Install PHP7 and Composer on Windows 10

PHP7 is a general purpose scripting language well suited for web development. Composer is the defacto package manager for PHP7. This tutorial will show you how to install PHP7 and Composer on Windows 10 for use in a command prompt.

A common misconception is that you need a web server like IIS, Apache, or Nginx to get started with PHP7 development. In fact, PHP7 has its own built in web server that you can invoke at the command prompt. Modern PHP frameworks such as Opulence, Symfony, Cake, Laravel, WordPress, and many more support this.

Installing PHP7

Download the latest PHP7 (non-thread safe version) zip file from http://windows.php.net/

Extract the contents of the zip file into C:\PHP7

Copy C:\PHP7\php.ini-development to C:\PHP7\php.ini

Open the newly copied C:\PHP7\php.ini in a text editor.

Scroll down to “Directory in which the loadable extensions (modules) reside.” and uncomment: extension_dir = “ext”

Notepad++ is great.

Scroll down to the extensions section and uncomment the extensions you want to use.

Note: The syntax used in previous PHP versions (‘extension=’php_*.dll’) may be deprecated in a future PHP major version.

Tweak other settings as needed.

Note: Don’t forget to keep your php.ini file in a safe place when you upgrade in the future!

Add C:\PHP7 to the Windows 10 system path environment variable.

Windows 10 has finally improved this interface, yay!

In a command prompt test that the installation is successful by typing php -v

ConEmu is great.

Installing Composer

On my computer I’ve created a C:\Users\dac\bin directory where I keep miscellaneous executables. This directory is in my user path.

Use a search engine to find a tutorial and do something similar. Optionally install composer in the C:\PHP7 directory you just created as it’s already in your path.

To get composer.phar, drop to a command prompt, cd into your target directory, and run:

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php
php -r "unlink('composer-setup.php');"

(Important! Click here for a more secure and up-to-date install snippet.)

Next, create a new composer.bat file alongside the composer.phar file so that Windows 10 can execute it more easily. (Source)

echo @php "%~dp0composer.phar" %*>composer.bat

Test that it’s working by typing composer -V

ConEmu is still great.

MySQL Dump Full Structure, Partial Data, With Triggers & Routines.

You want to do a MySQL dump. You want the entire structure of the database but you want to exclude some tables because they are too big, have sensitive data, or other reasons. Your MySQL database has triggers, routines, and all that good stuff because it’s 2016.

When I went looking for a solution I read a tutorial that wrongly suggested dumping triggers and schema together in the first step. The problem with this approach is when you import your data, the ON INSERT triggers are executed, and this can lead to primary key conflicts or other weird issues. I learned the hard way.

A better way:

  • Schema first
  • Data next
  • Triggers and routines last
mysqldump --no-data --skip-triggers DATABASE > FILE.sql

mysqldump --no-create-db --no-create-info --skip-triggers --ignore-table=TABLE1--ignore-table=TABLE2 DATABASE >> FILE.sql

mysqldump --no-create-db --no-create-info --no-data  --routines --triggers --skip-opt DATABASE >> FILE.sql

Good times.

Autocomplete a Silex Project in PHPStorm

The problem with Silex, and Pimple in general, is that when you do:

$app = new \Pimple\Container();
$app['Foo'] = function () { return new \Acme\Foo(); };
$app['Bar'] = function () { return new \Acme\Bar(); };

PHPStorm has no way of knowing what’s going on in, or how to auto-complete, $app.

I’ve gotten around this in the past by creating an “Inception Proxy” alongside a .phpstorm.meta.php configuration but for a new Silex project I’ve inherited this is not possible.

Pro-tip: If your IDE doesn’t know what’s going on then neither will the poor jerks who inherit your code.

Looking for a solution to this I discovered the PHPStorm Silex Plugin. It’s a bit wonky but it does the job. (sometimes the IDE doesn’t recognize $app and I don’t know why yet.)

