Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 4 February 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

SYMFONY

 

As always, we will start with the official news from Symfony.

Highlight -> "This week, Symfony 4.4.37, 5.3.14, 5.4.3 and 6.0.3 maintenance versions were released. In addition, a potential security vulnerability related to CSRF tokens in forms was found and fixed in security releases for all maintained versions."

A Week of Symfony #787 (24-30 January 2022)

 

The team fixed a security issue. “The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled.

In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks.”

CVE-2022-xxxx: CSRF token missing in forms

 

They also fixed an issue with Twig. "When in a sandbox mode, the arrow parameter of the sort filter must be a closure to avoid attackers being able to run arbitrary PHP functions."

Twig security release: disallow non closures in the sort filter

 

SymfonyCasts unveiled a Symfony 6 track with courses on Symfony 6, EasyAdmin, and Upgrading to Symfony 6. The Harmonious Development with Symfony 6 course is free!

Learn Symfony 6: Unlock new possibilities with PHP's most powerful framework

 

Via SensioLabs: at Symfony World Winter 2021, two experts from SensioLabs were speakers. Following this online conference where more than 1,000 people attended in two days, they shared with us their experience and talked about their topic. A glimpse behind the scenes of the SymfonyWorld!

Symfony World Winter 2021: the interview with two speakers from SensioLabs

 

Platform.sh consolidates its management team with appointment of Ori Pekelman and Fabien Potencier as CSO and CPO. Don’t worry, Fabien isn’t leaving Symfony.

Platform.sh consolidates its management team with appointment of Ori Pekelman and Fabien Potencier as CSO and CPO

 

Symfony is excited to announce the organization of the international Symfony conference as initially planned at Disneyland Paris from November 15 to 18, 2022 for a full week of Symfony. Join us at SymfonyCon Disneyland Paris 2022 to learn and share the latest about Symfony while having fun at Disneyland Paris with us! The conference will be held at the newly redesigned Disney's Hotel New York - Art of Marvel!

Excited to announce SymfonyCon Disneyland Paris 2022

 

Featured Item Graphic

 

Featured Item

 

Block Protocol is a new project that aims to build a block system for embedding interactive blocks in any web application. The goal is to create a more interoperable and open web where these blocks can be shared through a standardized protocol. The initial draft of the Block Protocol spec is being incubated by the team at HASH, an open source data, modeling, and simulation platform.

Making the web better. With blocks!

By the way we are currently moving a site from WordPress site to Drupal and will be using HASH’s Web Components block module along with Gutenberg blocks module for the content creation. There is more on this below.

 

This Week

 

These type of posts are a dime a dozen, but this is a comprehensive one.

Symfony vs Laravel: Choosing The Right PHP Framework

 

Mert Simseck (great name) writes “I don’t know where to start but I was excited to write this post. I haven’t been developing applications with PHP and Symfony for a few years. Luckily I’ve built my latest API with Symfony 6 and PHP 8 and I feel like I’m back home.”

Voila! Symfony and PHP 8.1

 

.com Software says “Today we’re going to write a Symfony validator using the Test-Driven-Development technique. As you may know, it requires writing the test first, only then the code itself.”

Designing a Symfony Validator - the TDD way

 

Mike Milano explores:

Symfony Development with Lando

There will be more on PHP local development tools below.

 

Fabio Hiroki has another solid article for us. He says “in this article I'll show basic concepts for handling concurrent requests by building a banking web application. When coding there are some traps we need to pay attention specially because it's not a scenario easy to test.”

Database concurrency as simple as possible

 

Smaine Milianni always has something useful to share. Here he asks “emojis are part of our way of communicating, what about adding them to your Symfony form when a user needs to select a country?”

Emoji flag in the Symfony CountryType

 

Cool Zero parle the Power of the interface in Symfony. (en francais)

Le pouvoir de l’interface

 

Lindevs shows us:

2 Methods to Clear Cache using Console Command in Symfony 6

 

Cory Weinberg writes “although Drupal is not the most popular CMS, it is by far the best solution for non-standard and highly loaded services. Drupal is a free and open-source system that boasts high engine power, solid security, and reliability. Therefore, it is highly popular with many companies, regardless of the niche your business operates in.

With Drupal, you get the limitless possibilities of a framework and the convenience of a full-fledged CMS.”

Drupal Website Development – Key Features & Specs

Many of his points are why Symfony Station uses it.

