emGee Software Solutions Custom Database Applications

Share this

Planet PHP

People blogging about PHP
Updated: 1 week 17 hours ago

402 Payment Required - Evert Pot

Tue, 11/27/2018 - 07:00

402 Payment Required is a status-code described by the standard as:

The 402 (Payment Required) status code is reserved for future use.

The original idea may have been that commercial websites and APIs would want to have a default way to communicate that a HTTP request can be repeated, after a user paid for service.

Usage

The RFC suggests that it’s not a good idea to use this status code today, because it may get a better definition in the future, possibly making existing sites incompatible with HTTP.

That being said, it hasn’t really stopped people from using the code anyway.

So should you use it? The RFC says no. But, I also don’t think there’s a major risk in doing so.

References
Categories: Web Technologies

Interview with Rob Allen - Voices of the ElePHPant

Tue, 11/27/2018 - 05:08
Video

@akrabat

Audio Show Notes This episode sponsored by:

The post Interview with Rob Allen appeared first on Voices of the ElePHPant.

Categories: Web Technologies

Interview with Rob Allen - Voices of the ElePHPant

Tue, 11/27/2018 - 05:08
Video

@akrabat

Audio Show Notes This episode sponsored by:

The post Interview with Rob Allen appeared first on Voices of the ElePHPant.

Categories: Web Technologies

Announcing API Problem 3.x for PHP, complete with PSR-17 support - larry@garfieldtech.com

Sat, 11/24/2018 - 16:06
Announcing API Problem 3.x for PHP, complete with PSR-17 support

After a longer than intended delay, I'm happy to announce the 3.0 release of my Crell/ApiProblem library.

ApiProblem is a small, self-contained library for modeling IETF RFC 7807 "Problem Details" messages. (I know, more gibberish.) That is, it makes it easier for PHP developers to build a message for their API servers to handle cases where Something Bad Happened(tm).

Continue reading this post on SteemIt

Larry 24 November 2018 - 7:06pm
Categories: Web Technologies

Colored app environment in docker shell - Christian Weiske

Thu, 11/22/2018 - 12:27

When running a shell in a docker container, you only see random hashes as hostname:

$ docker exec -it project_backend_1 bash root@112adda3eb64:/#

Now imagine having a dozen of terminals open, and then you run ./vendor/bin/phpunit in container 71f68dcd5379. The first thing that the PHPUnit bootstrap script does is emptying the database and then running all migrations and seeds.

Unfortunately, you intendet to run that command in 112adda3eb64, your local development container. Let's just say that 71f68dcd5379 was not the the local dev one, but on a server in a data center, and the data thrown away were kind of important.

Show the environment

To prevent such mistakes in the future, the shell shall clearly show which environment you are in - local development, testing, staging or production.

APP_ENV

This environment is available in our Laravel .env file, but it's not so easy to access in the terminal. So the first step is to add the current environment in the docker-compose.yml file:

--- version: "3" services: backend: image: docker-hub.example.org/project/backend-dev:latest environment: - APP_ENV=local

Now we can access this variable in our shell via $APP_ENV.

Bash prompt

The bash prompt $PS1 is set in two places in the Ubuntu 16.04 images that we used:

/etc/bash.bashrc
Loaded when bash is used, no matter which user
/root/.bashrc
Is loaded after the /etc/ version when the user is root.

Both files define $PS1, so we have to load our bash-coloring file in both of them:

Dockerfile FROM ubuntu:xenial ADD bash.colorprompt /etc/bash.colorprompt RUN echo '. /etc/bash.colorprompt' >> /etc/bash.bashrc\ && echo '. /etc/bash.colorprompt' >> /root/.bashrc

Now the only thing left is to write that file that sets the prompt:

bash.colorprompt # color the prompt according to $APP_ENV variable case "$APP_ENV" in production) PS1='\e[41m\n=== $APP_ENV ===\e[m\n\u@\h:\w\$ ' ;; testing) PS1='\e[43m$APP_ENV\e[m \u@\h:\w\$ ' ;; local) PS1='\e[42m$APP_ENV\e[m \u@\h:\w\$ ' ;; esac Screenshots

PHPUnit?

The obvious question is why PHPUnit was available on that system in the first place.

Our CI server runs unit/integration tests on every deployment, no matter which environment is being deployed to:

  1. Build container with environment-specific configuration
  2. Run tests in container
  3. Deploy and start container on server

While this is in general a good idea, running the tests on the deployment to every environment is something we later stopped doing.

It turned out to be hard to make sure that every single configuration variable is overwritten in phpunit.xml. And if you can't be sure of this, your tests suddenly use some obscure production service that you forgot to stub out.

