Merge remote-tracking branch 'upstream/gh-pages' into gh-pages

Conflicts: _posts/07-07-01-Error-Reporting.md
2025-08-18 11:31:16 +02:00 · 2012-12-21 10:37:11 +00:00
parent c5fa313b0e f540582cde
commit 74231017fb
15 changed files with 186 additions and 41 deletions
--- a/README.md
+++ b/README.md
@@ -37,6 +37,7 @@ developers know where to find good information!
 * [Chinese](http://wulijun.github.com/php-the-right-way)
 * [Ukrainian](http://iflista.github.com/php-the-right-way)
 * [Portuguese](http://br.phptherightway.com/)
+* [Bulgarian](http://bg.phptherightway.com/)

 ### Translations

--- a/_includes/welcome.md
+++ b/_includes/welcome.md
@@ -16,6 +16,7 @@ _PHP: The Right Way_ is (or soon will be) translated into many different languag
 * Russian (Coming Soon)
 * [Spanish](http://es.phptherightway.com)
 * [Ukrainian](http://iflista.github.com/php-the-right-way/)
+* [Bulgarian](http://bg.phptherightway.com/)

 ## Disclaimer

--- a/_posts/01-05-01-Windows-Setup.md
+++ b/_posts/01-05-01-Windows-Setup.md
@@ -17,10 +17,6 @@ If you need to run your production system on Windows then IIS7 will give you the
 to go, you just need to configure PHP as a handler. For support and additional resources there is a [dedicated area on iis.net][php-iis] for 
 PHP.

-Generally running your application on different environment in development and production can lead to strange bugs popping up when you go 
-live. If you are developing on Windows and deploying to Linux (or anything non-Windows) then you should consider using a Virtual Machine. This 
-sounds tricky, but using [Vagrant][vagrant] you can set up simple wrappers, then using [Puppet][puppet] or [Chef][chef] you can provision these boxes and share them with your colleagues to ensure you're all working on the same stack. More on this soon.
-
 [php-downloads]: http://windows.php.net
 [phpmanager]: http://phpmanager.codeplex.com/
 [wpi]: http://www.microsoft.com/web/downloads/platform.aspx
@@ -28,6 +24,3 @@ sounds tricky, but using [Vagrant][vagrant] you can set up simple wrappers, then
 [xampp]: http://www.apachefriends.org/en/xampp.html
 [wamp]: http://www.wampserver.com/
 [php-iis]: http://php.iis.net/
-[vagrant]: http://vagrantup.com/
-[puppet]: http://www.puppetlabs.com/
-[chef]: http://www.opscode.com/
--- a/_posts/01-06-01-Vagrant.md
+++ b/_posts/01-06-01-Vagrant.md
@@ -0,0 +1,24 @@
+---
+isChild: true
+---
+
+## Vagrant {#vagrant_title}
+
+Running your application on different environments in development and production can lead to strange bugs 
+popping up when you go live. It's also tricky to keep different development environments up to date with the same 
+version for all libraries used when working with a team of developers. 
+
+If you are developing on Windows and deploying to Linux (or anything non-Windows) or are developing in a team, you 
+should consider using a virtual machine. This sounds tricky, but using [Vagrant][vagrant] you can set up a simple 
+virtual machine with only a few steps. These base boxes can then be set up manually, or you can use "provisioning" 
+software such as [Puppet][puppet] or [Chef][chef] to do this for you. Provisioning the base box is a great way to 
+ensure that multiple boxes are set up in an identical fashion and removes the need for you to maintain complicated 
+"set up" command lists. You can also "destroy" your base box and recreate it without many manual steps, making it
+easy to create a "fresh" installation.
+
+Vagrant creates shared folders used to share your code between your host and your virtual machine, meaning you can 
+create and edit your files on your host machine and then run the code inside your virtual machine.
+
+[vagrant]: http://vagrantup.com/
+[puppet]: http://www.puppetlabs.com/
+[chef]: http://www.opscode.com/
--- a/_posts/02-01-01-Code-Style-Guide.md
+++ b/_posts/02-01-01-Code-Style-Guide.md
@@ -12,7 +12,7 @@ Lithium, etc are starting to adopt. You can use them for your own projects, or c

 Ideally you should write PHP code that adheres to one or more of these standards so that other developers can easily
 read and work with your code, and applications that implement the components can have consistency even when working with 
-lots of third-party code. The first few recommendations are designed to be a super-set of the previous recomendation.
+lots of third-party code. The first few recommendations are designed to be a super-set of the previous recommendation.