 

PHP annotations will be replaced by attributes in upcoming versions according to Danial Sipos. “PHP 8 came with a lot of cool new features in the language. Among them, we finally have a native way of “annotating” classes, methods and all sorts of things. I used quotes because of the very ubiquitous Annotations library from Doctrine which we are using now to do similar things. PHP attributes are on their way to slowly replace those. I think. Don’t hold me to it though.”

PHP 8 attributes: Drupal 9 plugin discovery proof of concept

 

Mathias Noback writes about technical writing in:

Millennials doing things everyone should know about

 

Timeless

Inspector logo

Sponsored Article

We published our second sponsored article on Symfony Station exploring how code-driven monitoring helps you deliver successful Symfony products. Like all our articles it is now available via audio.

How code-driven monitoring helps you deliver successful Symfony products

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This Week

 

Erik the Coder continues his look at modern PHP.

PHP crash course : require, include, files manipulation and enumerations

 

Ajay Kapoor notes “With PHP being the most widely used web programming language, it’s easy to forget that it will be twenty-eight years old in 2022. In the tech world, that’s an eternity, but in business, it’s barely any time at all. If you’re currently using PHP or considering using it in the future, you might be wondering what the top benefits of using this technology are.”

Top Business Benefits of PHP for Web Development in 2022

 

Andrea Pollastri shares his PHP development stack.

PHP Developer Tools (2022)

 

Speaking of tools, for local development I have long used Local for WordPress projects. I am moving our parent organization, Mobile Atom Code’s, site over to Drupal. I am using Lando to convert the backend and DDEV to build a new theme for the frontend.

This article shows you how to use DDEV with GitPod.

DDEV and GitPod

 

Vonage Dev writes “it may surprise some readers that asynchronous PHP is nothing new. PHP5.5 introduced generators way back in 2014 which set us on this path, and since then we have seen the creation of amphp, ReactPhp, and OpenSwoole.”

Asynchronous PHP With Revoltphp & Vonage Voice API

 

Will Earp has a two-part series for us on PHP minification.

The State of Minification in PHP – How 1 Project Grew into 6

The State of Minification in PHP – How 1 Project Grew into 6 (Part 2)

I plan on testing his Torque WordPress plugin.

 

Ostell notes “when you think of command-line applications, PHP doesn't immediately come to mind. Yet the language powers many popular tools, either as independent programs or intended to be used within projects. Be it through its vast ecosystem of libraries and frameworks, its ability to interact with the host, or the versatility of its dependency manager, PHP features everything you need to build and ship powerful CLI applications.”

How to build and distribute beautiful command-line applications with PHP and Composer

 

Doğukan Akkaya shares:

How did we reduce Memcached memory usage in PHP

 

Anders Björkland continues his exploration of SilverStripe CMS.

Configure Email over SMTP with SilverStripe

 

Exakat notes “While doing a crowd review of naval battle code at @afup_rennes , it appeared that the ‘no array_merge() in loops’ rule was known but not clear. Indeed, why is it that this function in particular, should be avoided in loops. Hence, this article, with a journey to memory management, coding and classic PHP features. Here we go.

Speeding up array_merge()

 

The Backend Developer says “today I want to write about new 2 features about array that are newly added in php 8.1. Array unpack method was added PHP in 7.4 version but we could only use it for integers. But now we can use it for all types of arrays. This is a good 8.1 development for us.

Php 8.1-New Features | Array is a list? & Array Unpack

 

This one is self-explanatory.

PhpStorm 2021.3.2 is released

 

Last Week

 

Kateryna Shlyakhovetska writes “when you’re tired of endless code reviews and debugging, you may start wondering if there are ways to automate tedious tasks without it backfiring on you later in development. If this is something you or your team are interested in, you may want to take a closer look at server-side static analysis.”

Cut Time on Code Reviews and Project Planning With Static Analysis

Code logo

Other

 

Michael Cobb notes “API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them.

Protect APIs against attacks with this security testing guide

 

Aaron Francis writes “paginating records across large datasets in a web application seems like an easy problem that can actually be pretty tough to scale. The two main pagination strategies are offset/limit and cursors. We'll first take a look at the two methods and then a slight modification that can make offset/limit extremely performant.”

Efficient Pagination Using Deferred Joins

 

MySQL has multiple storage engines, and one of those is the blackhole engine. It acts as a "black hole" that accepts data but throws it away and does not store it*.*

Safer Staging Environments with Blackhole Storage

 

GitHub has a new way to monetize your repositories.

