PHP Community

TDD: Checking the return value of a Stub

Planet-PHP - 4 hours 38 min ago

State verification is used to ensure that after a method is run, the returned value of the SUT is as expected. Of course, you may need to use Stubs on a test double or a real object to tell the object to return a value in response to a given message.

In Java, you declare a method’s return type in its method declaration, this means that the type of the return value must match the declared return type or otherwise you will get a compiler error. In PHP, for example, you dynamically type the return value within the body of the method. This means that PHP mocking libraries cannot check the type of the return value and provide guarantees about what is being verified.

This leads to the awkward situation where a refactoring may change the SUT behaviour and leave a stub broken but with passing tests. For example, consider the following:

Developer (A) creates 2 classes, Presenter and Collaborator:

class Presenter
{
    protected $collaborator;

    public function __construct(Collaborator $obj)
    {
        $this->collaborator = $obj;
    }

    public function doSomething()
    {
        $limit = 1;
        $stories = $this->collaborator->getStories($limit);
        // ...
        return $stories;
    }
}

class Collaborator
{
    public function getStories($limit)
    {
        return array();
    }
}

Then writes a test case:

class PresenterTest extends PHPUnit_Framework_TestCase
{
    // Behaviour verification
    public function testBehaviour()
    {
        $mock = $this->getMock('Collaborator', array('getStories'));
        $mock->expects($this->once())
            ->method('getStories')
            ->with(
                $this->logicalAnd(
                    $this->equalTo(1), $this->isType('integer')
                )
            );

        $presenter = new Presenter($mock);
        $presenter->doSomething();
    }

    // State verification
    public function testState()
    {
        $stub = $this->getMock('Collaborator', array('getStories'));
        $stub->expects($this->once())
            ->method('getStories')
            ->will($this->returnValue(array()));

        $presenter = new Presenter($stub);
        $data = $presenter->doSomething();

        $this->assertEquals(array(), $data);
    }
}

The Developer (A) uses a mock to verify the behaviour (a mockist practitioner) and a stub to verify the method worked correctly. The first test asserts that the expectation is met and the second one that the given condition is true. Finally, the Developer runs and watches all of the tests pass. Great!

The next day Developer (B) decides to makes some changes to the Collaborator class and return NULL if there are no stories:

class Collaborator
{
    public function getStories($limit)
    {
        $stories = array();
        if (count($stories) < 1) {
            return;
        }

        return $stories;
    }
}

The implementation of the method-under-test changed, it now returns a different data type, null instead of array. This means that our second test should fail, but it doesn’t. The test still asserts that the given condition is true, even though the return type is different. This is a problem. It means that our second test is unable to verify the correct state of the SUT (and its collaborator).

This is because most PHP mocking libraries are heavily influenced by Java (PHPUnit was originally a port of JUnit), and Java doesn’t have this problem. In PHP, the method’s return type is not a required elements of a method declaration, so developers can define it at run time and return whatever type they want.

The solution

You can use DocBlock annotations to make sure the data type of the returned value matches the one defined in the DocBlock. For this to work you need to set the return value using ReturnValue instead of PHPUnit_Framework_MockObject_Stub_Return. For example:

class PresenterTest extends PHPUnit_Framework_TestCase
{
    // State verification
    public function testState()
    {
        $stub = $this->getMock('Collaborator', array('getStories'));
        $stub->expects($this->once())
            ->method('getStories')
            ->will(new ReturnValue(array()));

        $presenter = new Presenter($stub);
        $data = $presenter->doSomething();

        $this->assertEquals(array(), $data);
    }
}

Now if you run the test it fails with the following error message:

PHPUnit_Framework_Exception: Invalid method declaration; return type required

The test also fails if the returned type doesn’t match the expected one defined in the DocBlock:

class Collaborator
{
    /**
     * @return int
     */
    public function getStories($limit)
    {
        // ...
    

Truncated by Planet PHP, read more at the original (another 1203 bytes)

Categories: Open Source, PHP Community

SitePoint PHP Blog: Can Great Apps Be Written in PHP - An Interview Series

PHPDeveloper.org - Tue, 15/04/2014 - 20:05

Matthew Setter has started off a series of posts on the SitePoint PHP blog with the first post interviewing community members to answer one main question, "can great apps be written in PHP?"

