Freek.dev

Philip Walton, an engineer at Google, wrote a wonderful article that every developer should read. He talks about front-end engineers, but most tips are applicable to back-end engineers as well. A few quotes:

Taking the time to figure out why your hack works may seem costly now, but I promise it’ll save you time in the future. Having a fuller understanding of the systems you’re working within will mean less guess-and-check work going forward.

Solving problems on your own is a great way to learn, but if that’s all you ever do, you’ll plateau pretty quickly. Reading other people’s code opens your mind to new ways of doing things.

In my experience, writing, giving talks, and creating demos has been one of the best ways to force myself to dive in and fully understand something, inside and out. Even if no one ever reads what you write, the process of doing it is more than worth it.

Read more

It is known by now that every codebase large enough (in terms of lines of code or people collaborating to it) should follow any code standard. Here at Coolblue we weren’t different and were using our own coding standard.

But codebases evolve. And our codebase – that has been supporting one of the most visited ecommerces in The Netherlands – needed to be upgraded to a coding standard that’s a little bit more up to date.

This is the process we follow to move into PSR-2.

In the past months we converted several of our old projects to PSR-2 with Fabien Potencier's coding standards fixer and had zero issues doing so. Hurray for standardized code.

Read more

In 2015 web developers understand more about SSL than they ever have. If you read Hacker News you should know:

• You can get domain validated (DV) certs from Let's Encrypt for free.
• You can get extended validation (EV) certs from CertSimple with checks before you pay. That's us by the way!
• The Mozilla SSL Config Generator can set up your server as secure as possible for the browsers you want to support.
• When you're done, use SSL Labs to check everything. Make sure you get an A, otherwise people will pick on you.

What about the rest?

Read more

Correctly naming things is the most difficult programming task (except for documenting). However, this is only because we often afford these tasks insufficient consideration. As with most things, the more we do it the easier it becomes. In this article we will discover how to choose correct names for our methods.

Read more

Mr. Composer, Jordi Boggiano, has posted an overview of composer features that have become available in the past year. A very nice one is config.platform.

The `config.platform` option lets you emulate which platform packages you have available on your prod environment. That way even if you have a more recent PHP version or are missing an extension locally for example, composer will always resolve packages assuming that you have the packages you declared installed.

Read more

There's a lot PHP 7 love going around these days, but PHP 5.6 has it's fair share of nice features too. One of those features is the splat operator. It looks like this: ....

The splat operator can capture a variable number of arguments.

function logThis(...$messages)
{
    foreach ($messages as $message) {
        echo $message.PHP_EOL;
    }
}

logThis('one', 'two', 'three');

You can still use regular arguments as well:

function logThis($firstMessage, ...$otherMessages)
{
    echo "superimportant: {$firstMessage}".PHP_EOL;

    foreach ($otherMessages as $message) {
        echo $message.PHP_EOL;
    }
}

logThis('one', 'two', 'three');

Another usage for the splat operator is argument unpacking:

$messages[] = "one";
$messages[] = "two";
$messages[] = "three";

logThis(...$messages);

The operator can also help replacing usages of call_user_func_array to something more readable. Consider this contrived example where all calls to a class are forwarded to a dependency.

class ClassA
{
    protected $classB;

    public function __construct(ClassB $classB)
    {
        $this->classB = $classB;
    }

    public function __call($method, $args)
    {
        call_user_func_array([$this->classB, $method], $args);
    }
}

Using this splat operator this can be rewritten to:

class ClassA
{
    protected $classB;

    public function __construct(ClassB $classB)
    {
        $this->classB = $classB;
    }

    public function __call($method, $args)
    {
        $this->classB->$method(...$args);
    }
}

Do you know some other cool usage of the operator? Let me know in the comments below.

Read more

When creating output from a Symfony based console command you might have created a title using code like this:

$output->writeln('');
$output->writeln('<info>Lorem Ipsum Dolor Sit Amet</>');
$output->writeln('<info>==========================</>');
$output->writeln('');

Starting from Symfony 2.7 there's a nice way to style the output of console commands. This code produces the same output as the example above

$io = new SymfonyStyle($input, $output)
$io->title('Lorem Ipsum Dolor Sit Amet');

There are styles for titles, sections, questions, tables, and so on. Take a look at the documention to learn what's possible.

Read more

In a new article on his blog Frank De Jonge demonstrates a lesser known feature/bug of PHP.

When two objects are of the same type, they can access the private properties of the other. This might seem like a bug, but it's actually a very valuable feature. For instance, it allows you to perform very efficient equality checks without the need to publicly expose your internals.

Read more

A fun talk by Christin Gorman.

Join me for some ranting about how best practices from open source development and project management school is making your sustaining team miserable.

Read more

Some good tips by Matthieu Napoli on how and why to use a good coding style.

The main point of this article is:

• it’s possible to think about coding style logically
• sometimes doing so forces us to challenge our habits
• when unsure or dubious: just try

Read more

Jonathan Reinink made some very pretty slides with lots of good advice regarding templates.

Read more

Ross Tuck does not blog often, but when he does you probably are going to learn something useful. In his latest post he shares some techniques regarding exceptions.

Over the last couple years, I’ve started putting my Exception messages inside static methods on custom exception classes. This is hardly a new trick, Doctrine’s been doing it for the better part of a decade. Still, many folks are surprised by it, so this article explains the how and why.

Read more

A really great talk by Sandi Metz in which she refactors a nasty block of conditional code to a few small, understandable objects.

https://www.youtube.com/watch?v=8bZh5LMaSmE

Read more

If you have a form on your website where one of the fields is of the `type="password"`, the page will now be marked as insecure in your browser if it is served over a plain HTTP connection.

Read more

"Password must contain 1 uppercase letter, 1 lowercase letter, and 1 number."

With a rule like that, the password Abcd1234 would pass your validation, but mu-icac-of-jaz-doad would not.

Ryan makes an excellent suggestion to replace password rules by an entropy estimator like Zxcvbn.

Read more

Matt Stauffer explains when and how you can leverage custom blade directives.

One of the greatest aspects of Laravel Blade is that it's incredibly easy to handle view partials and control logic. I find myself frequently extracting the contents of a loop out to a Blade partial and then passing just a bit of data into the partial.

But sometimes the repetitive code isn't the view itself, but the conditional logic I'm running.

Read more

In this excellent post Matthias explains why you can't put all your trust in cat when inspecting a file:

https://ma.ttias.be/terminal-escape-sequences-the-new-xss-for-linux-sysadmins/

Let's all agree to never trust anything that has been posted on the internet without very thorough inspection. And let's especially agree to never run an arbitrary command or script found on the internet, without really close inspection.

Read more

After giving excellent talks at both Laracons, contributing to Laravel's new ACL, putting out an interesting Full Stack Radio episode with Wes Bos, Adam Wathan today published a new screencast. He is now officially on a roll.

After my presentation at Laracon this year, a lot of people asked me how I'd take that same polymorphic approach when the objects would have to be retrieved from the database.

This screencast covers how I'd approach implementing the same idea in a real Laravel application with Eloquent, by using polymorphic relationships and delegation to accomplish the same thing without having to resort to any nasty conditionals.

Read more

When I first learned to program, I made many objects that were mutable. I made lots of getters and lots of setters. I could create objects using a constructor and mutate and morph the heck out of that object in all kinds of ways. Unfortunately, this led to many problems. My code was harder to test, it was harder to reason about, and my classes became chock full of checks to ensure that it was in a consistent state anytime anything changed.

...

Now, I favor creating immutable objects.

The post clearly explains the benefits of using immutable objects and a nice example.

Read more