Contents
Introduction (0:20)
PHP 5.5.6 and PHP 5.4.22 Releases (1.33)
PHP 5.6 Todo List and Planned Release Dates (7:17)
Expectations Proposal (9:00)
** as Power Operator (13:50)
PHPDbg, a New PHP Debugger (17:26)
Assigning Variables Automatically in the Class Constructor (22:44)
Proposal of Renaming $_GET to $_QUERY and $_POST to $_FORM (26:01)
Using Composer to Install PHP Classes and JS Classes (28:15)
JavaScript Innovation Award Winners of September 2013 (1:14:21)
PHP Innovation Award Winners of September 2013 (1:20:01)
Conclusion (1:26:18)
Contents
Listen or download the podcast, RSS feed and subscribe in iTunes
Watch the podcast video, subscribe to the podcast YouTube channel
Read the podcast transcript
Download Size: 73MB Listeners: 1541
Introduction music Harbour used with explicit permission from the author Danilo Ercole, from Curitiba, Brazil
RSS 2.0 feed compliant with iTunes:
http://www.phpclasses.org/blog/category/podcast/post/latest.rss
In iTunes, use the Subscribe to Podcast... item of the Advanced menu, and then enter the URL above to subscribe to this podcast.
Watch the podcast video
Note that the timestamps below in the transcript may not match the same positions in the video because they were based on the audio timestamps and the audio was compacted to truncate silence periods.
See the Lately in PHP podcast play list on YouTube and Subscribe to this channel there.
Show notes
- PHP 5.5.6 and PHP 5.4.22 releases
- PHP 5.6 Todo list
- RFC: Expectations
- RFC: ** as power operator
- RFC: phpdbg new PHP debugger as SAPI module
- RFC: Assigning Variables Automatically in the Class Constructor
- Proposal: Renaming $_GET to $_QUERY and $_POST to $_FORM
- Article: Composer support in PHPClasses and JSClasses
Introduction (0:20)
[Music]
Manuel Lemos: Hello. Welcome to the Lately in PHP podcast. Finally, after many attempts to deal with the challenges of recording this monthly podcast that never goes out when we schedule it, but I think, finally, it is going to be live.
This time, I have here with me, Cesar Rodas. Hello, Cesar. How are you doing?
Cesar Rodas: Hello. I am doing fine. Thank you for asking. How are you doing?
Manuel Lemos: I'm being very patient because after all the failures to record, it's one more try. And this time, Ernani could not make it. But OK, maybe next month, he can make it. It's always a challenge.
Cesar Rodas: Next year, actually.
Manuel Lemos: I think so. I think this is probably the last. Anyway, this time, we have several interesting topics to comment. So we better get started soon because we need to move on very quickly so it doesn't take longer than usual.
PHP 5.5.6 and PHP 5.4.22 Releases (1.33)
Manuel Lemos: This month, we start, as usual, by the usual coverage of the releases of PHP. This time, there was PHP 5.5.6, although there is another release more recent because we are already recording this too late.
But looking at this list of changes, it's mostly bug fixes. I did not see anything, any change of behavior, any improvement. I don't know, however I haven't been trying this much. And there is also release of 5.4.22 which is more or less the same set of bugs that were fixed.
Cesar, are you keeping up with the updates of the versions of the PHP that are coming out?
Cesar Rodas: Let me see right now in my computer. I have created all my packages three days ago. Now, it says that I have PHP 5.5.6 and it's not the latest one. The latest has been released yesterday, which is the 5.7.
But yes, before that, I was working with the last release from PHP 5.4. And then, my present system, it just decided to switch to 5.5. And personally, I didn't have to change anything in any projects, and I have many, many projects working here on my local host. Everything just works fine. I have to recompile a couple of extensions though. I believe that should be automatic at some point. But other than that, everything was fine.
Manuel Lemos: Yes. So, are you compiling manually or are you using some distribution with prepackaged versions?