For the Silex Plugin to work it requires a manually created configuration file in the project root named “pimple.json”. This file more or less duplicates the functionality of .phpstorm.meta.php but I digress… Pimple.json can be automatically generated using Pimple Dumper.

The format of “pimple.json” looks like:

[
    {
        "name": "routes",
        "type": "class",
        "value": "Symfony\\Component\\Routing\\RouteCollection"
    },
    {
        "name": "request.http_port",
        "type": "int",
        "value": 80
    },
    {
        "name": "charset",
        "type": "string",
        "value": "UTF-8"
    }
]

Once that file is in place, and you jiggle the IDE/Plugin, auto-complete comes alive! Horray for sanity.

Password Protect WordPress Admin With .htaccess

The wp-admin panel is already password protected in that you are required to login. Sometimes that’s not good enough. This tutorial explains how to add an additional layer of authentication to the login process, essentially blocking wp-login.php requests from annoying bots or other malicious users.

Step 1:

Create a `/path/to/.htpasswd` file. (More info.)

Step 2:

Create a `/path/to/your/site/wp-admin/.htacess` file with the following content:

AuthUserFile /path/to/.htpasswd
AuthType basic
AuthName "Restricted Resource"
require valid-user

# Whitelists

<Files "admin-ajax.php" >
   Order allow,deny
   Allow from all
   Satisfy any
</Files>

<Files "*.css" >
   Order allow,deny
   Allow from all
   Satisfy any
</Files>

<Files ~ "\.(jpg|jpeg|png|gif)$">
   Order deny,allow
   Allow from all
   Satisfy any
</Files>

Change `/path/to/` your files accordingly.

Important! Under Whitelists I have added entries for admin-ajax.php, *.css, and a regular expression for images. This unblocks WordPress’ AJAX functionality used by certain plugins, as well as CSS and image files certain themes may be importing. Without these you risk breaking your site.

Step 3:

Append the following to your existing WordPress .htaccess file one parent folder up (Ie. /path/to/your/site/.htaccess):

<Files wp-login.php>
  AuthUserFile /path/to/.htpasswd
  AuthType basic
  AuthName "Restricted Resource"
  require valid-user
</Files>

Change `/path/to/` your files accordingly.

PHP Code Of Conduct, Discussion

« I note that after much hue and cry, and many arguments, I still do not know what color this bikeshed will be.

I feel I have been informed of the many examples of problems with colors, cultural relevance of specific hues, details of paint techniques, anecdotes of past experiences with varying colors, larger socio-economic issues reflected through color choices, philosophy of colors, philosophy *about* the philosophy of color, legal and moral issues confronted during color evaluation, the impact of other bikeshed color choices, and how specific colors (and patterns) are under-represented, the finer details of paint application personel selection, and how certain colors are representative of larger social issues being played out in microcosms in individual environments…

….but I still do not know what color this bikeshed will be.

Please advise. »

Source.

Fix CSS Path Errors by Setting Resource Root Folders In PHPStorm

While developing a plugin for WordPress I was having trouble linting CSS files in PHPStorm. One file in particular was giving hundreds of false positives for errors related to paths:

False positives
The right side gutter is all red but most of these errors are wrong.

This bothered me. I wanted to fix the reported errors but the reporting was wrong. Most of the time there was nothing to fix. After much fiddling I discovered files under a folder marked as Resource Root can be referenced as relative:

Resource Root
To fix the above, set Resource Root(s) in PHPStorm

Low and behold the errors became real! Oh crud, time to fix.

Real errors
Now the right side gutter shows actual errors (that I should fix!)

Source:

https://www.jetbrains.com/phpstorm/help/configuring-folders-within-a-content-root.html

Setting up Coveralls.io (with Travis CI and PHPUnit)

Step 1)

Register you GitHub repo with Travis CI and Coveralls.IO.