 * [Read about PSR-0][psr0]
 * [Read about PSR-1][psr1]
--- a/_posts/03-02-01-Programming-Paradigms.md
+++ b/_posts/03-02-01-Programming-Paradigms.md
@@ -11,7 +11,7 @@ the years, notably adding a solid object-oriented model in PHP 5.0 (2004), anony
 ### Object-oriented Programming

 PHP has a very complete set of object-oriented programming features including support for classes, abstract classes,
-interfaces, inheritence, constructors, cloning, exceptions, and more.
+interfaces, inheritance, constructors, cloning, exceptions, and more.

 * [Read about Object-oriented PHP][oop]
 * [Read about Traits][traits]
--- a/_posts/04-03-01-PEAR.md
+++ b/_posts/04-03-01-PEAR.md
@@ -4,6 +4,36 @@ isChild: true

 ## PEAR {#pear_title}

-Another veteran package manager that many PHP developers enjoy is [PEAR][1]. It behaves much the same way, and is also worth researching for your projects. [Learn about PEAR][1].
+Another veteran package manager that many PHP developers enjoy is [PEAR][1]. It behaves much the same way as Composer,
+but has some noteable differences.
+
+PEAR requires each package to have a specific structure, which means that the author of the package must prepare it
+for usage with PEAR. Using a project which was not prepared to work with PEAR is not possible.
+
+PEAR installs packages globally, which means after installing them once they are available to all projects on that
+server. This can be good if many projects rely on the same package with the same version but might lead to problems
+if version conflicts between two projects arise.
+
+### How to install PEAR
+
+You can install PEAR by downloading the phar installer and executing it. The PEAR documentation has detailed 
+[install instructions][2] for every operating system.
+
+If you are using Linux, you can also have a look at your distribution package manager. Debian and Ubuntu for example
+have a apt ``php-pear`` package.
+
+### How to install a package
+
+If the package is listed on the [PEAR packages list][3], you can install it by specifying the official name:
+
+    pear install foo
+    
+If the package is hosted on another channel, you need to `discover` the channel first and also specify it when 
+installing. See the [Using channel docs][4] for more information on this topic.
+
+* [Learn about PEAR][1]

 [1]: http://pear.php.net/
+[2]: http://pear.php.net/manual/en/installation.getting.php
+[3]: http://pear.php.net/packages.php
+[4]: http://pear.php.net/manual/en/guide.users.commandline.channels.php
--- a/_posts/06-01-01-Databases.md
+++ b/_posts/06-01-01-Databases.md
@@ -13,7 +13,7 @@ database &mdash; and that can get silly.

 As an extra note on native drivers, the mysql extension for PHP is no longer in active development, and the official status since PHP 5.4.0 is
 "Long term deprecation". This means it will be removed within the next few releases, so by PHP 5.6 (or whatever comes after 5.5) it may well be gone. If you are using `mysql_connect()` and `mysql_query()` in your applications then you will be faced with a rewrite at some point down the
-line, so the best option is to replace mysql usage with mysqli or PDO in your applications within your own development shedules so you won't
+line, so the best option is to replace mysql usage with mysqli or PDO in your applications within your own development schedules so you won't
 be rushed later on. _If you are starting from scratch then absolutely do not use the mysql extension: use the [MySQLi extension][mysqli], or use PDO._