GitHub launches Sponsors-only repositories to help foster engagement with project backers

 

A deeper integration between Microsoft Sentinel and GitHub is a win for application security, marking a major step toward helping companies address security challenges in the software supply chain, cybersecurity industry executives told VentureBeat.

Microsoft adds ‘critical’ feature for GitHub security

 

Tanvir Safar says “Cloud computing and blockchain industries may very well have one property in common; both are growing rapidly while having the potential to revolutionize their respective fields. However, up until now, pioneers within the two industries have not yet found a common interest. That could soon change as projects have started embracing the idea of integrating the blockchain into the cloud computing sector, and we could soon see a future of endless possibilities.”

Integration of the Blockchain is a Game Changer in the Cloud Computing Sector

 

So what exactly is Web3, and why is everyone in Silicon Valley obsessed with it?

Web3 is the future, or a scam, or both

I don’t know myself, but the “art” perpetrated in NFTs is horseshit. And I grew up on a cattle farm so I know what I’m talking about. ;)

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please get in touch.

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

Happy Coding Symfonistas!

 

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 14 January 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> "This week, Symfony released the first versions of the recently open-sourced Symfony CLI project. In addition, Symfony announced the upcoming ending of Early Bird Tickets and Call for Papers period for the SymfonyLive Paris 2022 and SymfonyWorld Online 2022 Summer Edition conferences."

A Week of Symfony #784 (3-9 January 2022)

 

It's your last chance to get an Early Bird ticket for SymfonyWorld Online 2022 Summer Edition workshops, conference, or combo workshop and conference. The deadline is January 14th, 2022 11:59 pm (Paris time).

Last day of Early Bird registration for SymfonyWorld Online 2022 Summer Edition

 

Featured Item graphic

 

Featured Item

 

We just published our latest original content piece. It will be helpful if you are looking for a CMS for your next project.

Have you ever wondered which CMSs are built with Symfony? Well, probably not, but if you have this reference article shows which ones are and provides their relevant details.

Exploring the Content Management Systems of Symfony

 

This Week

 

Running a Symfony app inside a Docker container has a lot of advantages, but the downside is we have to type a longer command if we want to run the command inside the container. For this purpose, I wrote a small bash script to help me with that.

Run Symfony commands inside a Docker container

 

Wouter Carabain writes "securing your API endpoints is very important to prevent unauthorized access to your systems. But how do you do this efficiently? Are you going to build a user management system from scratch? Let me introduce you to Keycloak and how to integrate it with API Platform."

Integrating Keycloak with API Platform

 

Hanane Kacemi continues a series of posts on Symfony and Doctrine.

Symfony & Doctrine: Part 4

 

Dejan Angelov says "Symfony Messenger provides multiple ways for registration and configuration of message handlers. Nowadays, the handlers are usually registered by implementing the component’s MessageHandlerInterface interface, which makes the handlers auto-configurable by default, or by implementing some interface of ours which we can register for autoconfiguration manually. However, with the addition of the attribute's functionality in PHP 8.0, it doesn’t really make sense anymore to use interfaces for the purpose of “describing” our classes. In this article, we’ll explore how we can use our own PHP attributes to register and configure the message handlers."

Using custom PHP attributes for registering and configuring Symfony Messenger handlers

 

Last Week

 

Matt Glaman writes in the early days of Drupal 9 most folks were only using PHPStan on their Drupal sites via drupal-check for deprecation checks. I am excited to see more folks using PHPStan directly with phpstan-drupal to perform static analysis and deprecation checks. However, folks are starting to hit some Drupal WTFs when performing static analysis on a magical code base."

Documenting PHPStan + Drupal!

 

Timeless

Inspector logo

Sponsored Article

We published our first sponsored article on Symfony Station exploring how Code Execution Monitoring helps you identify bugs and bottlenecks in your Symfony app before your customers do. Like all our articles it is now available via audio.

Why You Should Use Code Execution Monitoring with Symfony

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

Gábor Hojtsy says "I apparently released the Drupal configuration schema cheat sheet 7 years ago (wow!) to help people adopt the then new format to describe configuration structure. I keep getting questions and requests about it, so decided to make a major update to it now and bring it to the present day for Drupal 9."

Major Drupal configuration schema cheat sheet update - 7 years later

 

Houssemeddine Souissi explores the new Symfony Authentication System (Login & Logout) in a fresh 5.4 project in this video and article.

New Authentication System

He also looks at RabbitMQ.