I read an old post, circa 2010, on the MailChimp blog a little while ago, about their experience using PHP. It struck a chord with me, because the sentiments they shared I've felt myself, and heard echoed many times over the years. [...] Despite its successes, or people's successes with it (a la Facebook, MailChimp, Hailo, Google, and others), it's inferred we should use languages which had their foundations as pure languages; not ones which came to be a language, as PHP evolved into over time.

He references some of the other comments in the Mailchimp article about their experience with the language along with mentions of a few others. He wonders if these negative comments are true and, to get some answers, searches out other developers and their opinions. In this first interview he talks with Bobby Deveaux about his background in the language, what he'd like to see added and more.

Link: http://www.sitepoint.com/can-great-apps-written-php-interview-series

Master Zend Framework: Howto Use Constructor Injection In ZF2

PHPDeveloper.org - Tue, 15/04/2014 - 19:50

The Master Zend Framework site has a new tutorial posted today introducing you to constructor injection in Zend Framework 2 applications, specifically in controller classes.

s it right to use setter injection? Or is it evil, to be avoided at all costs, for the explicitness of constructor injection? In today's post, we explore that and how to implement constructor injection in ZF2 controller classes. Recently on Master Zend Framework, I wrote about using Setter Injection in Zend Framework 2, to supply dependencies to Controller classes.

He talks about the "magic" that can come with frameworks and how constructor injection of the ServiceManager can help clarify and remove some of the problems associated with "magic". He walks you through three steps to getting the ServiceManager injected into the classes:

  • Implement a Class Constructor
  • Initialise your controllers via FactoryInterface
  • Use factories Instead of invokables

He also points out a few benefits to this method of injection, including that it makes the controllers easier to test and the main goal - lack of "magic" in dependencies.

Link: http://www.masterzendframework.com/tutorial/howto-constructor-injection-in-zf2

NetTuts.com: How to Use New Relic With PHP & WordPress

PHPDeveloper.org - Tue, 15/04/2014 - 18:43

The NetTuts.com Code blog has posted the second part of their series showing how to use the New Relic monitoring service in various kinds of web applications. In the previous article they looked at using it in a Ruby application, but in this new post it's all about PHP.

Today, we will look at how to monitor a PHP application using New Relic. More specifically, we will set up a basic WordPress installation and get some performance data about it, in the New Relic dashboards. [...] With the PHP version of the agent, the environment is a lot more important, as the agent is installed and lives on the box where the application will be deployed, rather than being part of any particular app.

They use an EC2 instance for their example, but the steps can be applied on other systems. They help you get the needed software installed, validate they're correctly configured and do a basic setup of WordPress. Next up is the steps to install the New Relic "newrelic-php5" software and get it fully installed. They also include the updates you'll need to make to your Apache configuration to configure the New Relic instance and how to keep the agent up to date.

Link: http://code.tutsplus.com/tutorials/how-to-use-new-relic-with-php-wordpress--cms-20465

InfoTuts.com: Create Login With Google Plus in Your Website With PHP

PHPDeveloper.org - Tue, 15/04/2014 - 17:20

On the InfoTuts.com site they've posted a tutorial showing you how to make a "Log in with Google" button for your application and make it work with a little PHP magic on the backend.

So you want to allow users to login into your website using their gmail credentials? You have seen various websites that allow their users to login in their websites using gmail, facebook, linked in, Microsoft, git hub credentials. It's time to integrate it in your website. We will cover all the login system in our posts one by one and this one is dedicated to create Google Plus login for your website with PHP using OAuth2. Google offers many APIs like Google Maps, translate API, Analytics ApI etc. Today we will use its Google Plus API so lets proceed with our tutorial.

They break the process down into about five steps:

  • Login to Google API Console. Go to APIs and you will have to turn on Google Plus API.
  • Go to APIs and Auth and then under credentials tab. Click on create new client ID as shown below.
  • Now when you will have to enter your website path and the file path (redirect URI) to get your new client ID.
  • Now you have to set Consent screen.
  • In consent screen if you have entered Google Plus page path then you will have to approve connection.

The code for the actual connection is in the last step. It uses Google's PHP client libraries to configure and make the request, fetch the access token and grab the Google+ user's data.

Link: http://www.infotuts.com/login-with-google-plus-in-your-website-php

Phar: Browser caching for static files

Planet-PHP - Tue, 15/04/2014 - 17:06

Browsers are not able to cache static files delivered from PHP .phar archives, because Phar::webPhar() does not send out HTTP caching headers (Cache-Control, Expires).