 * [PHP: Choosing an API for MySQL](http://php.net/manual/en/mysqlinfo.api.choosing.php)
--- a/_posts/07-03-01-Password-Hashing-with-Bcrypt.md
+++ b/_posts/07-03-01-Password-Hashing-with-Bcrypt.md
@@ -1,19 +0,0 @@
---
-isChild: true
---
-
-## Password Hashing with Bcrypt {#password_hashing_with_bcrypt_title}
-
-Eventually everyone builds a PHP application that relies on user login. Usernames and (hashed) passwords are stored in a database and later used to authenticate users upon login.
-
-It is important that you properly _hash_ passwords that are stored in a database. If passwords are not hashed, and your database is hacked or accessed by an unauthorized third-party, all user accounts are now compromised.
-
-**Hash passwords with Bcrypt**. It's super simple, and (for all intents and purposes) Bcrypt makes it impossible for someone to reverse-engineer the plain-text version of a password should the database be compromised.
-
-There are several Bcrypt libraries for PHP that you may use.
-
-* [Read "How to Safely Store a Password" by Coda Hale][3]
-* [Use Bcrypt with PHPass][4]
-
-[3]: http://codahale.com/how-to-safely-store-a-password/
-[4]: http://www.openwall.com/phpass/
--- a/_posts/07-03-01-Password-Hashing.md
+++ b/_posts/07-03-01-Password-Hashing.md
@@ -0,0 +1,40 @@
+---
+isChild: true
+---
+
+## Password Hashing {#password_hashing_title}
+
+Eventually everyone builds a PHP application that relies on user login. Usernames and passwords are stored in a database and later used to authenticate users upon login.
+
+It is important that you properly [_hash_][3] passwords before storing them. Password hashing is an irreversible, one way function performed against the users password. This produces a fix length string that can not be feasibly reversed. This means you can compare a hash against another to determine if they both came from the same source string, but you can not determine the original string. If passwords are not hashed and your database is accessed by an unauthorized third-party, all user accounts are now compromised. Some users may (unfortunately) use the same password for other services. Therefore, it is important to take security seriously.
+
+**Hashing passwords with `password_hash`**
+
+In PHP 5.5 `password_hash` will be introduced. At this time it is using BCrypt, the strongest algorithm currently supported by PHP. It will updated in the future to support more algorithms as needed though. The `password_compat` library was created to provide forward compatibility for PHP >= 5.3.7.
+
+Below we hash a string, we then check the hash against a new string. Because our two source strings are different ('secret-password' vs. 'bad-password') this login will fail. 
+
+{% highlight php %}                                                                                                                                                                                              
+<?php                                                                                                                                                                                                            
+require 'password.php';
+
+$passwordHash = password_hash('secret-password', PASSWORD_DEFAULT);
+
+if (password_verify('bad-password', $passwordHash)) {
+    //Correct Password
+} else {
+    //Wrong password
+}
+{% endhighlight %}  
+
+
+
+* [Learn about `password_hash`] [1]
+* [`password_compat` for PHP  >= 5.3.7 && < 5.5] [2]
+* [Learn about hashing in regards to cryptography] [3]
+* [PHP `password_hash` RFC] [4]
+
+[1]: http://us2.php.net/manual/en/function.password-hash.php
+[2]: https://github.com/ircmaxell/password_compat
+[3]: http://en.wikipedia.org/wiki/Cryptographic_hash_function
+[4]: https://wiki.php.net/rfc/password_hash
--- a/_posts/07-07-01-Error-Reporting.md
+++ b/_posts/07-07-01-Error-Reporting.md
@@ -43,7 +43,7 @@ To hide errors on your <strong>production</strong> environment, configure your `
 With these settings in production, errors will still be logged to the error logs for the web server, but will not be 
 shown to the user. For more information on these settings, see the PHP manual:

