The Zen Of Mindful Programming

In this issue, Doug Dobrzynski helps us focus while programming with his article, Mindful Programming. While this article isn’t PHP specific, if you take time to digest what he’s talking about, I think you will find that all of us could benefit from using daily mindful techniques. In his article, Lessons Learned from Building a WebSocket Server, Torsten Dittmann shows us some of the considerations that had to be made when adding a real-time component to their API. And a bonus feature article from Ed Barnard will help us write better database interactions with Designing For MySQL Transaction Failures.

Our columns continue to offer great content as well. In our Security Corner, Eric Mann brings us Vulnerable and Outdated Components, which made me run and check my servers right away. Chris Tankersly talks about Why We Argue About PHP Upgrades and Changes in Education Station. Community Corner brings more information on some of this year’s turbulent transition of PHP Internals with The PHP Foundation. Joe Ferguson goes into The Workshop and shows us a possible way to speed up Laravel applications with Octane & RoadRunner. Ed Barnard also continues his Here Be Dragons column with Solution Space, where he wants to help us have fun in our craft of programming. Oscar Merida brings another excellent PHP Puzzle where we try to find our Break-Even Point. And finally{}, Beth Tucker-Long rounds out this issue with a follow-up to last month’s Roll With It titled Still Rolling.

The post The Zen Of Mindful Programming appeared first on php[architect].

The Art of Data

This month, we dive into Libsodium, discuss gatekeeping, learn more about data access, and why even something that might be considered a “small bug” can cause massive damage.

I’m not sure how many people read these Editorials. It’s even been explained to me that this isn’t an “Editorial.” Ha, the joke’s on them; I’m not an editor, sooooo yeah. I always enjoyed reading what Oscar had to say about the articles in the month’s issues and seeing what little nuggets of knowledge he shared.

I am not sure if I have any actual words of wisdom to share, but that’s never stopped me from talking before, so I don’t see why that would change now. We’ve been talking a lot about change lately, but the reality is, “change” is what our industry is about. Sure there are personal changes. People change jobs, leave projects, organizers of User Groups move away, but our industry also changes. What we consider “good security practices” today can be viewed as a horrible implementation tomorrow. Anyone who has worked on a legacy codebase for enough time knows the feeling of looking at code and thinking, “why was it done like this? This is terrible”, then checking the commit logs and realizing they did the coding and remember, “Oh right, that is how we did this five years ago.”

In this issue, Vinícius Campitelli returns to follow up his article from last month with more cryptography talk. This month he talks specifically about *Cryptography with Libsodium*, what it is, why you should be using it, and how you should be using it. In *Exploring the Active Record Pattern,* Alexandros Gougousis discusses the popular Active Record Pattern and some of the benefits of using this pattern to handle persisting data to the backend database.

In Security Corner this month, Eric Mann takes us on a personal journey with a bug report for a package he was maintaining in his article *No Bug Too Small,* and as you can probably guess from the title, the “small bug” was a big problem. Moving on to Joe Ferguson’s *The Workshop* article *Intro to Craft CMS*, Joe talks about one of the PHP powerhouses in the CMS market, CraftCMS. Built on the Yii framework, Joe takes you from install to asset management and gets your CMS up and running in a matter of a couple of pages. *Education Station’s* Chris Tankersley returns us to our data access discussion with *Handling Data Access* and jumps into different ways to handle data access, including raw access to abstraction layers and back to data access layers. This month, Oscar Merida continues to toy with our minds and emotions in his PHP Puzzles column about *Compounding Interest.* He then challenges us with another economic puzzle to finish out the year. Also, this month, I had the pleasure to speak with Wasseem Khayratte, aka 7PHP, in this month’s *Community Corner*. I learned more about what got him involved with the PHP community and his new role as the voice behind Voices of the elePHPant. In this month’s *Here Be Dragons: Problem Space*, Edward touches on a couple of topics most of us had been through at some point in our careers, Burn Out and Gatekeeping. And in finally{} Beth Tucker Long discusses her *Roll With It* philosophy and the idea of embracing change. Thanks for being a reader and I hope you enjoy this issue.

The post The Art of Data appeared first on php[architect].

Interview with Vinícius Campitelli

Eric Van Johnson and John Congdon interview feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.

According to the just-released 2021 version of OWASP Top 10 (a curated list of the most critical web application security risks out there), “Cryptographic Failures” are the 2nd most important of the many security concerns we should have as web developers. These concerns include a lot of misuses of cryptographic systems, like choosing weak algorithms, poor randomness sources, or usage of deprecated methods. That is why this is also the second article covering the main topics for cryptography: on our last issue, we covered the main theory, which sometimes is the cause of those errors mentioned above, and right now we will see how to use libsodium, a modern library with the most recommended algorithms already built-in and no weak settings available per default. It is a cross-platform tool, available to use on Windows, Mac, and Linux, and has been included in PHP’s core since 7.2. It also has bindings for Java, NodeJS, Python, Go, and several other languages. So we are safe to say it runs pretty much everywhere. The official website is, and you can find the full documentation there instead of the manual as it is sometimes not complete. There is also a Quick Reference and a “Using Libsodium in PHP Projects” article.