Discover RabbitMQ with Symfony 5 Project

 

Somehow, I missed these two posts from Tomas Votruba. He examines the Symfony HTTP Kernel component and when to use it.

When Symfony Http Kernel is too Big a Hammer to Use

Decomposing Symfony Kernel: What does Minimal Symfony Bundle Do

 

PHP logo

PHP

 

This Week

 

Brent writes "It's the fourth time I'm writing a yearly "PHP in 20XX" post, and I must admit I've never been as excited about it as this year: we've seen awesome new features added to PHP, with stuff like attributes, enums, promoted properties and fibers; and on top of that, the static analysis community is making great progress, my personal favorite feature is PhpStorm now supporting generics when writing code."

Exciting times are ahead, let's take a look at modern-day PHP!"

PHP in 2022

 

In this extensive tutorial Eric, the Coder examines the recent additions to PHP.

Modern PHP crash course

 

Backend Developer notes "are lots of new things in PHP and in this article, I will explain what fibers are and why we should use them in our projects."

Php 8.1 New Features — Fibers

 

Jolicode helps us find out how to approach a clone without fear.

PHP Clone All The Things

 

The ability to return nulls makes it all too easy to write brittle software.

Null Return Types

 

Andrea Spraga writes "At Slope, writing tests is a relevant part of our day-to-day work. Having to maintain many integrations and end to end (functional) tests, we are continuously required to create and manage fixtures." In this post, he shows us how.

A library-less approach to fixtures in PHP tests

 

Prosper Yong notes "date and time manipulation is one of a few frequently-experienced challenges of developing web apps in PHP. And one of its most prevalent issues is identifying time disparities and making them readable, such as "one hour ago".

However, handling dates and times — and issues such as this — is greatly simplified by using Carbon; it's a library which reduces lengthy hours of coding and debugging to only a few lines of code."

Times in PHP Using Carbon

 

Lorenzo B says "Every sufficiently complex web application use cookies and sessions. They are two technologies that you absolutely have to know, even if you are not a web developer. Why am I saying that? What are their usages and what should you use and why?

In this article, I will help you get an answer to those questions. Plus, I will show you some PHP functions you can use to implement cookies and sessions."

Cookies and Sessions: A Gentle Introduction With PHP

 

Anders Björkland continues his series of articles examining the SilverStripe CMS.

Create reviews for Googled books (in SilverStripe)

 

Eelco Verbrugge writes "in PHP a child class can inherit only from one single parent. This allows a class to reuse methods from vertical hierarchy by extending an Abstract class.

If you like to reuse methods in many classes in horizontal hierarchy, we use Traits. Traits are used to group methods and implement in multiple classes. Traits can't be initiated on its own like a normal class could."

PHP Traits Explained

 

Programming Insider explores PHP Web Frameworks in this article.

Top 5 Fastest-Growing PHP Web Development Frameworks

 

Last Week

 

Rafael Bernard Araujo says of PHP Initializers "When I see this new feature, lots of places that use Dependency Injection[3] come to my focus as candidates to be impacted, such as application or infrastructure service classes. As a result, we will write a much cleaner and leaner code without giving up good practices for writing modular, maintainable, and testable software."

PHP 8.1: more on new in initializers

Code logo

Other

 

JavaScript developer Marak Squires wasn't happy about not making money from his open-source libraries, so he deliberately corrupted them, leaving programmers and end-users with dead-in-the-water programs. ZDNet gives us the low-down.

When open-source developers go bad

 

Speaking of open-source, the MIT Technology Review notes that "volunteer-run projects like Log4J keep the internet running. The result is unsustainable burnout, and a national security risk when they go wrong." So, contribute to the PHP Foundation.

The internet runs on free open-source software. Who pays to fix it?

 

I didn't know this, but Alexandre Daubois tells us that the "Internet truly relies on 13 servers. How is it possible?"

The 13 Master Servers of Internet

 

Kadeisha Kean says "to inspect or update a web page dynamically, you need to access its elements. Find out how to use DOM selectors to target various parts of your page.

Learn How to Use DOM Selectors

 

Docker has a new capability.

Introducing SSO for Docker Business

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Happy Coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communique - 7 January 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.

*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.
 

Symfony


As always, we will start with the official news from Symfony.

Highlight -> "This week, Symfony 4.4.36, 5.3.13, 5.4.2 and 6.0.2 maintenance versions were released. In addition, Symfony announced the open sourcing of Symfony CLI, and we published the traditional Symfony 2021 Year in Review summary."