<script type="text/javascript" src="http://cweiske.de/tagebuch/js/photoswipe/all.min.js"> <script type="text/javascript">cws.init();
Categories: Web Technologies

PHP 7.3.0RC6 Released - PHP: Hypertext Preprocessor

Wed, 11/21/2018 - 16:00
The PHP team is glad to announce the presumably last PHP 7.3.0 pre-release, PHP 7.3.0RC6. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki. For source downloads of PHP 7.3.0RC6 please visit the download page. Windows sources and binaries can be found on windows.php.net/qa/. Please carefully test this version and report any issues found in the bug reporting system. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. Internal changes are listed in the UPGRADING.INTERNALS file. These files can also be found in the release archive. The next release would be 7.3.0 (GA), planned for December 6th. The signatures for the release can be found in the manifest or on the QA site. Thank you for helping us make PHP better.
Categories: Web Technologies

401 Unauthorized - Evert Pot

Tue, 11/20/2018 - 07:00

When a client makes a HTTP request, but the server requires the request to be authenticated a 401 Unauthorized status is returned.

This could mean that a user needs to log in first, or more generally that authentication credentials are required. It could also mean that the provided credentials were incorrect.

The name Unauthorized can be a bit confusing, and was regarded as a bit of misnomer. 401 is strictly used for Authentication. In cases where you want to indicate to a client that they simply aren’t allowed to do something, you need 403 Forbidden instead.

When a server sends back 401, it must also send back a WWW-Authenticate header. This header tells a client what kind of authentication scheme the server expects.

Examples

This is an example of a server that wants the client to login using Basic authentication.

HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic; realm="Secured area"

This is an example using Digest auth:

HTTP/1.1 401 Unauthorized WWW-Authenticate: Digest realm="http-auth@example.org", qop="auth, auth-int", algorithm=SHA-256, nonce="7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v", opaque="FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS

OAuth2 uses something called Bearer tokens, which is really just a secret string:

HTTP/1.1 401 Unauthorized WWW-Authenticate: Bearer

It’s possible for a server to tell a client it supports more than one scheme. This example might be from an API that normally uses OAuth2, but also allows Basic for developing/debugging purposes.

HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic; realm="Dev zone", Bearer

Due to how HTTP works, the above header is identical to the following:

HTTP/1.1 401 Unauthorized WWW-Authenticate: Basic; realm="Dev zone" WWW-Authenticate: Bearer

If a client got the correct credentials, it generally sends them to servers using the Authorization header:

GET / HTTP/1.1 Authorization: Basic d2VsbCBkb25lOnlvdSBmb3VuZCB0aGUgZWFzdGVyIGVnZwo= Other authentication schemes

IANA has a list of standard authenticaton schemes. Aside from Bearer, Digest and Bearer there is als

Truncated by Planet PHP, read more at the original (another 1488 bytes)

Categories: Web Technologies

Interview with Lorna Mitchell - Voices of the ElePHPant

Tue, 11/20/2018 - 06:00
Video

@lornajane

Audio Show Notes This episode sponsored by:

The post Interview with Lorna Mitchell appeared first on Voices of the ElePHPant.

Categories: Web Technologies

Interview with Lorna Mitchell - Voices of the ElePHPant

Tue, 11/20/2018 - 06:00
Video

@lornajane

Audio Show Notes This episode sponsored by:

The post Interview with Lorna Mitchell appeared first on Voices of the ElePHPant.

Categories: Web Technologies

PHP on RHEL-8 - Remi Collet

Fri, 11/16/2018 - 00:16

RHEL-8 Beta is announced and is available for download for whom want to try it.

This is an opportunity to look at PHP installation and how modules work.

1. Installation

ISO image is available for everyone, see the README file.

Don't forget to enable the Beta repositories.

# dnf repolist repo id repo name status rhel-8-for-x86_64-appstream-beta-rpms Red Hat Enterprise Linux 8 for x86_64 - AppStream Beta (RPMs) 4594 rhel-8-for-x86_64-baseos-beta-rpms Red Hat Enterprise Linux 8 for x86_64 - BaseOS Beta (RPMs) 1686 2. Installation of PHP

PHP is not part of BaseOS which is the base of the Operating System, reduced to minimal, but is available in AppStream, i.e. as a module.

# dnf module list Red Hat Enterprise Linux 8 for x86_64 - AppStream Beta (RPMs) php 7.1 devel, minimal, defaul PHP scripting language t [d] php 7.2 [d] devel, minimal, defaul PHP scripting language t [d]

You can see that both versions 7.1 and 7.2 (défaut) are available.