The only way to intercept Phar::webPhar() before it delivers static CSS or JavaScript files is the $rewrites callback that may be passed as 5th parameter to webPhar().

A custom stub could look like this:

<?php
/**
 * Rewrite the HTTP request path to an internal file.
 * Adds expiration headers for CSS files.
 *
 * @param string $path Path from the browser, relative to the .phar
 *
 * @return string Internal path
 */
function rewritePath($path)
{
    if (substr($path, -4) == '.css') {
        header('Expires: ' . date('r', time() + 86400 * 7));
    }
    return $path;
}

Phar::webPhar(null, 'www/index.php', null, array(), 'rewritePath');
__HALT_COMPILER();
?>
Categories: Open Source, PHP Community

Zumba Engineering Blog: Enforce code standards with composer, git hooks, and phpcs

PHPDeveloper.org - Tue, 15/04/2014 - 16:13

The Zumba Engineering blog has a new post looking at a way you can control code quality and standards with the help of Composer, git hooks and the PHP Code Sniffer (phpcs) tools.

Maintaining code quality on projects where there are many developers contributing is a tough assignment. How many times have you tried to contribute to an open-source project only to find the maintainer rejecting your pull request on the grounds of some invisible coding standard? [...] Luckily there are tools that can assist maintainers. In this post, I'll be going over how to use composer, git hooks, and phpcs to enforce code quality rules.

These three technologies are combined together to make a more seamless experience for the developer while keeping the code quality high. Their method makes use of the "scripts" (post-install-cmd) feature of Composer to, after the installation of all packages, set up a git hook script that will run the phpcs checks on pre-commit. It's a pretty simple shell script that kicks back any errors it might find before the user can commit their changes.

Link: http://engineering.zumba.com/2014/04/14/control-code-quality

Community News: Packagist Latest Releases for 04.15.2014

PHPDeveloper.org - Tue, 15/04/2014 - 15:05
Recent releases from the Packagist:

Community News: Latest PECL Releases for 04.15.2014

PHPDeveloper.org - Tue, 15/04/2014 - 14:02
Latest PECL Releases:
  • protocolbuffers 0.2.6 Bumped up to 0.2.6 * fixed several compile warnings (thanks remi) [fixes] * (ExtensionRegistry) initialize class entry member when reallocating scheme.