A Week of Symfony #783 (27 December 2021 - 2 January 2022)


There's a week left to enjoy the early bird registration for SymfonyLive Paris 2022 conference organized on April 7-8 2022. Join the team for a week of Symfony in French: 2-day workshops and 2-day conference!

SymfonyLive Paris 2022 : l'inscription early bird se termine le 10 janvier 2022


They have announced the workshops as well.

Les formations du SymfonyLive Paris 2022 sont en ligne


Early bird registration for SymfonyWorld Online 22 Summer edition ends January 14. Calls for presentations are open for it and SymfonyLive Paris.

CFP and Early Bird registrations are open for SymfonyLive Paris 2022 and SymfonyWorld Online 2022 Summer Edition


SymfonyCasts picks back up on their security series and writes "we added an “email verification” step to our registration by leveraging the symfonycasts/verify-email-bundle (hey! I know them!). Then we looked at actually validating the signed URL that we sent to the user to show *why* it failed when it does, and mark our user as “verified”.

And apart from being more powerful and less complex, the new Symfony security system comes with new stuff! Like “login throttling”. We enable this & open up its source code to see how it works. Hint: it works via events!"

This week on SymfonyCasts

 

Featured Item graphic

 

Featured Item


We continue to highlight a post of the week. This one was an obvious and easy decision.

This week I am choosing one of the most useful posts I've found in a long time. It's primarily about the frontend and self-explanatory.

10 Resources for Web Developers

 

This Week


API Platform creator Kévin Dunglas writes: "I’m very excited to announce that after 6 years of teamwork, Symfony and API Platform now include an industry-first set of tools designed to automatically create, manage and run the Docker containers needed for your applications."

Symfony’s New Native Docker Support (Symfony World) Presentation


Dariusz Gafka explores "pushing the refactoring of our Symfony Applications to their boundaries. We will focus on dropping boilerplate completely so we can write only the code that matters, allowing us for easy modifications, maintenance and future extensions." We will focus on dropping boilerplate completely so we can write only the code that matters, allowing us for easy modifications, maintenance and future extensions."

Build Your Symfony and Doctrine ORM Applications with ease using Ecotone


Fabio Hiroki has another excellent article for us. This one covers using Symfony with the RabbitMQ message broker.

Introduction to RabbitMQ and Symfony


Mike Zukowski follows up on an article he wrote how to improve your application’s response time with lazy Twig extensions.

Testing Twig Extensions The Right Way

 

In previous communiques I shared Anders Björkland's articles on the SilverStripe CMS. Here's the latest one.

Query me some Google Books API
 

Regarding CMSs our next original article will cover those built with Symfony Components. Check back next Wednesday to read it.


There was an explosion of Drupal news this week. So, here we go.

Speaking of Twig, Drupal 10 will update its implementation of Twig from version 2 to 3. Here are the details so you can prepare.

Twig Updated from 2.x to 3.x


Drupal uses the EventDispatcher component from Symfony, which implements the Mediator and Observer design patterns. This allows for business logic to be extensible without making systems entirely coupled. The originating system dispatches an event and allows any other system to react to that event or modify data associated with that event. The originating system can then perform other interactions after its observers have processed the event.

Registering your PHPUnit test as an event subscriber for testing events

 

Last Week


While the Drupal Content Management (CMS) system is a popular solution for all-in-one websites, it also works well as a “content warehouse” that other systems can pull from. In this tutorial, we will use Drupal Views to create two API endpoints that an app or website can use to request content from a Drupal CMS.

How to Create REST API Endpoints with Drupal Views


And finally on the Drupal front, here is a useful cheat sheet for developers.

Major Drupal configuration schema cheat sheet update.


Tanvir Ahmad shows us how to create PHP CLI application with the Symfony console component.

Easy Way to Create a Symfony Console Application

He also has this post.

How to Run Symfony Console Command in AWS Lambda

 

Timeless

Inspector logo

Sponsored Article

We published our first sponsored article on Symfony Station exploring how Code Execution Monitoring helps you identify bugs and bottlenecks in your Symfony app before your customers do. Like all our articles it is now available via audio.

Why You Should Use Code Execution Monitoring with Symfony

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

PHP logo

PHP

 

ThisWeek


Kévin Dunglas also writes: "In modern web applications, it’s a common pattern to serve the web API and the frontend app from different subdomains. This was the pattern implemented by API Platform until last year. But we changed that for 2 main reasons: performance and REST principles."