The post Interview with Vinícius Campitelli appeared first on php[architect].

Decrypting Cryptography

Eric and John talk about their first release and the October 2021 issue, Decrypting Cryptography

Topics Covered

  • Cryptography 101
  • What I Wish Something Told Me About SQL Database Design
  • Education Station: Windows 11 for PHP Development
  • The Workshop: Nitro
  • Design Patterns by Moonlight: The Dragon Wrangling Pattern
  • Sebastian Bergmann and the PHPUnit project part 2
  • Security Corner: Updating the OWASP Top Ten
  • PHP Puzzles: Time Value of Money
  • finally{}: Rubber Ducky, You’re the One!

The post Decrypting Cryptography appeared first on php[architect].

Interview with Tomas Votruba

Eric van Johnson and John Congdon interview Tomas Votruba, who wrote an article on Why Would Anyone Want to Downgrade Their PHP Code? in the September 2021 issue.

Topics Covered

    • Downgrading PHP Code and why this might be a good workflow for you
    • Rector – Instant Upgrades and Automated Refactoring
    • The power of automated refactoring.

The post Interview with Tomas Votruba appeared first on php[architect].

Upgrading code with Rector, CQRS, Livewire, is PHP the Worst?, and more

Eric, John, and Oscar talk about changes behind the screen and the September 2021 issue, It’s Really an Upgrade.

Topics Covered

  • Changes in ownership at php[architect]
  • The Rector project: using it to upgrade and downgrade library code.
  • CQRS: using it to scale database reads and writes.
  • JWTs and Security
  • Livewire and JavaScript front end frameworks for PHP developers
  • Sebastian Bergmann and the PHPUnit project
  • Xdebug tutorials on YouTube
  • MVC pattern in PHP applications
  • Animating Life with Imagick
  • Why its a good thing that PHP is “the Worst” and why that makes it successful.
  • Why its essential to keep learning.

The post Upgrading code with Rector, CQRS, Livewire, is PHP the Worst?, and more appeared first on php[architect].

Functional PHP, Laravel Horizon, MFA, Testing with Pest, Taylor Otwell, and more

Eric, John, and Oscar sit down to go over the August 2021 issue, Trimming One’s Sails.

Topics Covered

  • Grokking algebraic structures and functional programming with PHP
  • Laravel Horizon and diving into worker queues
  • Multi-factor authentication and why you should use add it to your application.
  • Testing with Pest PHP and how it’s different from PhpUnit.
  • Eric’s interview with Taylor Otwell, creator of Laravel.
  • Annotations, using them in legacy code and PHP 8’s implementation.
  • Interfaces and patterns for using them.
  • How step debugging improves your productivity.

The post Functional PHP, Laravel Horizon, MFA, Testing with Pest, Taylor Otwell, and more appeared first on php[architect].

Interview with Scott Keck-Warren

Eric van Johnson and John Congdon interview Scott Keck-Warren, who wrote an article on Boosting User Perceived Performance with Laravel Horizon, in the August 2021 issue.

Topics Covered

  • Getting started programming with QBasic
  • Working with PHP, Laravel, and picking up new languages.
  • Scaling with queues and tasks to send surveys and synchronize data.
  • The benefits of using Horizon.
  • Building a youtube channel for new PHP developers.

The post Interview with Scott Keck-Warren appeared first on php[architect].

Interview with Ken Marks

Eric van Johnson and John Congdon talk to Ken Marks about his article in the July issue, Mentoring and Teaching PHP and his new book PHP Web Development with MySQL

Topics Covered

  • How he got stated writing and why he wrote a book.
  • How he teaches students to build web applications with PHP and MySQL.
  • Getting started in teaching PHP.
  • Becoming part of his local web development community.
  • Staying motivated as a student or intern.

The post Interview with Ken Marks appeared first on php[architect].

Elasticsearch, Teaching PHP, Design Patterns, People, Joe Watkins, and more

Listen to Eric, John, and Oscar discuss the articles in the July 2021 issue, Deep Dive into Search.

Topics Covered

  • Using Elasticsearch in an application.
  • Archery (for some reason).
  • Password complexity and entropy.
  • Why you should use a password manager.
  • Eric’s interview with Joe Watkins about Bus Factors.
  • Teaching and mentoring new developers.
  • Rocky Linux, a CentOS alternative.
  • Soylent Green, Stakeholders, and Requirements.
  • When to use the Decorator Pattern.
  • Returning to a new normal.

The post Elasticsearch, Teaching PHP, Design Patterns, People, Joe Watkins, and more appeared first on php[architect].