Installation of version 7.1

# dnf module install php:7.1 Dependencies resolved. ========================================================================================================== Package Arch Version Repository Size ========================================================================================================== Installing group/module packages: php-cli x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 2.9 M php-common x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 624 k php-fpm x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 1.5 M php-json x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 70 k php-mbstring x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 547 k php-xml x86_64 7.1.20-2.el8+1700+11d526eb rhel-8-for-x86_64-appstream-beta-rpms 187 k Installing dependencies: httpd-filesystem noarch 2.4.35-6.el8+2089+57a79027 rhel-8-for-x86_64-appstream-beta-rpms 32 k nginx-filesystem noarch 1:1.14.0-3.el8+1631+ba902cf0 rhel-8-for-x86_64-appstream-beta-rpms 23 k Installing module profiles: php/default Enabling module streams: httpd 2.4 nginx 1.14 php 7.1 Transaction Summary ========================================================================================================== Install 8 Packages Total download size: 5.9 M Installed size: 20 M Is this ok [y/N]: y

Result:

# php -v PHP 7.1.20 (cli) (built: Jul 19 2018 06:17:27) ( NTS ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.1.0, Copyright (c) 1998-2018 Zend Technologies

And you can switch easily to  7.2

# dnf module install php:7.2 Dependencies resolved. ========================================================================================================== Package Arch Version Repository Size ========================================================================================================== Upgrading: php-cli x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 3.1 M php-common x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 653 k php-fpm x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 1.6 M php-json x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 73 k php-mbstring x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 580 k php-xml x86_64 7.2.11-1.el8+2002+9409c40c rhel-8-for-x86_64-appstream-beta-rpms 188 k Switching module streams: php 7.1 -> 7.2 Transaction Summary ========================================================================================================== Upgrade 6 Packages Total download size: 6.2 M Is this ok [y/N]: y

Result:

# php -v PHP 7.2.11 (cli) (built: Oct 9 2018 15:09:36) ( NTS ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies 3. Web usage 3.1 with Apache HTTP Server

Truncated by Planet PHP, read more at the original (another 1504 bytes)

Categories: Web Technologies

400 Bad Request - Evert Pot

Tue, 11/13/2018 - 07:00

400 Bad Request is the first error code. Every status that starts with a 4 indicates that the client did something wrong. If the status starts with a 5 it means that the server did something wrong.

400 Bad Request is used as a generic error code. It’s a useful default error code if there’s no specific error code that’s a better fit.

There’s often a lot of discussion about which 4xx code is the most appropriate for any different situations. This might be because there’s many, and it’s not always super clear what the distinctions between them are.

The most important thing to remember when selecting the appropriate code is: “can a generic client do something with this response?”. If the answer is no, it might not matter as much which error code is returned.

For example, when a client sees a 401 it might know to show a login window. When a client sees a 403, it might know to tell the end-user that the reason their operation failed, was because of permissions-related issues.

Those are good reasons to show an error code, but those reasons don’t always exists. For those cases it’s fine to just use the generic status code 400.

Response bodies

When returning any error, you should also return a response body with more information about the failure. If your client is a browser, this might be user-friendly html page. If your client is some kind of JSON-based client, it might be good idea to use the standard application/problem+json response code.

Example HTTP/1.1 400 Bad Request Content-Type: application/problem+json { "type": "https://example.org/impolite", "title": "Request was not polite enough", "detail": "HTTP requests must be made using a 'Please' HTTP header. } References
Categories: Web Technologies

Book review: Functional Programming in PHP - larry@garfieldtech.com

Mon, 11/12/2018 - 13:29
Book review: Functional Programming in PHP

I was asked by php[architect] a while back to review "Functional Programming in PHP, 2nd Ed" by Simon Holywell. I've been sitting on this review for a while, so it's time to finally get it done.

Continue reading this review on SteemIt.

Larry 12 November 2018 - 4:29pm
Categories: Web Technologies

Google Trends for REST, GraphQL and RPC - Evert Pot

Sat, 11/10/2018 - 10:52
<script type="text/javascript" src="https://ssl.gstatic.com/trends_nrtr/1605_RC01/embed_loader.js"> <script type="text/javascript"> trends.embed.renderExploreWidget("TIMESERIES", {"comparisonItem":[{"keyword":"rest api","geo":"","time":"today 5-y"},{"keyword":"RPC","geo":"","time":"today 5-y"},{"keyword":"GraphQL","geo":"","time":"today 5-y"}],"category":5,"property":""}, {"exploreQuery":"cat=5&date=today%205-y&q=rest%20api,RPC,GraphQL","guestPath":"https://trends.google.com:443/trends/embed/"});

If you don’t see a diagram, your browser might be blocking it. See the source here.

Categories: Web Technologies

PHP 7.1.24 Released - PHP: Hypertext Preprocessor

Wed, 11/07/2018 - 16:00
PHP 7.1.24 Release AnnouncementThe PHP development team announces the immediate availability of PHP 7.1.24. This is a bugfix release.All PHP 7.1 users are encouraged to upgrade to this version.For source downloads of PHP 7.1.24 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.
Categories: Web Technologies

PHP 7.3.0RC5 Released - PHP: Hypertext Preprocessor

Wed, 11/07/2018 - 16:00
The PHP team is glad to announce the next PHP 7.3.0 pre-release, PHP 7.3.0RC5. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki. For source downloads of PHP 7.3.0RC5 please visit the download page. Windows sources and binaries can be found on windows.php.net/qa/. Please carefully test this version and report any issues found in the bug reporting system. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. Internal changes are listed in the UPGRADING.INTERNALS file. These files can also be found in the release archive. The next release would be RC6, planned for November 22nd. The signatures for the release can be found in the manifest or on the QA site. Thank you for helping us make PHP better.
Categories: Web Technologies

Which redirect do I choose? - Evert Pot

Wed, 11/07/2018 - 07:00

The 3xx status-codes are a bit of a mess. There’s a lot of confusion and mis-use, so I thought it might help to sum all of them up in a single article.

Choosing the right redirect

Are you responding to a POST request, and instead of returning a status immediately, you want to redirect the user to a confirmation page?

Use 303 See Other.

Did the resource move to a new path, or a new domain, and you want to make sure that any HTTP client repeats the exact same HTTP request on the new location?

Use 307 Temporary Redirect if the move was temporary, or 308 Permanent Redirect if the move was permanent.

Did the resource move, but you only care about GET request? (perhaps because this is a website).

Use 302 Found if the move was temporary, or 301 Moved Permanently if the move was permanent.

Do you want to send the user somewhere else, but you’re not sure where because there’s more than one option, and you’d like the user to decide:

Use 300 Multiple Choices.

References
Categories: Web Technologies

Interview with Jonathan Wage - Voices of the ElePHPant

Tue, 11/06/2018 - 09:04

@jwage Show Notes

Audio

This episode is sponsored by

.

The post Interview with Jonathan Wage appeared first on Voices of the ElePHPant.

Categories: Web Technologies

Interview with Jonathan Wage - Voices of the ElePHPant

Tue, 11/06/2018 - 09:04

@jwage Show Notes

Audio

This episode is sponsored by

.

The post Interview with Jonathan Wage appeared first on Voices of the ElePHPant.

Categories: Web Technologies

308 Permanent Redirect - Evert Pot

Tue, 11/06/2018 - 07:00

308 Permanent Redirect is similar to 301 Moved Permanently. Both indicate that the resource the user tried to access has moved to a new location. In both cases the client should update any bookmarks they had from the old to the new location. Search engines respect these statuses too.

The difference between 301 and 308 is that a client that sees a 308 redirect MUST do the exact same request on the target location. If the request was a POST and and had a body, then the client must do a POST request with a body on the new location.

In the case of 301 a client may do this. In practice, most clients don’t do this and convert the POST request to a GET request.

The 308 is relatively new, and is currently marked as experimental in RFC7238. Most modern clients support it, but you might run into some issues with older clients.

Example HTTP/1.1 308 Permanent Redirect Location: https://evertpot.com/http/308-permanent-redirect Server: Apache/2.4.29 References
  • RFC7238 - Status Code 308 (Permanent Redirect).
Categories: Web Technologies

Fixing Redis background-save issues on Docker - Matthew Weier O'Phinney

Sun, 11/04/2018 - 05:52

I've been running redis in Docker for a number of sites, to perform things such as storing session data, hubot settings, and more.

I recently ran into a problem on one of my systems where it was reporting:

Can't save in background: fork: Out of memory

A quick google search showed this is a common error, so much so that there is an official FAQ about it. The solution is to toggle the /proc/sys/vm/overcommit_memory to 1.

The trick when using Docker is that this needs to happen on the host machine.

This still didn't solve my problem, though. So I ran a docker ps on the host machine to get an idea of what was happening. And discovered that, somehow, I had two identical redis containers running, using the exact same configuration - which meant they were doing backups to the same volume. Killing the one no longer being used by my swarm services caused everything to work once again.

Fixing Redis background-save issues on Docker was originally published 4 November 2018 on https://mwop.net by .
Categories: Web Technologies

Pages