Preventing CORS Preflight Requests Using Content Negotiation


Alex Hernandez writes: "Over the years, I’ve learned how to set up Docker in a way it’s easy to use without needing to know every detail. Today I want to give you an easy-to-use template in order to use Docker with PHP, explained, so you can understand how it works in just 10 minutes."

Docker Template For PHP Explained


Vishwa Chikate asks: "how can we better implement the callback Class/Methods a.k.a the resource handlers associated with an REST HTTP API. The idea which will be covered will help #developers in having a Reusable, Extendable and an easily Maintainable code.

The approach outlined here can be applied to any PHP framework of choice or it can be considered as implementation practice in other languages / framework’s."

PHP: RESTful API resource handlers


Feel like building a PHP site from scratch? Jens Kuerschner, @jekuer, has the article for you.

Build a kick-ass PHP Microsite in under 4 hours


I found the following to be an interesting case study from Matt Kingshott @mattkingshott.

How I designed and built Lumeno’s recruitment search engine


I have shared work from Eelco Verbrugge, before. Here he explains PHP interfaces.

PHP Interfaces Explained


Christophe Avonture mentions that "As a loyal reader of several forums for years, I frequently find unreadable PHP code posted by beginners asking for help. Before we can try to help them, it is sometimes useful to reformat the code and rewrite it partially." He shows us how here.

Docker - Run/Refactor PHP code from a web interface


This is a short but very interesting post from Mike Zukowski.

Adding a watermark to a video in PHP


PHP Stripe API turns the agonizing task of collecting credit card payments into a matter of copy & paste. It’s basically a JavaScript library that interfaces your web page to Stripe’s web servers. The information is never sent to your servers making it so effective. You don’t have to stress over the server-side settings of your application.

The Stripe PHP library gives access to the Stripe API from applications composed within the PHP language. It incorporates a pre-defined set of classes for API that initialize themselves from the API which makes it compatible with a wide run of versions of the Stripe API.

Streamline Your Online Payments With PHP Stripe Payment Gateway Integration

 

Last Week


Based on the most recent Stack Overflow survey in 2020, Python was the most used language according to 70% of its respondents, while PHP was chosen by 25%. However, market reports from w3techs.com tell a different story, showing that nearly 78% of all websites today run PHP. Much of PHP’s mainstay can be attributed to Wordpress and Shopify, which constitute around 45% of all websites today.

8 Reasons Why PHP Development Is Not Dead

 

Timeless


Genuinely useful tips are always welcome, and Damian Brdej has these for PhPStorm.

8 most useful PhpStorm keyboard shortcuts

Code logo

Other


The State of the Octoverse from GitHub explores a year of change in programming. Its research tells you how to improve your performance and well-being by developing code, creating documentation, and supporting communities in smarter, more sustainable ways.

The State of the Octoverse


The Next Web looks at why shrinkflation is not a solution for inflation in the programming industry.

Don’t let ‘shrinkflation’ affect your software development


Kesk gives us "eight little tips that can save you time in your day-to-day as a programmer. Some are basic while others could be a little complex."

8 Super-useful SQL Snippets You’ll Want to Have on Hand


Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.


That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.


Please share this post. :) Be sure to join our newsletter list at the bottom of any of our site’s pages. Joining gets you each week's communique in your inbox (a day early). And follow us on Twitter at @symfonfystation.


Happy Coding Symfonistas!
 

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communique - 3 December 2021

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. This week it's extensive again, so take your time and enjoy its most valuable items.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.

 

*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

Symfony 

 

As always, we will start with the official news from Symfony.

 

Highlight -> "This week, Symfony 4.4.35 and 5.3.12 releases were published to address some potential security vulnerabilities. In addition, Symfony 5.4.0-RC1 and 6.0.0-RC1 were published in preparation for their imminent stable release. Lastly, Symfony announced the last days of its Black Friday 2021 deals which end on November 29."

A Week of Symfony #778 (22-28 November 2021)

 

Javier continues a series of posts on what's new in Symfony 5.4.

 

 

It's finally here. Symfony 6 is available!

Symfony 6.0.0 released

 

Symfony 5.4 as well.

Symfony 5.4.0 released

 

SymfonyWorld conference starts in just a week: 10 workshops, 25 talks and hundreds of community members to meet. Don't miss it!

A week left before SymfonyWorld Online 2021 Winter Edition, book your ticket now!

 

SensioLabs has this for us: "To mark the release of Symfony 6, SensioLabs has interviewed Nicolas Grekas, one of the most active members of the Symfony core team. Grekas described the main new features of this latest major version of Symfony and how to start preparing for the upgrade."