-* [error_reporting](http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-reporting)
-* [display_errors](http://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors)
+* [error_reporting](http://php.net/manual/errorfunc.configuration.php#ini.error-reporting)
+* [display_errors](http://php.net/manual/errorfunc.configuration.php#ini.display-errors)
 * [display_startup_errors](http://php.net/manual/errorfunc.configuration.php#ini.display-startup-errors)
-* [log_errors](http://www.php.net/manual/en/errorfunc.configuration.php#ini.log-errors)
+* [log_errors](http://php.net/manual/errorfunc.configuration.php#ini.log-errors)
--- a/_posts/09-05-01-Building
+++ b/_posts/09-05-01-Building
@@ -0,0 +1,74 @@
+---
+isChild: true
+---
+
+## Building and Deploying your Application {#build_title}
+
+If you find yourself doing manual database schema changes or running your tests manually before updating your files 
+(manually), think twice! With every additional manual task needed to deploy a new version of your app, the chances for 
+potentially fatal mistakes increase. Whether you're dealing with a simple update, a comprehensive build process or 
+even a continuous integration strategy, [build automation](http://en.wikipedia.org/wiki/Build_automation) is your 
+friend.
+
+Among the tasks you might want to automate are:
+
+* Dependency management
+* Compilation, minification of your assets
+* Running tests
+* Creation of documentation
+* Packaging
+* Deployment
+
+
+### Build Automation Tools
+
+Build tools can be described as a collection of scripts that handle common tasks of software deployment. The build 
+tool is not a part of your software, it acts on your software from 'outside'.
+
+There are many open source tools available to help you with build automation, some are written in PHP others aren't. 
+This shouldn't hold you back from using them, if they're better suited for the specific job. Here are a few examples:
+
+[Phing](http://www.phing.info/) is the easiest way to get started with automated deployment in the PHP world. With 
+Phing you can control your packaging, deployment or testing process from within a simple XML build file. Phing (which 
+is based on [Apache Ant](http://ant.apache.org/)) provides a rich set of tasks usually needed to install or update a 
+web app and can be extended with additional custom tasks, written in PHP.
+
+[Capistrano](https://github.com/capistrano/capistrano/wiki) is a system for *intermediate-to-advanced programmers* to 
+execute commands in a structured, repeatable way on one or more remote machines. It is pre-configured for deploying 
+Ruby on Rails applications, however people are **successfully deploying PHP systems** with it. Successful use of 
+Capistrano depends on a working knowledge of Ruby and Rake.
+
+Dave Gardner's blog post [PHP Deployment with Capistrano](http://www.davegardner.me.uk/blog/2012/02/13/php-deployment-with-capistrano/) 
+is a good starting point for PHP developers interested in Capistrano.
+
+[Chef](http://www.opscode.com/chef/) is more than a deployment framework, it is a very powerful Ruby based system 
+integration framework that doesn't just deploy your app but can build your whole server environment or virtual boxes.
+
+Chef resources for PHP developers:
+
+* [Three part blog series about deploying a LAMP application with Chef, Vagrant, and EC2](http://www.jasongrimes.org/2012/06/managing-lamp-environments-with-chef-vagrant-and-ec2-1-of-3/)
+* [Chef Cookbook which installs and configures PHP 5.3 and the PEAR package management system](https://github.com/opscode-cookbooks/php)
+
+Further reading:
+
+* [Automate your project with Apache Ant](http://net.tutsplus.com/tutorials/other/automate-your-projects-with-apache-ant/)
+* [Maven](http://maven.apache.org/), a build framework based on Ant and [how to use it with PHP](http://www.php-maven.org/)
+
+### Continuous Integration
+
+> Continuous Integration is a software development practice where members of a team integrate their work frequently, 
+> usually each person integrates at least daily — leading to multiple integrations per day. Many teams find that this 
+> approach leads to significantly reduced integration problems and allows a team to develop cohesive software more 
+> rapidly.
+
+*-- Martin Fowler*
+
+There are different ways to implement continuous integration for PHP. Recently [Travis CI](https://travis-ci.org/) has 
+done a great job of making continuous integration a reality even for small projects. Travis CI is a hosted continuous 
+integration service for the open source community. It is integrated with GitHub and offers first class support for many 
+languages including PHP.
+
+Further reading:
+
+* [Continuous Integration with Jenkins](http://jenkins-ci.org/)
+* [Continuous Integration with Teamcity](http://www.jetbrains.com/teamcity/)
--- a/_posts/11-01-01-Resources.md
+++ b/_posts/11-01-01-Resources.md
@@ -24,7 +24,8 @@
 ## PHP PaaS Providers

 * [PagodaBox](https://pagodabox.com/)
-* [PHP Fog](https://phpfog.com/)
+* [AppFog](https://appfog.com/)
+* [fortrabbit](http://fortrabbit.com/)
 * [Engine Yard Orchestra PHP Platform](http://www.engineyard.com/products/orchestra/)
 * [Red Hat OpenShift Platform](http://www.redhat.com/products/cloud-computing/openshift/)
 * [dotCloud](http://docs.dotcloud.com/services/php/)
--- a/pages/Functional-Programming.md
+++ b/pages/Functional-Programming.md
@@ -71,7 +71,7 @@ print_r($output); // items > 3
 {% endhighlight %}

 Each filter function in the family accepts only elements greater than some minimum value. Single filter returned by 
-`criteria_greater_than` is a closure whith `$min` argument closed by the value in the scope (given as an argument when 
+`criteria_greater_than` is a closure with `$min` argument closed by the value in the scope (given as an argument when 
 `criteria_greater_than` is called).

 Early binding is used by default for importing `$min` variable into the created function. For true closures with late
--- a/pages/The-Basics.md
+++ b/pages/The-Basics.md
@@ -104,8 +104,8 @@ function test($a)

 ## Global namespace

-While using namespaces, you may find your code being executed in the wrong scope for internal methods. To fix this,
-define the method globally by using a backslash before the method.
+When using namespaces, you may find that internal functions are hidden by functions you wrote. To fix this,
+refer to the global function by using a backslash before the function name.

 {% highlight php %}
 <?php
@@ -113,14 +113,14 @@ namespace phptherightway;

 function fopen()
 {
-    $file = \fopen();    // our function name is the same as an internal function
-                         // execute globally by adding '\'.
+    $file = \fopen();    // Our function name is the same as an internal function.
+                         // Execute the function from the global space by adding '\'.
 }

 function array()
 {
-    $iterator = new \ArrayIterator();    // ArrayIterator is an internal class. Using it without a backslash
-                                         // will execute it within the namespace scope
+    $iterator = new \ArrayIterator();    // ArrayIterator is an internal class. Using its name without a backslash
+                                         // will attempt to resolve it within your namespace.
 }
 {% endhighlight %}