PHP in 2019

Here’s a nice overview of “PHP in 2019” for those who are still trying to avoid the language because of some preconceived or outdated reasons.

TL;DR
* PHP is actively developed with a new release each year
* Performance since the PHP 5 era has doubled, if not tripled
* There’s a extremely active eco system of frameworks, packages and platforms
* PHP has had lots of new features added to it over the past few years, and the language keeps evolving
* Tooling like static analysers has matured over the past years, and only keeps growing

And here are some of the recent features that have made it into the language:

Here’s a non-exhaustive list of new features in PHP:
* Short closures
* Null coalescing operator
* Traits
* Typed properties
* Spread operator
* JIT compiler
* FFI
* Anonymous classes
* Return type declarations
* Contemporary cryptography
* Generators
* Lots more

Chrome Extensions: PHP Console and JavaScript Errors Notifier

Here are a couple of handy Google Chrome extensions that I came across the other day.

PHP Console

PHP Console can display PHP errors and var dumps in the Google Chrome Developer Console and notification popups. It can also execute PHP code remotely, with the help of this server side library.

JavaScript Errors Notifier

JavaScript Errors Notifier lets you know of any JavaScript errors either with an icon highlight, or with a popup window. This makes things a lot easier to notice.

Programmer migration patterns

Programmer migration patterns” is an interesting attempt to identify where programmers start and how move from one programming language to another. This is not precise science, obviously. But I have to say that I mostly agree with the findings.

The first language that I learned (back in school) was BASIC, which then gave me some legs with Visual Basic later in college. Also in college, I’ve learned assembler, C, and Pascal, which guided me to some amateur and professional development with Delphi.

Soon after that I discovered Linux, which meant shell scripting. I played with awk, but I didn’t have to dive deep, as Perl was already available. Perl was probably my first true programming language, which I learned outside of school and college, and which I have been using for years to build all kinds of things. I still love Perl dearly, but the last few years I have been mostly using PHP, with some occasional Python.

JavaScript, however, is where I draw the line. I’ve been scarred by JavaScript back in the 90s, so I can’t force myself to go back. And then again, I don’t really have to. I’ll leave JavaScript, TypeScript, and node.js for the younger generations.

Let the source be with you!

API Platform – REST and GraphQL framework to build modern API-driven projects

API Platform is a framework for building API-driven projects. I came across this via this blog post that covers the recent release of v2.4. The list of features and components is quite extensive:

  • Read and write support for MongoDB
  • Read support for Elasticsearch
  • Message queues support via a number of brokers, including Amazon SQS
  • Server Push support for HTTP/2
  • Full compatibility with OpenAPI v3 (Swagger)
  • Automated admin interface and project documentation
  • A variety of components from the Symfony framework

I’m pretty sure that I’ll be taking this for a spin in the nearest future!

Intro to basic web application security

Intro to basic web application security” is an excellent overview of the most common mistakes web developers make when it comes to security. The article provides practical examples (including code snippets and screenshots), which illustrate the problems and ways to solve them. The list includes:

  • SQL injection (of course! no such guide would be complete without it)
  • Cross-site scripting (XSS)
  • Cross-site Request Forgery (CSRF/XSRF)
  • Local file inclusion (LFI)
  • Insufficient password hashing
  • Man in the middle (MITM)
  • Command injection
  • XML external entity (XXE)
  • Sensitive data exposure (including error messages and exceptions)
  • Login rate limits
  • and a variety of other, small, but potentially dangerous issues.