Deep dive into Symfony 6: the interview with Nicolas Grekas

 

SymfonyInsight is the official Symfony platform to monitor and maintain high quality projects over long periods of time. It also helps you reduce business risks and upgrade your application dependencies.

PHP 8.1 is the latest version of PHP, released on November 25th. We’re thrilled to announce SymfonyInsight support of PHP 8.1 and all its features (enums, readonly properties, etc)!

SymfonyInsight now supports PHP 8.1!
 

 

Featured Item graphic

 

Featured Item

We continue to highlight the most significant post of the week.

 

Stitcher.io has this for us.

PHP 8.1 was released on November 25, 2021. This post will go through all features, performance improvements, changes, and deprecations one by one.

 

What's new in PHP 8.1

 

This week

 

Speaking of Symfony 6, Alex Daubois has this interesting post.

What's this upcoming "Encryption" component of Symfony 6.1?

 

Kiratas provides this advice: "SensioLabs has presented versions 5.4 and 6.0 of the popular PHP framework Symfony. The two versions are identical regarding the innovations, but Symfony 6 cuts off old braids and removes all content marked as outdated (deprecated). Therefore, developers who want to switch to the new main version should first switch to 5.4 and remove all deprecations."

PHP framework: Symfony 6.0 appears at the same time as version 5.4

 

Via SymfonyCasts: "We're heading into Twig and inside a service to fetch the currently-authenticated user. While we're there, we'll add some custom methods to our User class to make it smarter!" They continue their look at Symfony security with:

This week on SymfonyCasts

 

Mattia Toselli shows us how to develop a simple app with Symfony 5 on our local machine. Then we will deploy this app using a service of DigitalOcean called App Platform.

How to create an automated pipeline for deploy with Symfony 5 and DigitalOcean App Platform.

 

Why invest in AWS CDK today? Using a simple example with a basic web application built with the Symfony framework, this article will show you how to industrialize any application with Infrastructure as Code (IaC) methodology on AWS.

Build and Deploy a Symfony Application on AWS using CDK, ECS, and RDS

 

I know that there seems to be one of these comparison posts every week. But, if they have something new in them, even one sentence, we'll continue to feature them.

Laravel vs. Symfony: Which PHP Framework to Choose for Enterprise-grade Web Applications?

By the way, the answer for Enterprise-grade is Symfony.

 

Prestaconcepts brings us this post in French.

What Symfony 5.4 Brings

 

Doctrine has a new release.

New Release: Doctrine DBAL 3.2.0

 

Gábor Hojtsy writes: "As you may know, we are planning to release Drupal 10 in 2022 (as early as June) because Drupal 9's Symfony 4 and CKEditor 4 are both at the end of life the year after, around the end of 2023. So we plan to give enough time for people to update to Drupal 10 before Drupal 9 goes end of life. A similar situation happened with Drupal 8 to 9 driven by Symfony 3 to 4. However, moving Drupal 10 from Symfony 4 to 5 would again only give us a couple of years to move on to Symfony 6 next, so the current plan is to move to Symfony 6 straight away."

The big Symfony 4 to 6 jump plan in Drupal 10 and potential benefits down the line for future versions

 

Websites developed on the Symfony framework were vulnerable to web cache poisoning attacks due to misuse of HTTP headers, according to CyberIntelMag.

Symfony PHP Framework Had Cache Poisoning Vulnerability

 

Last Week

 

Hantsy has the following min-tutorial.

Building Restful APIs with Symfony 5 and PHP 8

 

Timeless

 

The idea behind Inspector is to create a monitoring environment specifically designed for software developers avoiding any server or infrastructure configuration that many developers hate dealing with. It works with a lightweight software library that you can install in your application like any other dependencies. In the case of Symfony, you can use our official Symfony Bundle. 

Code Execution Monitoring for Symfony applications using Inspector

 

When it comes to open source ecommerce platforms, there are quite a few solutions to choose from. You may have heard about Magento or PrestaShop. But have you ever seen something about Sylius?

What is Sylius and how to use it?

 

As you may know, I ran across Akashic Seer's blog last month, which boasts Symfony-related posts. Here are a few more from his archive delivered with his unique approach.

How to add CSRF protection to Symfony 5+ forms

How to access Doctrine in Symfony 5+ services

 

PHP logo

 

PHP

 

This week

 

To paraphrase Cloudways, PHP is the backbone for almost every website, and its security shouldn't be negligible. PHP developers are responsible for avoiding common threats like cross-site request forgery, SQL injections, and data tampering. And PHP has built-in security features that make it easier for developers to protect their websites.