  • amqp 1.4.0 1.4.0 Release: * Fix #72: Publishing to an exchange with an empty name is valid and should not throw an exception (lstrojny) * Fix #77: AMQPQueue::delete() now no longer returns a boolean, but an integer of how many messages were deleted. WARNING: this can potentially break BC (Bogdan Padalko) * Fix #75: adhering to the AMQP spec by closing channel and sometimes even the connection in case of certain errors (Bogdan Padalko) * Fix #81: Add optional arguments parameter to bind()/unbind() (Michael Squires) * Fix #82: additional getters (getChannel(), getConnection()) (Bogdan Padalko) * Fix #92: fix various memory leaks in the AMQPConnection class (Lars Strojny) * Using amqp_error_string2() instead of deprecated amqp_error_string() (Lars Strojny) * Fix memory leaks in setHost, setLogin, setPassword, setVhost (Lars Strojny, Bogdan Padalko) * Fixed a memleak in php_amqp_connect (Julien Pauli) * Use rabbitmq-c defaults for max channels and default frame size (Bogdan Padalko) * Fix socket timeout error when connecting over high-latency network (Bogdan Padalko) For a complete list of changes see: https://github.com/pdezwart/php-amqp/compare/v1.3.0...v1.4.0 1.3.0 Release: * Allow retrieving auto-delete exchanges (Guilherme Blanco) * Add connection timeout support. This requires bumping the version requirement for librabbitmq to >= 0.4.1 (Bogdan Padalko) For a complete list of changes see: https://github.com/pdezwart/php-amqp/compare/v1.2.0...v1.3.0 1.2.0 Release: * New methods AMQPChannel::getPrefetchCount() and AMQPChannel::getPrefetchSize() * Deprecate AMQPQueue::declare() in favor of AMQPQueue::declareQueue() * Deprecate AMQPExchange::declare() in favor of AMQPExchange::declareExchange() * Smaller fixes to our stubs For a complete list of changes see: https://github.com/pdezwart/php-amqp/compare/v1.0.10...v1.2.0 1.0.10 Release: * report correct version in module info (Lars Strojny) * fix class interface definitions (Vladimir Kartaviy) * add ability to bind a queue with an empty routing key (Vladimir Kartaviy) * fix constant AMQP_IFUNUSED (Florin Patan, Bernhard Weisshuhn) * added stubs for ide use (Vladimir Kartaviy, Bernhard Weisshuhn) * Fixed memory leak in queue->declareQueue (Ilya a.k.a. coodix) * support for php 5.5 (Lars Strojny) * add support for read and write timeouts (Bogdan Padalko) * fix memory leak in queue->consume (Dmitry Vinogradov) * add support for custom exchange types (empi89) * support for nested custom headers (Bernhard Weisshuhn) * fix memory (Bernhard Weisshuhn) For a complete list of changes see: https://github.com/pdezwart/php-amqp/compare/v1.0.9...v1.0.10 1.0.9 Release: * Fix pecl relase 1.0.8 Release: * Skip var_dump test on PHP 5.2 * Initialize consumer tag string length to zero * Support connection time outs * Adding consumer_tag parameter to AMQPQueue::cancel * Clean up error code handling 1.0.6 Release: * 62354: Segmentation fault when printing or dumping an object that contains an AMQP object * Adding in missing tests * Fixing release number in PHP information * Adding .gitignore info for Git users * Cleaning up debug handling 1.0.5 Release: * 62696: Incorrect exchange type * Handles server connections being closed during consume and publish correctly * 62628: Exception thrown in consume will lock PHP * 61533: Segmentation fault when instantiating channel, queue or exchange with wrong object, then using it 1.0.4 Release: * 62549: Fixing broken persistent connection * 62412: Fixing segfault due to destruction order * 62411: Fixing declaration overload bug * 62410: Fixing declaration overload for 5.4 * 61337: Adding License file * 61749: Fixing handling for binary content in envelope * 62087: Adding appropriate version information * 62354: Enabling debugging dumping of objects * 61351: Updating min PHP version requirements to 5.2.0 1.0.3 Release: * Fixing compilation issue with PHP 5.4 1.0.2 Release: Fixed bug: * Memory leak when using AMQPQueue::get from a queue with no messages 1.0.1 Release: Fixed bug: * 61247: Allow queue creation with empty queue name, and return auto generated name * 61127: Segmentation fault when cleaning up an AMQPChannel without calling AMQPConnection::connect first 1.0.0 Release: Changed/finalized API signature: * Exposing AMQPChannel * Exposing AMQPEnvelope * Exposing more queue and exchange arguments and flags * Exposing basic.qos Added persistent connections Cleaned up codebase Fixed memory leaks and segmentation faults 0.3.1 Release: Fixed bug: * 24323: Cannot get the name for auto-named reply-to queues 0.3.0 Release: Fixed memory leaks in many functions (courtesy Jonathan Tansavatdi and Andy Wick) Fixed consume method to return proper values Cleaned up variable usage Fixed bugs: * 22638: Unexpected exit code 1 with AMQPQueue::consume() * 22698: AMQPQueue::consume 0.2.2 Release: Made extension compatible with PHP lt 5.3 (courtesy John Skopis) Fixed wrong typing of message properties (courtesy John Skopis) 0.2.1 Release: Fixed refcount decrementing bug causing segfaults. 0.2.0 Release: Works with AMQP 0-8 and 0-9-1 (used by RabbitMQ 2.*) Modified AMQPConnection object: * Requires call to 'connect' method to connect (no longer connects on instantiation) * Added support for disconnect and reconnect * Added helper setters for port, host, vhost, login and password Improved consume method to block for MIN messages, and try to get MAX messages if available Fixed zval descoping bugs Fixed bugs: * 17809: Couldn't compile pecl extension under PHP 5.3 * 17831: Segmentation fault when the exchange doesn't exists * 19707: AMQPQueue::get() doesn't return the message * 19840: Connection Exception

  • protocolbuffers 0.2.5 Bumped up to 0.2.5. [bug fix] * (jsonSerialize) fix memory size problem on CentOS 64bit box.

  • protocolbuffers 0.2.4 Bumped up to 0.2.4 [bug fix] * don't implement jsonSerialize twice.

  • protocolbuffers 0.2.3 Bumped up to 0.2.3 [added] * supported jsonSerializable interface * added ProtocolBuffersEnum::toArray() method [bug fixes] * #33 Message::append on a repeated field causes segfault, batch assigning it throws exception * fixed refcounting problem

  • jsonc 1.3.5 - libjson-c CVE-2013-6371: hash collision denial of service - libjson-c CVE-2013-6370: buffer overflow if size_t is larger than int

  • swoole 1.6.12 - Added connection out_buffer - Added async file read/write - Added async dns lookup - Added long tcp connection - Added client timer - Added swoole_server->sendfile - Added signalfd usage - Fixed some bugs

Implementing Multi-Language Support

Planet-PHP - Mon, 14/04/2014 - 19:00

Setting up a multilingual site may be a good way to attract new customers to your business or gain more participants in your project. Translating a simple site with a few static pages probably won’t probably be complicated, but more complex PHP web applications may require a lot of work when launching multiple language support. In this article I’ll present different types of content that need to be taken under consideration when internationalizing a site. Read on to get to know how to handle translating them into different languages.

Continue reading %Implementing Multi-Language Support%

Categories: Open Source, PHP Community

PHP.net: PHP 5.6.0beta1 released

PHPDeveloper.org - Mon, 14/04/2014 - 18:52

As is mentioned on the main PHP.net site, the release of the first beta of the PHP 5.6.0 series has been released (PHP 5.6.0beta1). This is only a preview release and should not be used in production.

The PHP development team announces the immediate availability of PHP 5.6.0beta1. This release adds new features and fixes bugs and marks the feature freeze for the PHP 5.6.0 release. All users of PHP are encouraged to test this version carefully, and report any bugs in the bug tracking system.

Among the new features coming in PHP 5.6.0 are things like the addition of a fread method on the SplFileObject, an update to the DateTimeImmutable class, support for marks to the PCRE extension and support for asynchronous connections and queries to the Pgsql extension. If you'd like to test out this latest beta release on your systems, you can download it from the PHP QA site (or the Windows QA site if you're so inclined).

Link: http://php.net/index.php#id2014-04-11-1

SitePoint PHP Blog: Getting Started with Assetic

PHPDeveloper.org - Mon, 14/04/2014 - 17:37

The SitePoint PHP blog has a new post from Lukas White today looking at the Assetic asset management library and how you can get started using it in your application.

There was a time when asset management meant little more than inserting a <link> tag or two and a couple of <script> tags into your HTML. Nowadays, though, that approach just won't cut it. There's performance, for one thing. [...] Also, as client-side applications have become more and more sophisticated, managing dependencies amongst scripts and libraries has become increasingly complex. Furthermore, technologies such as Less, Compass and Coffeescript require assets to be compiled, adding yet another step to the process of managing assets. In this article I'm going to look at a PHP package called Assetic which helps manage, compile and optimize assets such as scripts, stylesheets and images.

He briefly discusses asset management first, just to get everyone on the same page as far as what "assets" are and some considerations about their use. Next is an introduction to the Assetic library itself and the install/usage of a simple "AssetCollection" object. He also shows how to add assets to the object and how to configure compression and generation of the files (like with LESS). He also shows how to use the AssetManager and FilterManager object types along with the AssetFactory handler. Finally, he talks about some of the sample output and caching the tool can do with file-based cache handling.

Link: http://www.sitepoint.com/getting-started-assetic

How To Modernize Your Legacy PHP Application

Planet-PHP - Mon, 14/04/2014 - 16:57

It is accomplished: “Modernizing Legacy Applications in PHP”, the book that will help you modernize your legacy PHP codebase, is complete. You can get it now it at https://leanpub.com/mlaphp.

Is your legacy PHP application composed of page scripts placed directly in the document root of the web server? Do your page scripts, along with any other classes and functions, combine the concerns of model, view, and controller into the same scope? Is the majority of the logical flow incorporated as include files and global functions rather than class methods?

If so, you already know that the wide use of global variables means that making a change in one place leads to unexpected consequences somewhere else. These and other factors make it overly difficult and expensive for you to add features and fix bugs. Working with your legacy application feels like dragging your feet through mud.

But it doesn’t have to be that way! Modernizing Legacy Applications in PHP will show you how to modernize your application by extracting and replacing its legacy artifacts. We will use a step-by-step approach, moving slowly and methodically, to improve your application from the ground up.

Moreover, we will keep your application running the whole time. Each completed step in the process will keep your codebase fully operational with higher quality. When we are done, you will be able to breeze through your code like the wind. Your code will be autoloaded, dependency-injected, unit-tested, layer-separated, and front-controlled.

From the Foreword by Adam Culp:

Developing with PHP has really matured in recent years, but it’s no secret that PHP’s low level of entry for beginners helped create some nasty codebases. Companies who built applications in the dark times simply can’t afford to put things on hold and rebuild a legacy application, especially with today’s fast paced economy and higher developer salaries. To stay competitive, companies must continually push developers for new features and to increase application stability. This creates a hostile environment for developers working with a poorly written legacy application. Modernizing a legacy application is a necessity, and must happen. Yet knowing how to create clean code and comprehending how to modernize a legacy application are two entirely different things.

But understanding how to use these refactoring processes on a legacy codebase is not straight forward, and sometimes impossible. The book you’re about to read bridges the gap, allowing developers to modernize a codebase so refactoring can be applied for continued enhancement.

Early reviews and testimonials from the feedback page:

  • “This is one of those books that PHP developers from all skill levels will be able to glean value from, and I know after just a single read-through that it will be an oft-referenced resource when I need to convert my old legacy-based procedural code into something cleaner, object-oriented, and testable.” (J. Michael Ward)

  • “As I followed the exercises in the book, my questions almost seemed to be anticipated and answered before the chapter was over. Structurally the book is very well paced. Chapters that I breezed over tended to be more useful than I thought they would be. I’ve been testing for years and I still picked up some useful tidbits about structuring my tests. Just having the step-by-step advice of an expert really made a difference.” (James Fuller)

  • “Reading through the book, it feels like you’re pair programming with the author. I’m at the keyboard, driving, and the author is navigating, telling me where to go and what to do next. Each step is practical, self-contained and moves you closer to the end goal you seek: maintainable code.” (Joel Clermont)

  • “This book helped me slay a 300k line of code giant and has allowed me to break out my shell. The refactored code has 15% code coverage for unit testing which grows every day.” (Chris Smith)

If you feel overwhelmed by a legacy application, “Modernizing Legacy Applications in PHP” is the book for you. Purchase it today and get started making your own life easier!

Categories: Open Source, PHP Community

Allan MacGregor: Working with Psysh

PHPDeveloper.org - Mon, 14/04/2014 - 16:24

Allan MacGregor introduces you to Psych in his latest post today. Psysh is a runtime developer console, interactive debugger and REPL for PHP.

Psysh is actually more than a simple REPL it's also an interactive debugger; which means you can say goodbye to the endless barrage of var_dump() and die() statements. But do we really need another REPL for PHP, well honestly we could probably get by with the solutions currently available however Psysh has an extremely interesting Ace under the sleeve, it can also function as a realtime debugger.

He includes a few terminalcasts showing some of the commands Psysh offers from the expected output of variable value out to a handy link to the PHP documentation. An example of the useful object output is also included, enabling the showing of methods and properties.

Link: http://coderoncode.com/2014/04/03/working-with-psysh.html

Community News: Packagist Latest Releases for 04.14.2014

PHPDeveloper.org - Mon, 14/04/2014 - 15:09
Recent releases from the Packagist:

Database .NET 11 released!

Postgresql.org - Mon, 14/04/2014 - 02:00

Database .NET v11 is an innovative, powerful and intuitive multiple database management tool, With it you can Browse objects, Design tables, Edit rows, Export data and Run queries with a consistent interface. Free, All-In-One, Portable, Standalone (No Installation) and Multlanguage.

New features from version 10.1 to 11.0:
  • Compatible with the latest versions of PostgreSQL.
  • Updated to Npgsql.dll 2.1.3
  • Added Support for JSON data type of PostgreSQL
  • Added Support for renaming all objects of PostgreSQL
  • Added Executing SQL Statements from a text file
  • Added Displaying Row Count of tables
  • Added Displaying Connection time
  • Added Data Editor for View objects
  • Added Search Table Data
  • Added Empty Table
  • Added New Connection Manager
  • Added New Object Navigator
  • Added Script All Table Data (INSERTs)
  • Added IntelliSense for Cross-schema table access
  • Added Selected Text to Query Builder
  • Added Dynamic Context Menu[?]
The new version is immediately available for download.
Categories: PHP Community

Barman 1.3.1 released

Postgresql.org - Mon, 14/04/2014 - 02:00

14 April 2014: 2ndQuadrant is proud to announce the release of version 1.3.1 of Barman, Backup and Recovery Manager for PostgreSQL.

This minor release introduces support for concurrent backup using physical file based copy through "rsync", in conjunction with pgespresso, a new open source extension available for PostgreSQL 9.2 and 9.3. Concurrent backup allows database administrators that rely on Barman, to finally offload backup operations to a streaming replicated standby server, opening new important scenarios in disaster recovery architectures of PostgreSQL 9.2+ database servers.

The "barman diagnose" command has been implemented to print important information about the system and the configuration of Barman, allowing users to provide detailed diagnostics data in case of support requests.

Version 1.3.1 fixes an important bug on recovery that was affecting only those users having tablespaces created inside the PGDATA directory. This behaviour was introduced in version 1.3.0.

Minor bugs have also been fixed.

Many thanks for funding towards the development of this release go to Adyen (www.adyen.com).

For a complete list of changes, see the "Release Notes" section below.

Links

Release notes

  • Added support for concurrent backup of PostgreSQL 9.2 and 9.3 servers that use the "pgespresso" extension. This feature is controlled by the "backup_options" configuration option (global/server) and activated when set to "concurrent_backup". Concurrent backup allows DBAs to perform full backup operations from a streaming replicated standby.
  • Added the "barman diagnose" command which prints important information about the Barman system (extremely useful for support and problem solving)
  • Improved error messages and exception handling interface
  • Fixed bug in recovery of tablespaces that are created inside the PGDATA directory (bug introduced in version 1.3.0)
  • Fixed minor bug of unhandled -q option, for quiet mode of commands to be used in cron jobs (bug introduced in version 1.3.0)
  • Minor bug fixes and code refactoring

Download

About Barman

Barman (Backup and Recovery Manager) is an open source administration tool for disaster recovery of PostgreSQL servers written in Python. It allows your organisation to perform remote backups of multiple servers in business critical environments and help DBAs during the recovery phase. Barman’s most requested features include backup catalogues, retention policies, remote backup and recovery, archiving and compression of WAL files and backups. Barman is distributed under GNU GPL 3.

Categories: PHP Community

Hawk Autentication considered harmful.

Planet-PHP - Sun, 13/04/2014 - 21:05

I was asked recently to add support for Hawk to sabre/http. It kinda seemed like a fun addition, but I'm building an increasing grudge, up to a point where I've nearly lost interest.

Missing documentation

The documentation is incomplete. The author points to his own javascript-based implementation as the reference, but 1700 lines of javascript code is simply not as easy to read as a plain-english reference.

In addition, the version of the protocol (currently 2.0) appears to be locked to the javascript library, and not the actual protocol.

This means that if bugs get fixed in the javascript source, the protocol version gets a bump. Leaving us no way to figure out something changed in the protocol, unless you're willing to go through the diffs for the source.

Uses the used hostname and port as part of the signed string

The both the hostname and the port are part of the signed string, unlike alternatives like AWS authentication and Digest.

The only case where this would actually be relevant, is if there's two endpoints with identical urls, and re-uses the same keys and secrets, and a identical request on the same url would be unwanted.

The drawback is that many service don't know what url was originally being used by a client, due to the use of reverse proxies.

Now we're forced to create a mechanism where the reverse proxy sends the original host header to the client.

Could have built upon Digest auth

Digest has a lot of good things going for it, and has a great deal of overlap in features.

Hawks strengths here are that it uses a stronger hash algorithm (hmac-sha256) and unlike Digest, it there's no need for pre-flighted requests to discover the service nonce. The latter is also the author's main concern with using Digest instead, as stated in the FAQ.

An answer to that would have been rather simple though. Any server could simply hardcode and document their server-side nonce, rendering the initial negotiation optional, but still possible.

Furthermore, digest can be easily extended with new algoritms.

What to use instead?

I'd highly recommend using simply either HTTP Digest, or if you're looking for something a little bit more fancy, use Amazon's authentication header.

Some benefits:

  • They are tried and tested for many years.
  • Not a moving target.
  • Documented.
  • Easier to implement.
  • Have lots of sample implementations.

That being said, I will probably still add support to an upcoming version of sabre/http.

Categories: Open Source, PHP Community

Community News: Packagist Latest Releases for 04.13.2014

PHPDeveloper.org - Sun, 13/04/2014 - 15:00
Recent releases from the Packagist:
Syndicate content