Cesar Rodas: For PHP itself, I used to compile that. But it's too much hassle just for my local host because I need to just go to Apache and reconfigure it. So I stopped doing that. I do that for my production servers though.
I have a couple of extensions that I installed via PECL like XDebug and MongoDB, the MongoClient. So, those two classes, I had to reinstall it. But other than that, everything worked just fine.
Manuel Lemos: So for your development environment, you use Apache or you are using the built-in HTTP server?
Cesar Rodas: The built-in HTTP server, I didn't play with it. I started a couple of times. It's very, very useful. I might start using it but I got used to what I have, which is Apache. And I don't know what version, but the latest one I guess, 2 point something. And I have to go for every new idea that I have and I need to create a virtual host. That is really annoying.
So, I must start using the built-in server. Actually, I see here in the change list of the 5.5.7 that they added two functions. The first is getallheaders() and the apache_response_headers().
So those two functions, they were apparently missing functions. They are just a thin layer over the socket modules. So, in this, a different implementation for each Web server. So, they make it a little consistent now. So, that is really good.
And I forgot to mention that for my production servers, I use FastCGI and Nginx and works just fine. Literally, I don't have... What I have on my laptop, I push it to production and it works. That is one that is going to be useful.
Manuel Lemos: So are you using PHP 5.5 or not yet, on production?
Cesar Rodas: On production, no. But I just because I'm lazy but I might do that at some point. I have 5.4 and the latest version, that was released, I don't know, two or three months ago. I also know it is not the latest version.
Manuel Lemos: Yeah, well, maybe you try 5.5 in development environment for a while before you decide to move on because you may stumble into issues that may break in production. It's probably... I don't know whatever it is you're running in production. I don't know if it is important or just some test site.
Cesar Rodas: My personal projects, they are not important. But at work, I believe we are using an older version, 5.3. So most of my libraries that I want to use at work, they don't work. Because I love one of the new features of PHP which is the short syntax array, so I use it everywhere now.
[Laughter]
Manuel Lemos: Yeah. So, whoever runs old code...
Cesar Rodas: Yeah. For that tiny change, it doesn't work on any older version, that PHP 5.4.
PHP 5.6 Todo List and Planned Release Dates (7:17)
Manuel Lemos: OK. Well, anyway, moving on with the podcast, let's just cover a bit about the latest proposals.
And before we actually move on to the proposal themselves, let me just mention there is now a todo list page for PHP 5.6 actually. And it already mentions... let me increase the font here... what is the planned timetable for this new PHP version.
So, according to this timetable, the first alpha release will be in about one month, in January. So for now, they have mentioned it there, there are no new RFCs, no new features.
Well, for the Beta which is planned for March and if all goes well in June, they plan to release 5.6 and keep up with the plan, to have at least one major upgrade. Well, not really major, medium, it's not minor, it's not major, it's medium upgrade every year.
About the planned features, there are some RFCs that most of them, we already talked about them. Not going to cover them here again, but it's always interesting for those that were not aware and not familiar to talk to about them.
Expectations Proposal (9:00)
Manuel Lemos: As for new proposals, let's move on here. Lately, there had been some discussions about, for instance, what we call expectations, which is basically to have a certain conditions to throw exceptions instead of issuing some fatal error.
This is a bit odd because, well, if you want to throw exceptions, you might as well write a condition if statement and then throw the exceptions itself.
I don't know if this would really need to have a proposal for a new feature. I don't know, what do you think, Cesar? Does this seem a useful feature?
Cesar Rodas: I don't, really. I'm reading through the introduction once again. So basically, what's different is what they said that this will be like in your production server, you will disable it. So, when you are doing your real Web pages, you wouldn't test things, that exception will be gone basically.
Manuel Lemos: So, you...
Cesar Rodas: Yeah, it could be useful. If I would have to vote for this feature, I would probably say future. It could be useful but it's not needed. It would not make PHP a more beautiful language. It's yet another thing that we have to learn.
Manuel Lemos: Yeah.
Cesar Rodas: But it has good intentions as far as I can tell.