Ultimate PHP Security Best Practices

 

This week, the latest PHP RFC, Deprecate Dynamic Properties, passed 2:1. It barely met the 2/3 vote threshold for passing, which of course, can and has been spun in various pro-and-con ways. The prominent argument people had against it was that it involves triggering deprecation warnings, which is kind of the point. That's what it does mostly.

Evolving PHP safely

 

Here's more on security as Matthieu Robin asks: "You've been using PHP for years, and it seems to work just fine, but have you ever wondered what more you could be doing to keep your scripts secure?" 

10 Ways to Improve Your PHP Security

 

Vedran Mihočinec too has a question. What is the easiest way to dockerize PHP applications?

The Easiest Way to Dockerize PHP Applications

 

In past communiques, we examined Anders Björkland posts on Bolt CMS. Here he takes a look at Silver Stripe CMS in two posts.

A CMS with a new take - SilverStripe first impression

Adding registration to SilverStripe and controlling privileges

 

On an unrelated note, he also posted.

Overview - The C in PHP stands for Christmas 🤶🎅. Follow this daily in December.

 

Speaking of PHP CMSs.

Composer and Contao for the Rest of the World

 

Ibrahim Alausa has written a comprehensive guide on writing cleaner, shorter class constructors.

PHP 8: Constructor Property Promotion

 

Jetbrains has another announcement, although it's quite as big as last week's.

JetBrains Remote Development: The ultimate coding experience for a remote world

 

They also announced that PhpStorm 2021.3 is now available. This major release introduces full support for PHP 8.1, better handling of generics in PHP, remote development, improvements to deployment, an HTTP client, refactorings, and much more.

PhpStorm 2021.3: PHP 8.1, Generics, Remote Development, Refactorings, and More

 

Olotin Temitope shows us how to configure Xdebug with PHPStorm and Docker to debug like a pro.

How to debug like a pro using Xdebug, PHPStorm, and Docker.

 

PHP Architect interviews feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.

Interview with Vinícius Campitelli

 

As of today, when you update dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table.

Introducing: Update Review

 

Last Week

 

In this episode of the PHP Internals News podcast, they're looking back at all the RFCs that were discussed on the podcast for PHP 8.1. In their own words, the RFC authors explain these features, with your host interjecting his comments on the state of affairs. Please give it a listen.

PHP Internals News: Episode 95: PHP 8.1 Celebrations

 

In this video, BeachCasts shows us how to:

Measure PHP Code Quality With Static Analysis Using PHPStan

 

James Seconde has more on PHPStan.

Scrub Up! Cleaning Your PHP Application With PHPStan

 

If you use Drupal, its PHPStan solution gets an update.

Better static analysis with entity type storage in phpstan-drupal 1.10

 

And there's another one of these. Sigh.

Is PHP a Dying Language?

And as long as most of us will be alive, the answer is no. But the author still makes some interesting points about why that is.

 

Code logo

 

Other

 

How will future AI systems make the most ethical choices for all of us?

Worried about AI ethics? Worry about developers' ethics first

 

To continue on that line.

AI can translate standard written text to code

 

And regarding other so-called threats to the careers of developers.

Low code will help but don't expect a revolution

 

Here are five handy MySQL string functions you can add to your toolkit.

5 MySQL String Functions You Should Know

 

This type of CSS review is always helpful.

Flexbox vs. CSS Grid: What are the differences between the two, and when should you use them?

 

Postman says: "Before promoting an API direction, all parties must understand where we are and what destinations are possible. A map helps simplify an overwhelming number of technologies, techniques, and ideologies into something approachable and with a clear way forward. Ultimately, maps provide key insights so that having a conversation about an ecosystem's strengths and weaknesses can occur." 

How to Improve an API Ecosystem with Mapping

 

GitHub had some problems this week, but they were able to post this about Actions.

GitHub Actions: reusable workflows are generally available

 

Here's an in-depth look at Docker, which is always helpful.

Dock Life: Using Docker for All The Things!

 

And here's a look at the vital topic of user experience.

The State of UX in 2022

 

Like most articles in the New Yorker, this is a long one. But, it's worth grabbing your favorite beverage and reading it at your leisure.

Lina Khan's Battle to Rein in Big Tech

 

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.

 

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday. 

 

Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Happy coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to SilverStripe

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon