [PATCH 47/65] Use external resource for Design Pattern examples --- _posts/05-04-01-Design-Patterns.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/_posts/05-04-01-Design-Patterns.md b/_posts/05-04-01-Design-Patterns.md index 4131503..fb86e33 100644 --- a/_posts/05-04-01-Design-Patterns.md +++ b/_posts/05-04-01-Design-Patterns.md @@ -14,4 +14,6 @@ lot of the pattern decisions are made for you. But it is still up to you to pick code you build on top of the framework. If, on the other hand, you are not using a framework to build your application then you have to find the patterns that best suit the type and size of application that you're building. -* Continue reading on [Design Patterns](/pages/Design-Patterns.html) +You can learn more about PHP design patterns and see working examples at: + + From 18e98ecab5de1aa01dd70fa53bd636a6034b088c Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:22:37 -0400 Subject: [PATCH 48/65] Update Database links to use https --- _posts/07-01-01-Databases.md | 6 +++--- _posts/07-02-01-Databases_MySQL.md | 12 ++++++------ _posts/07-03-01-Databases_PDO.md | 6 +++--- _posts/07-04-01-Interacting-via-Code.md | 8 ++++---- _posts/07-05-01-Abstraction-Layers.md | 8 ++++---- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/_posts/07-01-01-Databases.md b/_posts/07-01-01-Databases.md index 362e11f..1c63d48 100644 --- a/_posts/07-01-01-Databases.md +++ b/_posts/07-01-01-Databases.md @@ -14,6 +14,6 @@ MySQL and a little bit of MSSQL, or you need to connect to an Oracle database, t same drivers. You'll need to learn a brand new API for each database — and that can get silly. -[mysqli]: http://php.net/mysqli -[pgsql]: http://php.net/pgsql -[mssql]: http://php.net/mssql +[mysqli]: https://secure.php.net/mysqli +[pgsql]: https://secure.php.net/pgsql +[mssql]: https://secure.php.net/mssql diff --git a/_posts/07-02-01-Databases_MySQL.md b/_posts/07-02-01-Databases_MySQL.md index 476ffc9..4bdac6a 100644 --- a/_posts/07-02-01-Databases_MySQL.md +++ b/_posts/07-02-01-Databases_MySQL.md @@ -27,10 +27,10 @@ your applications within your own development schedules so you won't be rushed l * [PHP: Choosing an API for MySQL][mysql_api] * [PDO Tutorial for MySQL Developers][pdo4mysql_devs] -[mysql]: http://php.net/mysql -[mysql_deprecated]: http://php.net/migration55.deprecated -[mysql_removed]: http://php.net/manual/en/migration70.removed-exts-sapis.php -[mysqli]: http://php.net/mysqli -[pdo]: http://php.net/pdo -[mysql_api]: http://php.net/mysqlinfo.api.choosing +[mysql]: https://secure.php.net/mysqli +[mysql_deprecated]: https://secure.php.net/migration55.deprecated +[mysql_removed]: https://secure.php.net/manual/migration70.removed-exts-sapis.php +[mysqli]: https://secure.php.net/mysqli +[pdo]: https://secure.php.net/pdo +[mysql_api]: https://secure.php.net/mysqlinfo.api.choosing [pdo4mysql_devs]: http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers diff --git a/_posts/07-03-01-Databases_PDO.md b/_posts/07-03-01-Databases_PDO.md index da20237..5c819f0 100644 --- a/_posts/07-03-01-Databases_PDO.md +++ b/_posts/07-03-01-Databases_PDO.md @@ -71,7 +71,7 @@ unless of course you are using persistent connections. * [Learn about PDO connections] -[pdo]: http://php.net/pdo +[pdo]: https://secure.php.net/pdo [SQL Injection]: http://wiki.hashphp.org/Validation -[Learn about PDO]: http://php.net/book.pdo -[Learn about PDO connections]: http://php.net/pdo.connections +[Learn about PDO]: https://secure.php.net/book.pdo +[Learn about PDO connections]: https://secure.php.net/pdo.connections diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index 5cae4f0..a5e3b77 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -48,7 +48,7 @@ logic in and you have a "View", which is very nearly [MVC] - a common OOP archit {% highlight php %} Date: Tue, 19 Jun 2018 14:31:09 -0400 Subject: [PATCH 49/65] Update Templating links to use https --- _posts/08-04-01-Compiled-Templates.md | 6 +++--- _posts/08-05-01-Further-Reading.md | 18 +++++++++--------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/_posts/08-04-01-Compiled-Templates.md b/_posts/08-04-01-Compiled-Templates.md index 5abba92..41553ba 100644 --- a/_posts/08-04-01-Compiled-Templates.md +++ b/_posts/08-04-01-Compiled-Templates.md @@ -68,7 +68,7 @@ Using the [Twig] library. [article_templating_engines]: http://fabien.potencier.org/article/34/templating-engines-in-php -[Twig]: http://twig.sensiolabs.org/ +[Twig]: https://twig.symfony.com/ [Brainy]: https://github.com/box/brainy -[Smarty]: http://www.smarty.net/ -[Mustache]: http://mustache.github.io/ +[Smarty]: https://www.smarty.net/ +[Mustache]: https://mustache.github.io/ diff --git a/_posts/08-05-01-Further-Reading.md b/_posts/08-05-01-Further-Reading.md index fe80534..7054080 100644 --- a/_posts/08-05-01-Further-Reading.md +++ b/_posts/08-05-01-Further-Reading.md @@ -8,23 +8,23 @@ anchor: templating_further_reading ### Articles & Tutorials * [Templating Engines in PHP](http://fabien.potencier.org/article/34/templating-engines-in-php) -* [An Introduction to Views & Templating in CodeIgniter](http://code.tutsplus.com/tutorials/an-introduction-to-views-templating-in-codeigniter--net-25648) -* [Getting Started With PHP Templating](http://www.smashingmagazine.com/2011/10/17/getting-started-with-php-templating/) -* [Roll Your Own Templating System in PHP](http://code.tutsplus.com/tutorials/roll-your-own-templating-system-in-php--net-16596) +* [An Introduction to Views & Templating in CodeIgniter](https://code.tutsplus.com/tutorials/an-introduction-to-views-templating-in-codeigniter--net-25648) +* [Getting Started With PHP Templating](https://www.smashingmagazine.com/2011/10/getting-started-with-php-templating/) +* [Roll Your Own Templating System in PHP](https://code.tutsplus.com/tutorials/roll-your-own-templating-system-in-php--net-16596) * [Master Pages](https://laracasts.com/series/laravel-from-scratch/episodes/7) -* [Working With Templates in Symfony 2](http://code.tutsplus.com/tutorials/working-with-templates-in-symfony-2--cms-21172) +* [Working With Templates in Symfony 2](https://code.tutsplus.com/tutorials/working-with-templates-in-symfony-2--cms-21172) * [Writing Safer Templates](https://github.com/box/brainy/wiki/Writing-Safe-Templates) ### Libraries * [Aura.View](https://github.com/auraphp/Aura.View) *(native)* -* [Blade](http://laravel.com/docs/blade) *(compiled, framework specific)* +* [Blade](https://laravel.com/docs/blade) *(compiled, framework specific)* * [Brainy](https://github.com/box/brainy) *(compiled)* * [Dwoo](http://dwoo.org/) *(compiled)* * [Latte](https://github.com/nette/latte) *(compiled)* * [Mustache](https://github.com/bobthecow/mustache.php) *(compiled)* -* [PHPTAL](http://phptal.org/) *(compiled)* +* [PHPTAL](https://phptal.org/) *(compiled)* * [Plates](http://platesphp.com/) *(native)* -* [Smarty](http://www.smarty.net/) *(compiled)* -* [Twig](http://twig.sensiolabs.org/) *(compiled)* -* [Zend\View](http://framework.zend.com/manual/2.3/en/modules/zend.view.quick-start.html) *(native, framework specific)* +* [Smarty](https://www.smarty.net/) *(compiled)* +* [Twig](https://twig.symfony.com/) *(compiled)* +* [Zend\View](https://framework.zend.com/manual/2.3/en/modules/zend.view.quick-start.html) *(native, framework specific)* From f8278e53572d1b23d4d92e2b54ac67e896bfb14d Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:36:52 -0400 Subject: [PATCH 50/65] Update links in Errors section to use https --- _posts/09-02-01-Errors.md | 26 +++++++++++++------------- _posts/09-03-01-Exceptions.md | 6 +++--- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/_posts/09-02-01-Errors.md b/_posts/09-02-01-Errors.md index c510a70..dd38fd9 100644 --- a/_posts/09-02-01-Errors.md +++ b/_posts/09-02-01-Errors.md @@ -1,5 +1,5 @@ ---- -isChild: true +--- +isChild: true anchor: errors --- @@ -104,7 +104,7 @@ with the following. xdebug.scream = On {% endhighlight %} -You can also set this