Step 2)

In your .travis.yml file, add:

before_install:
- composer require phpunit/phpunit:4.8.* satooshi/php-coveralls:dev-master
- composer install --dev

script:
- ./vendor/bin/phpunit --coverage-clover ./tests/logs/clover.xml

after_script:
- php vendor/bin/coveralls -v

Where:

  • before_install: Calls composer and installs PHPUnit 4.8.* + satooshi/php-coveralls.
  • script: Calls the installed version of PHPUnit and generates a clover.xml file in ./tests/logs/clover.xml. (This XML file will be used by PHP-Coveralls.)
  • after_script: Launches satooshi/php-coveralls in verbose mode.

Step 3)

Create a .coveralls.yml file that looks like:

coverage_clover: tests/logs/clover.xml
json_path: tests/logs/coveralls-upload.json
service_name: travis-ci

Where:

  • coverage_clover: Is the path to the PHPUnit generated clover.xml.
  • json_path: Is where to output a json_file that will be uploaded to the Coveralls API.
  • service_name: Use either travis-ci or travis-pro.

Step 4)

Add badges to your GitHub README.md file.

[![Build Status](https://travis-ci.org/NAMESPACE/REPO.svg?branch=master)](https://travis-ci.org/NAMESPACE/REPO)
[![Coverage Status](https://coveralls.io/repos/NAMESPACE/REPO/badge.svg?branch=master&service=github)](https://coveralls.io/github/NAMESPACE/REPO?branch=master)

Replace NAMESPACE and REPO to match your GitHub repo.

PHP Configuration Files Rant

Let’s start with a joke. This GitHub repository:

“It’s funny ’cause it’s true” -Homer Simpson

Text configuration files (XML, Yaml, JSON, INI, …) work when the configuration is read once, the software persists in memory, and the application doesn’t exit until the user is done.

This is not what PHP does best. Sure PHP also reads the configuration file “once” but the fundamental difference is that PHP starts and exits dozens, maybe hundreds, of times for a single user using a single application.

The metaphorical equivalent would be relaunching World Of Warcraft every time time a user clicks on something.

I know some of you are thinking “Well that’s dumb. I wrote a game in PHP and the webpage isn’t reloading every time the user clicks…” but break that down: you wrote PHP which renders something the user is experiencing in a web-browser (C++) that may or may not be making Ajaxy calls back to the server (JavaScript) and PHP’s role in this solution is always to start-up, process data, return data, then exit.

For PHP to be the right tool for the right job, it has to be fast. Fast for developers to develop in *and* also fast for end users. (Hooray for PHP7!)

Some clever devs get around configuration performance problems by adding extra steps such as transpiling text into pure PHP before deploying, but do these complicated solutions really serve the PHP developer and the underlying philosophy of how we write code? When it comes to PHP there is a nuanced difference between “performance” and “fast.”

Let’s talk about JSON.

JSON, a “text only” and “language independent” data-interchange format, is currently the cool kid on the block, but from the perspective of JavaScript?

var json = { "this": "is", "valid": "javascript" };

Wow. Talk about language independence. No reprocessing!

The equivalent in PHP:

$php = [ 'this' => 'is', 'valid' => 'php' ];

Tada! No overhead of having to validate, process, and convert to PHP. Is it uglier? Debatable.

To be clear: XML, Yaml, JSON, and friends are fine as documents or as data to be processed by PHP.  This is totally normal and sometimes even useful. 😉 Barring that, any reasonable PHP developer must conclude that configuration files cannot be a bottleneck.  Not a bottleneck for speed of delivering shippable code, nor a bottleneck for acceptable performance. When choosing anything other than native PHP for configuration you are making a trade-off. Is the trade off worth it? The answer is always no. 1

But the secretary needs to be able to edit the app config live on the server and PHP is too hard for him!

No.

But caching! But Transpiling!

No.

But I like coding parsers!

Cool! Use your powers for docs and data, not PHP configs.

But I secretly want to be a JavaScript, Python, Ruby, C#, Java or anything but a PHP developer!

Uhhh, OK?

[1] Unless you are storing your PHP configs in Apache or Nginx as ENV variables. Then to you madam or sir, I bow down.