value at runtime with the `ini_set` function +You can also set this value at runtime with the `ini_set` function {% highlight php %} Date: Tue, 19 Jun 2018 14:44:20 -0400 Subject: [PATCH 51/65] Update Security links with https --- _posts/10-02-01-Web-Application-Security.md | 2 +- _posts/10-03-01-Password-Hashing.md | 16 ++++++++-------- _posts/10-04-01-Data-Filtering.md | 14 +++++++------- _posts/10-06-01-Register-Globals.md | 2 +- _posts/10-07-01-Error-Reporting.md | 10 +++++----- 5 files changed, 22 insertions(+), 22 deletions(-) diff --git a/_posts/10-02-01-Web-Application-Security.md b/_posts/10-02-01-Web-Application-Security.md index 662b3c7..ee9c7fb 100644 --- a/_posts/10-02-01-Web-Application-Security.md +++ b/_posts/10-02-01-Web-Application-Security.md @@ -15,4 +15,4 @@ methods to protect yourself against them. This is a must read for the security-c [1]: https://www.owasp.org/ [2]: https://www.owasp.org/index.php/Guide_Table_of_Contents -[3]: http://phpsecurity.readthedocs.org/en/latest/index.html +[3]: https://phpsecurity.readthedocs.io/en/latest/index.html diff --git a/_posts/10-03-01-Password-Hashing.md b/_posts/10-03-01-Password-Hashing.md index 6893f9c..5b12ba7 100644 --- a/_posts/10-03-01-Password-Hashing.md +++ b/_posts/10-03-01-Password-Hashing.md @@ -12,13 +12,13 @@ It is important that you properly [_hash_][3] passwords before storing them. Pas one-way function performed against the user's password. This produces a fixed-length string that cannot be feasibly reversed. This means you can compare a hash against another to determine if they both came from the same source string, but you cannot determine the original string. If passwords are not hashed and your database is accessed by an -unauthorized third-party, all user accounts are now compromised. +unauthorized third-party, all user accounts are now compromised. Passwords should also be individually [_salted_][5] by adding a random string to each password before hashing. This prevents dictionary attacks and the use of "rainbow tables" (a reverse list of crytographic hashes for common passwords.) -Hashing and salting are vital as often users use the same password for multiple services and password quality can be poor. +Hashing and salting are vital as often users use the same password for multiple services and password quality can be poor. -Fortunately, nowadays PHP makes this easy. +Fortunately, nowadays PHP makes this easy. **Hashing passwords with `password_hash`** @@ -40,9 +40,9 @@ if (password_verify('bad-password', $passwordHash)) { } else { // Wrong password } -{% endhighlight %} +{% endhighlight %} -`password_hash()` takes care of password salting for you. The salt is stored, along with the algorithm and "cost", as part of the hash. `password_verify()` extracts this to determine how to check the password, so you don't need a separate database field to store your salts. +`password_hash()` takes care of password salting for you. The salt is stored, along with the algorithm and "cost", as part of the hash. `password_verify()` extracts this to determine how to check the password, so you don't need a separate database field to store your salts. * [Learn about `password_hash()`] [1] * [`password_compat` for PHP >= 5.3.7 && < 5.5] [2] @@ -51,8 +51,8 @@ if (password_verify('bad-password', $passwordHash)) { * [PHP `password_hash()` RFC] [4] -[1]: http://php.net/function.password-hash +[1]: https://secure.php.net/function.password-hash [2]: https://github.com/ircmaxell/password_compat -[3]: http://en.wikipedia.org/wiki/Cryptographic_hash_function +[3]: https://wikipedia.org/wiki/Cryptographic_hash_function [4]: https://wiki.php.net/rfc/password_hash -[5]: https://en.wikipedia.org/wiki/Salt_(cryptography) +[5]: https://wikipedia.org/wiki/Salt_(cryptography) diff --git a/_posts/10-04-01-Data-Filtering.md b/_posts/10-04-01-Data-Filtering.md index a1b3e17..3a5ba75 100644 --- a/_posts/10-04-01-Data-Filtering.md +++ b/_posts/10-04-01-Data-Filtering.md @@ -62,11 +62,11 @@ phone number, or age when processing a registration submission. [See Validation Filters][3] -[1]: http://php.net/book.filter -[2]: http://php.net/filter.filters.sanitize -[3]: http://php.net/filter.filters.validate -[4]: http://php.net/function.filter-var -[5]: http://php.net/function.filter-input -[6]: http://php.net/security.filesystem.nullbytes +[1]: https://secure.php.net/book.filter +[2]: https://secure.php.net/filter.filters.sanitize +[3]: https://secure.php.net/filter.filters.validate +[4]: https://secure.php.net/function.filter-var +[5]: https://secure.php.net/function.filter-input +[6]: https://secure.php.net/security.filesystem.nullbytes [html-purifier]: http://htmlpurifier.org/ -[unserialize]: https://secure.php.net/manual/en/function.unserialize.php +[unserialize]: https://secure.php.net/manual/function.unserialize.php diff --git a/_posts/10-06-01-Register-Globals.md b/_posts/10-06-01-Register-Globals.md index 79127d1..3b4183d 100644 --- a/_posts/10-06-01-Register-Globals.md +++ b/_posts/10-06-01-Register-Globals.md @@ -15,4 +15,4 @@ issues as your application cannot effectively tell where the data is coming from For example: `$_GET['foo']` would be available via `$foo`, which can override variables that have not been declared. If you are using PHP < 5.4.0 __make sure__ that `register_globals` is __off__. -* [Register_globals in the PHP manual](http://php.net/security.globals) +* [Register_globals in the PHP manual](https://secure.php.net/security.globals) diff --git a/_posts/10-07-01-Error-Reporting.md b/_posts/10-07-01-Error-Reporting.md index 809f018..77cf18f 100644 --- a/_posts/10-07-01-Error-Reporting.md +++ b/_posts/10-07-01-Error-Reporting.md @@ -23,7 +23,7 @@ log_errors = On > Passing in the value `-1` will show every possible error, even when new levels and constants are added in future PHP > versions. The `E_ALL` constant also behaves this way as of PHP 5.4. - -> [php.net](http://php.net/function.error-reporting) +> [php.net](https://secure.php.net/function.error-reporting) The `E_STRICT` error level constant was introduced in 5.3.0 and is not part of `E_ALL`, however it became part of `E_ALL` in 5.4.0. What does this mean? In terms of reporting every possible error in version 5.3 it means you must @@ -49,7 +49,7 @@ log_errors = On With these settings in production, errors will still be logged to the error logs for the web server, but will not be shown to the user. For more information on these settings, see the PHP manual: -* [error_reporting](http://php.net/errorfunc.configuration#ini.error-reporting) -* [display_errors](http://php.net/errorfunc.configuration#ini.display-errors) -* [display_startup_errors](http://php.net/errorfunc.configuration#ini.display-startup-errors) -* [log_errors](http://php.net/errorfunc.configuration#ini.log-errors) +* [error_reporting](https://secure.php.net/errorfunc.configuration#ini.error-reporting) +* [display_errors](https://secure.php.net/errorfunc.configuration#ini.display-errors) +* [display_startup_errors](https://secure.php.net/errorfunc.configuration#ini.display-startup-errors) +* [log_errors](https://secure.php.net/errorfunc.configuration#ini.log-errors) From 00416c4b114312d637ae53b691c71db67a85ddf5 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 14:49:42 -0400 Subject: [PATCH 52/65] Update Testing links with https --- _posts/11-02-01-Test-Driven-Development.md | 16 ++++++++-------- _posts/11-03-01-Behavior-Driven-Development.md | 8 ++++---- _posts/11-04-01-Complementary-Testing-Tools.md | 6 +++--- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/_posts/11-02-01-Test-Driven-Development.md b/_posts/11-02-01-Test-Driven-Development.md index 9c319dd..745f7f1 100644 --- a/_posts/11-02-01-Test-Driven-Development.md +++ b/_posts/11-02-01-Test-Driven-Development.md @@ -5,7 +5,7 @@ anchor: test_driven_development ## Test Driven Development {#test_driven_development_title} -From [Wikipedia](http://en.wikipedia.org/wiki/Test-driven_development): +From [Wikipedia](https://wikipedia.org/wiki/Test-driven_development): > Test-driven development (TDD) is a software development process that relies on the repetition of a very short > development cycle: first the developer writes a failing automated test case that defines a desired improvement or new @@ -32,17 +32,17 @@ The other use for unit tests is contributing to open source. If you can write a (i.e. fails), then fix it, and show the test passing, patches are much more likely to be accepted. If you run a project which accepts pull requests then you should suggest this as a requirement. -[PHPUnit](http://phpunit.de) is the de-facto testing framework for writing unit tests for PHP applications, but there +[PHPUnit](https://phpunit.de/) is the de-facto testing framework for writing unit tests for PHP applications, but there are several alternatives * [atoum](https://github.com/atoum/atoum) * [Kahlan](https://github.com/crysalead/kahlan) -* [Peridot](http://peridot-php.github.io/) +* [Peridot](https://peridot-php.github.io/) * [SimpleTest](http://simpletest.org) ### Integration Testing -From [Wikipedia](http://en.wikipedia.org/wiki/Integration_testing): +From [Wikipedia](https://wikipedia.org/wiki/Integration_testing): > Integration testing (sometimes called Integration and Testing, abbreviated "I&T") is the phase in software testing in > which individual software modules are combined and tested as a group. It occurs after unit testing and before @@ -62,7 +62,7 @@ users of the application. #### Functional Testing Tools -* [Selenium](http://seleniumhq.com) -* [Mink](http://mink.behat.org) -* [Codeception](http://codeception.com) is a full-stack testing framework that includes acceptance testing tools -* [Storyplayer](http://datasift.github.io/storyplayer) is a full-stack testing framework that includes support for creating and destroying test environments on demand +* [Selenium](https://docs.seleniumhq.org/) +* [Mink](http://mink.behat.org/) +* [Codeception](https://codeception.com/) is a full-stack testing framework that includes acceptance testing tools +* [Storyplayer](https://datasift.github.io/storyplayer/) is a full-stack testing framework that includes support for creating and destroying test environments on demand diff --git a/_posts/11-03-01-Behavior-Driven-Development.md b/_posts/11-03-01-Behavior-Driven-Development.md index 4585162..e952200 100644 --- a/_posts/11-03-01-Behavior-Driven-Development.md +++ b/_posts/11-03-01-Behavior-Driven-Development.md @@ -25,7 +25,7 @@ purpose. This framework is inspired by the [RSpec project][Rspec] for Ruby. [Behat]: http://behat.org/ -[Cucumber]: http://cukes.info/ -[PHPSpec]: http://www.phpspec.net/ -[RSpec]: http://rspec.info/ -[Codeception]: http://codeception.com/ +[Cucumber]: https://cucumber.io/ +[PHPSpec]: https://www.phpspec.net/ +[RSpec]: https://rspec.info/ +[Codeception]: https://codeception.com/ diff --git a/_posts/11-04-01-Complementary-Testing-Tools.md b/_posts/11-04-01-Complementary-Testing-Tools.md index e0af3a4..0f199ef 100644 --- a/_posts/11-04-01-Complementary-Testing-Tools.md +++ b/_posts/11-04-01-Complementary-Testing-Tools.md @@ -16,9 +16,9 @@ libraries useful for any preferred approach taken. [PHPSpec] and can be used with [PHPUnit]. -[Selenium]: http://seleniumhq.org/ +[Selenium]: https://www.seleniumhq.org/ [integrated with PHPUnit]: https://github.com/giorgiosironi/phpunit-selenium/ [Mockery]: https://github.com/padraic/mockery -[PHPUnit]: http://phpunit.de/ -[PHPSpec]: http://www.phpspec.net/ +[PHPUnit]: https://phpunit.de/ +[PHPSpec]: https://www.phpspec.net/ [Prophecy]: https://github.com/phpspec/prophecy From d6ebe39dff521cadbe1212485ea7f862648743c7 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:09:01 -0400 Subject: [PATCH 53/65] Update Servers links with https, remove broken links --- .../12-03-01-Virtual-or-Dedicated-Servers.md | 20 ++++++------ _posts/12-05-01-Building-your-Application.md | 31 +++++++++---------- 2 files changed, 24 insertions(+), 27 deletions(-) diff --git a/_posts/12-03-01-Virtual-or-Dedicated-Servers.md b/_posts/12-03-01-Virtual-or-Dedicated-Servers.md index 73e47e2..18ac985 100644 --- a/_posts/12-03-01-Virtual-or-Dedicated-Servers.md +++ b/_posts/12-03-01-Virtual-or-Dedicated-Servers.md @@ -21,7 +21,7 @@ especially important on virtual servers that don't have much memory to spare. ### Apache and PHP -PHP and Apache have a long history together. Apache is wildly configurable and has many available +PHP and Apache have a long history together. Apache is wildly configurable and has many available [modules][apache-modules] to extend functionality. It is a popular choice for shared servers and an easy setup for PHP frameworks and open source apps like WordPress. Unfortunately, Apache uses more resources than nginx by default and cannot handle as many visitors at the same time. @@ -45,16 +45,16 @@ If you are running Apache 2.4 or later, you can use [mod_proxy_fcgi] to get grea * [Read more on setting up Apache and PHP-FPM with mod_proxy_fcgi][tutorial-mod_proxy_fcgi] -[nginx]: http://nginx.org/ -[phpfpm]: http://php.net/install.fpm +[nginx]: https://nginx.org/ +[phpfpm]: https://secure.php.net/install.fpm [secure-nginx-phpfpm]: https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ -[apache-modules]: http://httpd.apache.org/docs/2.4/mod/ -[prefork MPM]: http://httpd.apache.org/docs/2.4/mod/prefork.html -[worker MPM]: http://httpd.apache.org/docs/2.4/mod/worker.html -[event MPM]: http://httpd.apache.org/docs/2.4/mod/event.html -[apache]: http://httpd.apache.org/ -[apache-MPM]: http://httpd.apache.org/docs/2.4/mod/mpm_common.html +[apache-modules]: https://httpd.apache.org/docs/2.4/mod/ +[prefork MPM]: https://httpd.apache.org/docs/2.4/mod/prefork.html +[worker MPM]: https://httpd.apache.org/docs/2.4/mod/worker.html +[event MPM]: https://httpd.apache.org/docs/2.4/mod/event.html +[apache]: https://httpd.apache.org/ +[apache-MPM]: https://httpd.apache.org/docs/2.4/mod/mpm_common.html [mod_fastcgi]: https://blogs.oracle.com/opal/entry/php_fpm_fastcgi_process_manager -[mod_fcgid]: http://httpd.apache.org/mod_fcgid/ +[mod_fcgid]: hhttps://httpd.apache.org/mod_fcgid/ [mod_proxy_fcgi]: https://httpd.apache.org/docs/current/mod/mod_proxy_fcgi.html [tutorial-mod_proxy_fcgi]: https://serversforhackers.com/video/apache-and-php-fpm diff --git a/_posts/12-05-01-Building-your-Application.md b/_posts/12-05-01-Building-your-Application.md index b25e6fe..6b03906 100644 --- a/_posts/12-05-01-Building-your-Application.md +++ b/_posts/12-05-01-Building-your-Application.md @@ -28,7 +28,7 @@ There are many open source tools available to help you with build automation and [Phing] can control your packaging, deployment or testing process from within a XML build file. Phing (which is based on [Apache Ant]) provides a rich set of tasks usually needed to install or update a web application and can be extended with additional custom tasks, written in PHP. It's a solid and robust tool and has been around for a long time, however the tool could be perceived as a bit old fashioned because of the way it deals with configuration (XML files). -[Capistrano] is a system for *intermediate-to-advanced programmers* to execute commands in a structured, repeatable way on one or more remote machines. It is pre-configured for deploying Ruby on Rails applications, however you can successfully deploy PHP systems with it. Successful use of Capistrano depends on a working knowledge of Ruby and Rake. Dave Gardner's blog post [PHP Deployment with Capistrano][phpdeploy_capistrano] is a good starting point for PHP developers interested in Capistrano. +[Capistrano] is a system for *intermediate-to-advanced programmers* to execute commands in a structured, repeatable way on one or more remote machines. It is pre-configured for deploying Ruby on Rails applications, however you can successfully deploy PHP systems with it. Successful use of Capistrano depends on a working knowledge of Ruby and Rake. [Rocketeer] gets its inspiration and philosophy from the Laravel framework. Its goal is to be fast, elegant and easy to use with smart defaults. It features multiple servers, multiple stages, atomic deploys and deployment can be performed in parallel. Everything in the tool can be hot swapped or extended, and everything is written in PHP. @@ -39,7 +39,6 @@ There are many open source tools available to help you with build automation and #### Further reading: * [Automate your project with Apache Ant][apache_ant_tutorial] -* [Expert PHP Deployments][expert_php_deployments] - free book on deployment with Capistrano, Phing and Vagrant. * [Deploying PHP Applications][deploying_php_applications] - paid book on best practices and tools for PHP deployment. ### Server Provisioning @@ -48,7 +47,7 @@ Managing and configuring servers can be a daunting task when faced with many ser [Ansible] is a tool that manages your infrastructure through YAML files. It's simple to get started with and can manage complex and large scale applications. There is an API for managing cloud instances and it can manage them through a dynamic inventory using certain tools. -[Puppet] is a tool that has its own language and file types for managing servers and configurations. It can be used in a master/client setup or it can be used in a "master-less" mode. In the master/client mode the clients will poll the central master(s) for new configuration on set intervals and update itself if necessary. In the master-less mode you can push changes to your nodes. +[Puppet] is a tool that has its own language and file types for managing servers and configurations. It can be used in a master/client setup or it can be used in a "master-less" mode. In the master/client mode the clients will poll the central master(s) for new configuration on set intervals and update itself if necessary. In the master-less mode you can push changes to your nodes. [Chef] is a powerful Ruby based system integration framework that you can build your whole server environment or virtual boxes with. It integrates well with Amazon Web Services through their service called OpsWorks. @@ -82,26 +81,24 @@ PHP. * [Continuous Integration with Teamcity][Teamcity] -[buildautomation]: http://en.wikipedia.org/wiki/Build_automation -[Phing]: http://www.phing.info/ -[Apache Ant]: http://ant.apache.org/ -[Capistrano]: https://github.com/capistrano/capistrano/wiki -[phpdeploy_capistrano]: http://www.davegardner.me.uk/blog/2012/02/13/php-deployment-with-capistrano/ -[phpdeploy_deployer]: http://www.sitepoint.com/deploying-php-applications-with-deployer/ +[buildautomation]: https://wikipedia.org/wiki/Build_automation +[Phing]: https://www.phing.info/ +[Apache Ant]: https://ant.apache.org/ +[Capistrano]: http://capistranorb.com/ +[phpdeploy_deployer]: https://www.sitepoint.com/deploying-php-applications-with-deployer/ [Chef]: https://www.chef.io/ [chef_vagrant_and_ec2]: http://www.jasongrimes.org/2012/06/managing-lamp-environments-with-chef-vagrant-and-ec2-1-of-3/ [Chef_cookbook]: https://github.com/chef-cookbooks/php [Chef_tutorial]: https://www.youtube.com/playlist?list=PL11cZfNdwNyPnZA9D1MbVqldGuOWqbumZ -[apache_ant_tutorial]: http://net.tutsplus.com/tutorials/other/automate-your-projects-with-apache-ant/ +[apache_ant_tutorial]: https://code.tutsplus.com/tutorials/automate-your-projects-with-apache-ant--net-18595 [Travis CI]: https://travis-ci.org/ -[Jenkins]: http://jenkins-ci.org/ -[PHPCI]: http://www.phptesting.org/ -[Teamcity]: http://www.jetbrains.com/teamcity/ -[Deployer]: http://deployer.org/ +[Jenkins]: https://jenkins.io/ +[PHPCI]: https://www.phptesting.org/ +[Teamcity]: https://www.jetbrains.com/teamcity/ +[Deployer]: https://deployer.org/ [Rocketeer]: http://rocketeer.autopergamene.eu/ -[Magallanes]: http://magephp.com/ -[expert_php_deployments]: http://viccherubini.com/assets/Expert-PHP-Deployments.pdf -[deploying_php_applications]: http://www.deployingphpapplications.com +[Magallanes]: https://www.magephp.com/ +[deploying_php_applications]: https://deployingphpapplications.com/ [Ansible]: https://www.ansible.com/ [Puppet]: https://puppet.com/ [ansible_for_devops]: https://leanpub.com/ansible-for-devops From 9059a5fd29058163214ef01a108b5eef3d17db37 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:13:12 -0400 Subject: [PATCH 54/65] Update Vagrant and Docker links to use https --- _posts/13-02-01-Vagrant.md | 6 +++--- _posts/13-03-01-Docker.md | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/_posts/13-02-01-Vagrant.md b/_posts/13-02-01-Vagrant.md index 5d69ecd..a37c2c9 100644 --- a/_posts/13-02-01-Vagrant.md +++ b/_posts/13-02-01-Vagrant.md @@ -28,10 +28,10 @@ document controls everything that is installed on the virtual machine. - [Phansible][Phansible]: provides an easy to use interface that helps you generate Ansible Playbooks for PHP based projects. -[Vagrant]: http://vagrantup.com/ -[Puppet]: http://www.puppetlabs.com/ +[Vagrant]: https://www.vagrantup.com/ +[Puppet]: https://puppet.com/ [Chef]: https://www.chef.io/ [Rove]: http://rove.io/ [Puphpet]: https://puphpet.com/ -[Protobox]: http://getprotobox.com/ +[Protobox]: https://www.getprotobox.com/ [Phansible]: http://phansible.com/ diff --git a/_posts/13-03-01-Docker.md b/_posts/13-03-01-Docker.md index 7292556..baf5881 100644 --- a/_posts/13-03-01-Docker.md +++ b/_posts/13-03-01-Docker.md @@ -11,7 +11,7 @@ A typical LAMP application might have three containers: a web server, a PHP-FPM You can generate containers from the command line (see example below) or, for ease of maintenance, build a `docker-compose.yml` file for your project specifying which to create and how they communicate with one another. -Docker may help if you're developing multiple websites and want the separation that comes from installing each on it's own virtual machine, but don't have the necessary disk space or the time to keep everything up to date. It's efficient: the installation and downloads are quicker, you only need to store one copy of each image however often it's used, containers need less RAM and share the same OS kernel, so you can have more servers running simultaneously, and it takes a matter of seconds to stop and start them, no need to wait for a full server boot. +Docker may help if you're developing multiple websites and want the separation that comes from installing each on it's own virtual machine, but don't have the necessary disk space or the time to keep everything up to date. It's efficient: the installation and downloads are quicker, you only need to store one copy of each image however often it's used, containers need less RAM and share the same OS kernel, so you can have more servers running simultaneously, and it takes a matter of seconds to stop and start them, no need to wait for a full server boot. ### Example: Running your PHP Applications in Docker @@ -36,9 +36,9 @@ The [PHPDocker.io] site will auto-generate all the files you need for a fully-fe * [Docker Hub][docker-hub] * [Docker Hub - official images][docker-hub-official] -[Docker]: http://docker.com/ +[Docker]: https://www.docker.com/ [docker-hub]: https://hub.docker.com/ [docker-hub-official]: https://hub.docker.com/explore/ -[docker-install]: https://docs.docker.com/installation/ -[docker-doc]: https://docs.docker.com/userguide/ +[docker-install]: https://docs.docker.com/install/ +[docker-doc]: https://docs.docker.com/ [PHPDocker.io]: https://phpdocker.io/generator From 00cd8cf7f192df4bb3768498a6c7c3c8aa655d3e Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:16:24 -0400 Subject: [PATCH 55/65] Update caching links to use https --- _posts/14-02-01-Opcode-Cache.md | 14 +++++++------- _posts/14-03-01-Object-Caching.md | 10 +++++----- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/_posts/14-02-01-Opcode-Cache.md b/_posts/14-02-01-Opcode-Cache.md index 0eb1d60..4b428f0 100644 --- a/_posts/14-02-01-Opcode-Cache.md +++ b/_posts/14-02-01-Opcode-Cache.md @@ -5,11 +5,11 @@ anchor: opcode_cache ## Opcode Cache {#opcode_cache_title} -When a PHP file is executed, it must first be compiled into [opcodes](http://php.net/manual/en/internals2.opcodes.php) (machine language instructions for the CPU). If the source code is unchanged, the opcodes will be the same, so this compilation step becomes a waste of CPU resources. +When a PHP file is executed, it must first be compiled into [opcodes](https://secure.php.net/manual/internals2.opcodes.php) (machine language instructions for the CPU). If the source code is unchanged, the opcodes will be the same, so this compilation step becomes a waste of CPU resources. An opcode cache prevents redundant compilation by storing opcodes in memory and reusing them on successive calls. It will typically check signature or modification time of the file first, in case there have been any changes. -It's likely an opcode cache will make a significant speed improvement to your application. Since PHP 5.5 there is one built in - [Zend OPcache][opcache-book]. Depending on your PHP package/distribution, it's usually turned on by default - check [opcache.enable](http://php.net/manual/en/opcache.configuration.php#ini.opcache.enable) and the output of `phpinfo()` to make sure. For earlier versions there's a PECL extension. +It's likely an opcode cache will make a significant speed improvement to your application. Since PHP 5.5 there is one built in - [Zend OPcache][opcache-book]. Depending on your PHP package/distribution, it's usually turned on by default - check [opcache.enable](https://secure.php.net/manual/opcache.configuration.php#ini.opcache.enable) and the output of `phpinfo()` to make sure. For earlier versions there's a PECL extension. Read more about opcode caches: @@ -21,9 +21,9 @@ Read more about opcode caches: * [list of PHP accelerators on Wikipedia][PHP_accelerators] -[opcache-book]: http://php.net/book.opcache -[APC]: http://php.net/book.apc -[XCache]: http://xcache.lighttpd.net/ +[opcache-book]: https://secure.php.net/book.opcache +[APC]: https://secure.php.net/book.apc +[XCache]: https://xcache.lighttpd.net/ [Zend Optimizer+]: https://github.com/zendtech/ZendOptimizerPlus -[WinCache]: http://www.iis.net/download/wincacheforphp -[PHP_accelerators]: http://en.wikipedia.org/wiki/List_of_PHP_accelerators +[WinCache]: https://www.iis.net/downloads/microsoft/wincache-extension +[PHP_accelerators]: https://wikipedia.org/wiki/List_of_PHP_accelerators diff --git a/_posts/14-03-01-Object-Caching.md b/_posts/14-03-01-Object-Caching.md index 7dc9a77..0763d7d 100644 --- a/_posts/14-03-01-Object-Caching.md +++ b/_posts/14-03-01-Object-Caching.md @@ -48,8 +48,8 @@ object cache to PHP 5.5+, since PHP now has a built-in bytecode cache (OPcache). ### Learn more about popular object caching systems: * [APCu](https://github.com/krakjoe/apcu) -* [APC Functions](http://php.net/ref.apc) -* [Memcached](http://memcached.org/) -* [Redis](http://redis.io/) -* [XCache APIs](http://xcache.lighttpd.net/wiki/XcacheApi) -* [WinCache Functions](http://php.net/ref.wincache) +* [APC Functions](https://secure.php.net/ref.apc) +* [Memcached](https://memcached.org/) +* [Redis](https://redis.io/) +* [XCache APIs](https://xcache.lighttpd.net/wiki/XcacheApi) +* [WinCache Functions](https://secure.php.net/ref.wincache) From ef9985bd3f45b08db20bf94d607c9eca28897296 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:19:54 -0400 Subject: [PATCH 56/65] Update code documentation links to use https --- _posts/15-02-01-PHPDoc.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/_posts/15-02-01-PHPDoc.md b/_posts/15-02-01-PHPDoc.md index 37dedd3..cd46749 100644 --- a/_posts/15-02-01-PHPDoc.md +++ b/_posts/15-02-01-PHPDoc.md @@ -70,10 +70,10 @@ difference between the second and third methods' doc block is the inclusion/excl `@return void` explicitly informs us that there is no return; historically omitting the `@return void` statement also results in the same (no return) action. -[tags]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/index.html -[PHPDoc manual]: http://www.phpdoc.org/docs/latest/index.html -[@author]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/author.html -[@link]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/link.html -[@param]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/param.html -[@return]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/return.html -[@throws]: http://www.phpdoc.org/docs/latest/references/phpdoc/tags/throws.html +[tags]: https://docs.phpdoc.org/references/phpdoc/tags/index.html +[PHPDoc manual]: https://docs.phpdoc.org/index.html +[@author]: https://docs.phpdoc.org/references/phpdoc/tags/author.html +[@link]: https://docs.phpdoc.org/references/phpdoc/tags/link.html +[@param]: https://docs.phpdoc.org/references/phpdoc/tags/param.html +[@return]: https://docs.phpdoc.org/references/phpdoc/tags/return.html +[@throws]: https://docs.phpdoc.org/references/phpdoc/tags/throws.html From a25b89660f6194b2aaa993ce228d0103a2b1433d Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:44:18 -0400 Subject: [PATCH 57/65] Update links in Resources section to use https, remove bad links --- _posts/16-02-01-From-the-Source.md | 4 ++-- _posts/16-03-01-People-to-Follow.md | 11 +++-------- _posts/16-04-01-Mentoring.md | 2 +- _posts/16-05-01-PHP-PaaS-Providers.md | 20 ++++++++++---------- _posts/16-06-01-Frameworks.md | 6 ++---- _posts/16-07-01-Components.md | 7 +++---- _posts/16-08-01-Sites.md | 13 +++++++------ _posts/16-09-01-Videos.md | 8 ++++---- _posts/16-10-01-Books.md | 2 -- _posts/17-01-01-Community.md | 6 +++--- _posts/17-02-01-User-Groups.md | 9 ++++----- _posts/17-03-01-Conferences.md | 2 +- _posts/17-04-01-Elephpants.md | 4 ++-- 13 files changed, 42 insertions(+), 52 deletions(-) diff --git a/_posts/16-02-01-From-the-Source.md b/_posts/16-02-01-From-the-Source.md index 0a8d785..43474c4 100644 --- a/_posts/16-02-01-From-the-Source.md +++ b/_posts/16-02-01-From-the-Source.md @@ -6,5 +6,5 @@ anchor: from_the_source ## From the Source {#from_the_source_title} -* [PHP Website](http://php.net/) -* [PHP Documentation](http://php.net/docs.php) +* [PHP Website](https://secure.php.net/) +* [PHP Documentation](https://secure.php.net/docs.php) diff --git a/_posts/16-03-01-People-to-Follow.md b/_posts/16-03-01-People-to-Follow.md index 2ddf768..b96c6bf 100644 --- a/_posts/16-03-01-People-to-Follow.md +++ b/_posts/16-03-01-People-to-Follow.md @@ -8,12 +8,7 @@ anchor: people_to_follow It's difficult to find interesting and knowledgeable PHP community members when you are first starting out. You can -find a comprehensive list of PHP community members and their -Twitter handles at: +find an abbreviated list of PHP community members to get you started at: -* [New Relic: 25 PHP Developers to Follow Online][php-developers-to-follow] -* [OGProgrammer: How to get connected with the PHP community][og-twitter-list] - - -[php-developers-to-follow]: https://blog.newrelic.com/2014/05/02/25-php-developers-follow-online/ -[og-twitter-list]: https://www.ogprogrammer.com/2017/06/28/how-to-get-connected-with-the-php-community/ +* +* diff --git a/_posts/16-04-01-Mentoring.md b/_posts/16-04-01-Mentoring.md index 788553c..09172e6 100644 --- a/_posts/16-04-01-Mentoring.md +++ b/_posts/16-04-01-Mentoring.md @@ -5,4 +5,4 @@ anchor: mentoring ## Mentoring {#mentoring_title} -* [php-mentoring.org](http://php-mentoring.org/) - Formal, peer to peer mentoring in the PHP community. +* [php-mentoring.org](https://php-mentoring.org/) - Formal, peer to peer mentoring in the PHP community. diff --git a/_posts/16-05-01-PHP-PaaS-Providers.md b/_posts/16-05-01-PHP-PaaS-Providers.md index 58d28f3..5d934d4 100644 --- a/_posts/16-05-01-PHP-PaaS-Providers.md +++ b/_posts/16-05-01-PHP-PaaS-Providers.md @@ -6,19 +6,19 @@ anchor: php_paas_providers ## PHP PaaS Providers {#php_paas_providers_title} -* [PagodaBox](https://pagodabox.io/) * [AppFog](https://www.ctl.io/appfog/) -* [Heroku](https://devcenter.heroku.com/categories/php) -* [fortrabbit](https://www.fortrabbit.com/) -* [Engine Yard Cloud](https://www.engineyard.com/features) -* [Red Hat OpenShift Platform](https://www.openshift.com/) * [AWS Elastic Beanstalk](https://aws.amazon.com/elasticbeanstalk/) -* [Windows Azure](http://www.windowsazure.com/) +* [Cloudways](https://www.cloudways.com/) +* [Engine Yard Cloud](https://www.engineyard.com/features) +* [fortrabbit](https://www.fortrabbit.com/) * [Google App Engine](https://cloud.google.com/appengine/docs/php/) -* [Jelastic](http://jelastic.com/) +* [Heroku](https://devcenter.heroku.com/categories/php-support) +* [IBM Cloud](https://console.bluemix.net/docs/runtimes/php/getting-started.html#getting_started) +* [Jelastic](https://jelastic.com/) +* [Microsoft Azure](https://azure.microsoft.com/) +* [Nanobox](https://nanobox.io/) +* [Pivotal Web Services](https://run.pivotal.io/) * [Platform.sh](https://platform.sh/) -* [Cloudways](https://www.cloudways.com/en/) -* [IBM Bluemix Cloud Foundry](https://console.ng.bluemix.net/) -* [Pivotal Web Service Cloud Foundry](https://run.pivotal.io/) +* [Red Hat OpenShift](https://www.openshift.com/) To see which versions these PaaS hosts are running, head over to [PHP Versions](http://phpversions.info/paas-hosting/). diff --git a/_posts/16-06-01-Frameworks.md b/_posts/16-06-01-Frameworks.md index 63c27b2..b003a8c 100644 --- a/_posts/16-06-01-Frameworks.md +++ b/_posts/16-06-01-Frameworks.md @@ -19,10 +19,8 @@ Micro-frameworks are essentially a wrapper to route a HTTP request to a callback possible, and sometimes come with a few extra libraries to assist development such as basic database wrappers and the like. They are prominently used to build remote HTTP services. -Many frameworks add a considerable number of features on top of what is available in a micro-framework and these are -known Full-Stack Frameworks. These often come bundled with ORMs, Authentication packages, etc. +Many frameworks add a considerable number of features on top of what is available in a micro-framework; these are +called Full-Stack Frameworks. These often come bundled with ORMs, Authentication packages, etc. Component-based frameworks are collections of specialized and single-purpose libraries. Disparate component-based frameworks can be used together to make a micro- or full-stack framework. - -* [Popular PHP Frameworks](https://github.com/codeguy/php-the-right-way/wiki/Frameworks) \ No newline at end of file diff --git a/_posts/16-07-01-Components.md b/_posts/16-07-01-Components.md index c614d9b..3d9c700 100644 --- a/_posts/16-07-01-Components.md +++ b/_posts/16-07-01-Components.md @@ -38,12 +38,11 @@ components best decoupled from the Laravel framework are listed above._ [PEAR]: /#pear [Dependency Management]: /#dependency_management [FuelPHP Validation package]: https://github.com/fuelphp/validation -[Aura]: http://auraphp.com/framework/2.x/en/ +[Aura]: http://auraphp.com/framework/ [FuelPHP]: https://github.com/fuelphp [Hoa Project]: https://github.com/hoaproject -[Orno]: https://github.com/orno -[Symfony Components]: http://symfony.com/doc/current/components/index.html -[The League of Extraordinary Packages]: http://thephpleague.com/ +[Symfony Components]: https://symfony.com/doc/current/components/index.html +[The League of Extraordinary Packages]: https://thephpleague.com/ [IoC Container]: https://github.com/illuminate/container [Eloquent ORM]: https://github.com/illuminate/database [Queue]: https://github.com/illuminate/queue diff --git a/_posts/16-08-01-Sites.md b/_posts/16-08-01-Sites.md index b6e8403..3953aae 100644 --- a/_posts/16-08-01-Sites.md +++ b/_posts/16-08-01-Sites.md @@ -19,16 +19,17 @@ PHP versions * [Why You Should Be Using Supported PHP Versions](https://kinsta.com/blog/php-versions/) ### News around the PHP and web development communities + You can subscribe to weekly newsletters to keep yourself informed on new libraries, latest news, events and general announcements, as well as additional resources being published every now and then: * [PHP Weekly](http://www.phpweekly.com) -* [JavaScript Weekly](http://javascriptweekly.com) -* [HTML5 Weekly](http://html5weekly.com) -* [Mobile Web Weekly](http://mobilewebweekly.co) -* There are also Weeklies on other platforms you might be interested in; here's -[a list of some](https://github.com/jondot/awesome-weekly). +* [JavaScript Weekly](https://javascriptweekly.com/) +* [Frontend Focus](https://frontendfoc.us/) +* [Mobile Web Weekly](https://mobiledevweekly.com/) + +There are also Weeklies on other platforms you might be interested in; here's [a list of some](https://github.com/jondot/awesome-weekly). ### PHP universe -* [PHP Developer blog](http://blog.phpdeveloper.org/) +* [PHP Developer blog](https://blog.phpdeveloper.org/) diff --git a/_posts/16-09-01-Videos.md b/_posts/16-09-01-Videos.md index 7cdbd6f..a9d74c9 100644 --- a/_posts/16-09-01-Videos.md +++ b/_posts/16-09-01-Videos.md @@ -14,8 +14,8 @@ title: Video Tutorials ### Paid Videos -* [Standards and Best practices](http://teamtreehouse.com/library/standards-and-best-practices) -* [PHP Training on Pluralsight](http://www.pluralsight.com/search/?searchTerm=php) -* [PHP Training on Lynda.com](http://www.lynda.com/search?q=php) -* [PHP Training on Tutsplus](http://code.tutsplus.com/categories/php/courses) +* [Standards and Best practices](https://teamtreehouse.com/library/php-standards-and-best-practices) +* [PHP Training on Pluralsight](https://www.pluralsight.com/search?q=php) +* [PHP Training on Lynda.com](https://www.lynda.com/search?q=php) +* [PHP Training on Tutsplus](https://code.tutsplus.com/categories/php/courses) * [Laracasts](https://laracasts.com/) diff --git a/_posts/16-10-01-Books.md b/_posts/16-10-01-Books.md index 1620f2d..d798f4c 100644 --- a/_posts/16-10-01-Books.md +++ b/_posts/16-10-01-Books.md @@ -31,7 +31,5 @@ security terms and provides some examples of them in every day PHP * [Scaling PHP](http://www.scalingphpbook.com/) - Stop playing sysadmin and get back to coding * [Signaling PHP](https://leanpub.com/signalingphp) - PCNLT signals are a great help when writing PHP scripts that run from the command line. -* [The Grumpy Programmer's Guide To Building Testable PHP Applications](https://leanpub.com/grumpy-testing) - Learning -to write testable code doesn't have to suck. * [Minimum Viable Tests](https://leanpub.com/minimumviabletests) - Long-time PHP testing evangelist Chris Hartjes goes over what he feels is the minimum you need to know to get started. * [Domain-Driven Design in PHP](https://leanpub.com/ddd-in-php) - See real examples written in PHP showcasing Domain-Driven Design Architectural Styles (Hexagonal Architecture, CQRS or Event Sourcing), Tactical Design Patterns, and Bounded Context Integration. diff --git a/_posts/17-01-01-Community.md b/_posts/17-01-01-Community.md index 82be581..6731a72 100644 --- a/_posts/17-01-01-Community.md +++ b/_posts/17-01-01-Community.md @@ -14,8 +14,8 @@ friends! Other community resources include the Google+ PHP [Programmer community [Read the Official PHP Events Calendar][php-calendar] -[php-irc]: http://webchat.freenode.net/?channels=phpc +[php-irc]: https://webchat.freenode.net/?channels=phpc [phpc-twitter]: https://twitter.com/phpc [php-programmers-gplus]: https://plus.google.com/u/0/communities/104245651975268426012 -[php-so]: http://stackoverflow.com/questions/tagged/php -[php-calendar]: http://php.net/cal.php +[php-so]: https://stackoverflow.com/questions/tagged/php +[php-calendar]: https://secure.php.net/cal.php diff --git a/_posts/17-02-01-User-Groups.md b/_posts/17-02-01-User-Groups.md index 7fcd668..d60d259 100644 --- a/_posts/17-02-01-User-Groups.md +++ b/_posts/17-02-01-User-Groups.md @@ -6,9 +6,9 @@ anchor: user_groups ## PHP User Groups {#user_groups_title} If you live in a larger city, odds are there's a PHP user group nearby. You can easily find your local PUG at -the [usergroup-list at php.net][php-uglist] which is based upon [PHP.ug][php-ug]. Alternate sources might be -[Meetup.com][meetup] or a search for ```php user group near me``` using your favorite search engine -(i.e. [Google][google]). If you live in a smaller town, there may not be a local PUG; if that's the case, start one! +[PHP.ug][php-ug]. Alternate sources might be [Meetup.com][meetup] or a search for ```php user group near me``` +using your favorite search engine (i.e. [Google][google]). If you live in a smaller town, there may not be a +local PUG; if that's the case, start one! Special mention should be made of two global user groups: [NomadPHP] and [PHPWomen]. [NomadPHP] offers twice monthly online user group meetings with presentations by some of the top speakers in the PHP community. @@ -20,8 +20,7 @@ generally promote the creating of a "female friendly" and professional atmospher [google]: https://www.google.com/search?q=php+user+group+near+me [meetup]: http://www.meetup.com/find/ -[php-ug]: http://php.ug/ +[php-ug]: https://php.ug/ [NomadPHP]: https://nomadphp.com/ [PHPWomen]: http://phpwomen.org/ [php-wiki]: https://wiki.php.net/usergroups -[php-uglist]: http://php.net/ug.php diff --git a/_posts/17-03-01-Conferences.md b/_posts/17-03-01-Conferences.md index 902f1ca..f2ef2af 100644 --- a/_posts/17-03-01-Conferences.md +++ b/_posts/17-03-01-Conferences.md @@ -12,4 +12,4 @@ industry leaders. [Find a PHP Conference][php-conf] -[php-conf]: http://php.net/conferences/index.php +[php-conf]: https://secure.php.net/conferences/index.php diff --git a/_posts/17-04-01-Elephpants.md b/_posts/17-04-01-Elephpants.md index c388833..ed2f0d1 100644 --- a/_posts/17-04-01-Elephpants.md +++ b/_posts/17-04-01-Elephpants.md @@ -10,6 +10,6 @@ anchor: elephpants [Interview with Vincent Pontier][vincent-pontier-interview] -[elephpant]: http://php.net/elephpant.php -[vincent-pontier-interview]: http://7php.com/elephpant/ +[elephpant]: https://secure.php.net/elephpant.php +[vincent-pontier-interview]: https://7php.com/elephpant/ [vincent-pontier]: http://www.elroubio.net/ From 97ce8a3a1ff6927bbad97eaf8beaef2827bbd988 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Tue, 19 Jun 2018 15:45:31 -0400 Subject: [PATCH 58/65] Remove Orno, its repo is empty --- _posts/16-07-01-Components.md | 1 - 1 file changed, 1 deletion(-) diff --git a/_posts/16-07-01-Components.md b/_posts/16-07-01-Components.md index 3d9c700..3312fcc 100644 --- a/_posts/16-07-01-Components.md +++ b/_posts/16-07-01-Components.md @@ -22,7 +22,6 @@ For example, you can use the [FuelPHP Validation package], without needing to us * [Aura] * [FuelPHP] * [Hoa Project] -* [Orno] * [Symfony Components] * [The League of Extraordinary Packages] * Laravel's Illuminate Components From 8f4c727bee7912b1cc0fac1c8fb44e301907b598 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Wed, 20 Jun 2018 07:55:12 -0400 Subject: [PATCH 59/65] Remove banner image text --- _includes/welcome.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/_includes/welcome.md b/_includes/welcome.md index ed56190..d08b66b 100644 --- a/_includes/welcome.md +++ b/_includes/welcome.md @@ -51,13 +51,5 @@ The most recent version of _PHP: The Right Way_ is also available in PDF, EPUB a Help make this website the best resource for new PHP programmers! [Contribute on GitHub][2] -## Spread the Word! - -_PHP: The Right Way_ has web banner images you can use on your website. Show your support, and let new PHP developers -know where to find good information! - -[See Banner Images][3] - [1]: https://leanpub.com/phptherightway [2]: https://github.com/codeguy/php-the-right-way/tree/gh-pages -[3]: /banners.html From 6fd96280f05f6d76df0c56876097786ec7ba1121 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Wed, 20 Jun 2018 08:01:34 -0400 Subject: [PATCH 60/65] Update template wrapper links, remove GA tracking --- _layouts/default.html | 26 ++++++++------------------ _layouts/page.html | 26 ++++++++------------------ 2 files changed, 16 insertions(+), 36 deletions(-) diff --git a/_layouts/default.html b/_layouts/default.html index eace5e4..76fa1db 100644 --- a/_layouts/default.html +++ b/_layouts/default.html @@ -5,12 +5,12 @@ {% if page.title %}{{ page.title }} - {% endif %}PHP: The Right Way - + - + @@ -25,7 +25,7 @@

    PHP The Right Way

    Last Updated: {{ site.time }}
    @@ -72,27 +72,17 @@ - diff --git a/_layouts/page.html b/_layouts/page.html index 97f3162..a20d46c 100644 --- a/_layouts/page.html +++ b/_layouts/page.html @@ -5,12 +5,12 @@ {% if page.title %}{{ page.title }} - {% endif %}PHP: The Right Way - + - + @@ -25,7 +25,7 @@

    PHP The Right Way

    Last Updated: {{ site.time }}
    @@ -37,27 +37,17 @@ - From 7ff86c5eb9166c522d0ee25749d2cf9f98dc4aa1 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Wed, 20 Jun 2018 08:14:03 -0400 Subject: [PATCH 61/65] Add link to Clean Code PHP in Code Style sectionm --- _posts/02-01-01-Code-Style-Guide.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/_posts/02-01-01-Code-Style-Guide.md b/_posts/02-01-01-Code-Style-Guide.md index 2497cb7..f2c672c 100644 --- a/_posts/02-01-01-Code-Style-Guide.md +++ b/_posts/02-01-01-Code-Style-Guide.md @@ -55,6 +55,7 @@ It will show which kind of errors the code structure had before it fixed them. English is preferred for all symbol names and code infrastructure. Comments may be written in any language easily readable by all current and future parties who may be working on the codebase. +Finally, a good supplementary resource for writing clean PHP code is [Clean Code PHP][cleancode]. [fig]: https://www.php-fig.org/ [psr1]: https://www.php-fig.org/psr/psr-1/ @@ -66,3 +67,4 @@ readable by all current and future parties who may be working on the codebase. [phpcbf]: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Fixing-Errors-Automatically [st-cs]: https://github.com/benmatselby/sublime-phpcs [phpcsfixer]: https://cs.sensiolabs.org/ +[cleancode]: https://github.com/jupeter/clean-code-php From c9e5c2659e820d92d654b257fb8fe6c33ad7fc54 Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Wed, 20 Jun 2018 08:33:44 -0400 Subject: [PATCH 62/65] Remove outdated Google Pagespeed link in UTF8 section --- _posts/05-05-01-PHP-and-UTF8.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/_posts/05-05-01-PHP-and-UTF8.md b/_posts/05-05-01-PHP-and-UTF8.md index c2d4af9..00fdc05 100644 --- a/_posts/05-05-01-PHP-and-UTF8.md +++ b/_posts/05-05-01-PHP-and-UTF8.md @@ -63,10 +63,14 @@ Further Reading for why. Use the `mb_http_output()` function to ensure that your PHP script outputs UTF-8 strings to your browser. -The browser will then need to be told by the HTTP response that this page should be considered as UTF-8. The historic -approach to doing that was to include the [charset `` tag](http://htmlpurifier.org/docs/enduser-utf8.html) in -your page's `` tag. This approach is perfectly valid, but setting the charset in the `Content-Type` header is -actually [much faster](https://developers.google.com/speed/docs/best-practices/rendering#SpecifyCharsetEarly). +The browser will then need to be told by the HTTP response that this page should be considered as UTF-8. Today, it is common to set the character set in the HTTP response header like this: + +{% highlight php %} +` tag](http://htmlpurifier.org/docs/enduser-utf8.html) in your page's `` tag. {% highlight php %} Date: Wed, 20 Jun 2018 08:41:39 -0400 Subject: [PATCH 63/65] Optimize database interaction code example --- _posts/07-04-01-Interacting-via-Code.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index a5e3b77..25fe068 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -33,7 +33,8 @@ function getAllFoos($db) { return $db->query('SELECT * FROM table'); } -foreach (getAllFoos($db) as $row) { +$results = getAllFoos($db); +foreach ($resultss as $row) { echo "
  • ".$row['field1']." - ".$row['field1']."
    • "; // BAD!! } {% endhighlight %} From b4e964f178a3e1d97a79f33deac8616473c4cb89 Mon Sep 17 00:00:00 2001 From: Paragon Initiative Enterprises Date: Wed, 20 Jun 2018 10:27:53 -0400 Subject: [PATCH 64/65] Supersedes #725 --- _posts/10-02-01-Web-Application-Security.md | 25 +++++++++++++++++++ _posts/10-03-01-Password-Hashing.md | 27 +++++++++++++++++---- 2 files changed, 47 insertions(+), 5 deletions(-) diff --git a/_posts/10-02-01-Web-Application-Security.md b/_posts/10-02-01-Web-Application-Security.md index ee9c7fb..bbb4b90 100644 --- a/_posts/10-02-01-Web-Application-Security.md +++ b/_posts/10-02-01-Web-Application-Security.md @@ -5,6 +5,25 @@ anchor: web_application_security ## Web Application Security {#web_application_security_title} +It is very important for every PHP developer to learn [the basics of web application security][4], which can be broken +down into a handful of broad topics: + +1. Code-data separation. + * When data is executed as code, you get SQL Injection, Cross-Site Scripting, Local/Remote File Inclusion, etc. + * When code is printed as data, you get information leaks (source code disclosure or, in the case of C programs, + enough information to bypass [ASLR][5]). +2. Application logic. + * Missing authentication or authorization controls. + * Input validation. +3. Operating environment. + * PHP versions. + * Third party libraries. + * The operating system. +4. Cryptography weaknesses. + * [Weak random numbers][6]. + * [Chosen-ciphertext attacks][7]. + * [Side-channel information leaks][8]. + There are bad people ready and willing to exploit your web application. It is important that you take necessary precautions to harden your web application's security. Luckily, the fine folks at [The Open Web Application Security Project][1] (OWASP) have compiled a comprehensive list of known security issues and @@ -16,3 +35,9 @@ methods to protect yourself against them. This is a must read for the security-c [1]: https://www.owasp.org/ [2]: https://www.owasp.org/index.php/Guide_Table_of_Contents [3]: https://phpsecurity.readthedocs.io/en/latest/index.html +[4]: https://paragonie.com/blog/2015/08/gentle-introduction-application-security +[5]: http://searchsecurity.techtarget.com/definition/address-space-layout-randomization-ASLR +[6]: https://paragonie.com/blog/2016/01/on-design-and-implementation-stealth-backdoor-for-web-applications +[7]: https://paragonie.com/blog/2015/05/using-encryption-and-authentication-correctly +[8]: http://blog.ircmaxell.com/2014/11/its-all-about-time.html + diff --git a/_posts/10-03-01-Password-Hashing.md b/_posts/10-03-01-Password-Hashing.md index 5b12ba7..dc4448d 100644 --- a/_posts/10-03-01-Password-Hashing.md +++ b/_posts/10-03-01-Password-Hashing.md @@ -8,16 +8,30 @@ anchor: password_hashing Eventually everyone builds a PHP application that relies on user login. Usernames and passwords are stored in a database and later used to authenticate users upon login. -It is important that you properly [_hash_][3] passwords before storing them. Password hashing is an irreversible, -one-way function performed against the user's password. This produces a fixed-length string that cannot be feasibly -reversed. This means you can compare a hash against another to determine if they both came from the same source string, -but you cannot determine the original string. If passwords are not hashed and your database is accessed by an -unauthorized third-party, all user accounts are now compromised. +It is important that you properly [_hash_][3] passwords before storing them. Hashing and encrypting are [two very different things][7] +that often get confused. + +Hashing is an irreversible, one-way function. This produces a fixed-length string that cannot be feasibly reversed. +This means you can compare a hash against another to determine if they both came from the same source string, but you +cannot determine the original string. If passwords are not hashed and your database is accessed by an unauthorized +third-party, all user accounts are now compromised. + +Unlike hashing, encryption is reversible (provided you have the key). Encryption is useful in other areas, but is a poor +strategy for securely storing passwords. Passwords should also be individually [_salted_][5] by adding a random string to each password before hashing. This prevents dictionary attacks and the use of "rainbow tables" (a reverse list of crytographic hashes for common passwords.) Hashing and salting are vital as often users use the same password for multiple services and password quality can be poor. +Additionally, you should use [a specialized _password hashing_ algoithm][6] rather than fast, general-purpose +cryptographic hash function (e.g. SHA256). The short list of acceptable password hashing algorithms (as of June 2018) +to use are: + +* Argon2 (available in PHP 7.2 and newer) +* Scrypt +* **Bcrypt** (PHP provides this one for you; see below) +* PBKDF2 with HMAC-SHA256 or HMAC-SHA512 + Fortunately, nowadays PHP makes this easy. **Hashing passwords with `password_hash`** @@ -56,3 +70,6 @@ if (password_verify('bad-password', $passwordHash)) { [3]: https://wikipedia.org/wiki/Cryptographic_hash_function [4]: https://wiki.php.net/rfc/password_hash [5]: https://wikipedia.org/wiki/Salt_(cryptography) +[6]: https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016 +[7]: https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded + From 933b79a7dd10a49f469b0e73b21a30b157b0a7cc Mon Sep 17 00:00:00 2001 From: Josh Lockhart Date: Wed, 20 Jun 2018 10:34:18 -0400 Subject: [PATCH 65/65] Fix code typo --- _posts/07-04-01-Interacting-via-Code.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/07-04-01-Interacting-via-Code.md b/_posts/07-04-01-Interacting-via-Code.md index 25fe068..c335391 100644 --- a/_posts/07-04-01-Interacting-via-Code.md +++ b/_posts/07-04-01-Interacting-via-Code.md @@ -34,7 +34,7 @@ function getAllFoos($db) { } $results = getAllFoos($db); -foreach ($resultss as $row) { +foreach ($results as $row) { echo "
  • ".$row['field1']." - ".$row['field1']."
    • "; // BAD!! } {% endhighlight %}