Manuel Lemos: Well, for me, this is all the sign that PHP is already such a perfect language that all the new proposals seems to be things that we probably will not really need that much.
Cesar Rodas: Yeah. The thing is that I believe that many people are coming from other languages where they can play a couple of syntax sugar on top of their language and they can make it look sort of like they are doing something else because they can do this with PHP.
Which is something brilliant, because that's what gave Facebook the possibility to just implement a new PHP implementation which runs faster, which runs in the machine code.
So they are proposing all these things. If I could vote, and I can vote, I would say no. So, I will just wait until they can call for votes if they ever reach that stage and I will probably vote no.
Manuel Lemos: Yeah. But are you a voter. I'm not sure.
Cesar Rodas: I could vote, yes. I can vote because I contribute with the PECL extension long, long time ago.
Manuel Lemos: But do you usually do vote on proposals or just the ones that know you?
Cesar Rodas: I vote on proposals that I believe that are going to make PHP a better place. So, in this whole time of RFC, I believe it's great, the possibility that anyone could just contribute. I voted like three times. Two times were for a Yes, and once was for a No. I don't remember. It was like six months ago probably.
Manuel Lemos: Did it make a difference, for you? I mean, did your vote change anything?
Cesar Rodas: No. Most people were voting about the same thing, so it didn't make a difference. But there are many votes though. The last time I checked was for 20 votes, 30 votes for the most controversial things.
But yes, I just vote whenever I can see that something could make PHP better. Or if it could just make it just a horrible thing, I vote No.
[Laughter]
** as Power Operator (13:50)
Manuel Lemos: OK. Well, moving on to the next topic. Actually, there was a topic that we're going to jump because we have already covered in the past. I remember now.
Then, I want to comment about the power operator, which is basically a proposal to have two asterisks as an operator that represents the power operation.
You take a number and take it to the power of another number. So, basically, this is syntactic sugar. You can have the power operator turned into a call to the power function.
And I think they mentioned here also GMP overloading, which means that if you are using arbitrary and precision numbers, it will eventually return an arbitrary and precision result - which is good for whoever needs to make calculations without losing precision.
Cesar Rodas: Yeah, probably for this feature, I might vote yes. And the reason being is that there is tiny difference between a compiler construction and one function call. So when you call a function in PHP, there's a tiny overhead. But so tiny that you cannot just even measure it.
But when you call that function, say I'm calculating something, and I called the same function a million times that those make a difference. And when you are using mathematic things, that overhead, it doesn't exist.
So this feature, I kind of like it.
Manuel Lemos: Do you think there will be a noticeable speed improvement if we have many calls to the power function when you use an operator like this? Or it probably will not be very noticeable?
Cesar Rodas: Many people, they wouldn't even care. Like myself, I didn't even care until, in a project, I was calling a function that was array something that was just take a portion of one vector.
And it was for one AI things, I was just, got it in my text. So I called that function literally in my test suites a million times, but literally, a million times. And the whole program, it was taking like six seconds, which isn't that much. But then I thought, what happens if instead of just calling this function, which is a native function which I expect to be fast, that was really fast, what happens if I just replace it with a foreach loop until I need it and then I break it?
And my program, it was from six seconds to one second. So that was a lot of improvement. But that is a very, very special case. So you wouldn't measure that thing if you are just doing web sites. It's not possible.
Manuel Lemos: Yeah. Well, let's see if this actually will make any noticeable difference when it is released.
[Laughter]
PHPDbg, a New PHP Debugger (17:26)
Manuel Lemos: For now, we're going to move on to another new proposal, which is actually something that was already being developed. But it's a proposal for a new PHP debugger called phpdbg.
And basically, this proposes to implement this phpdbg as a SAPI module. So instead of interfacing with the top server or CLI, it'd probably just be a debug version of that. So, it will be connecting to the debugger.
And well, here is the page of the proposal. There is also the web site for this debugger. I don't know, Cesar, have you tried this debugger already or just... or just had a look at these pages?
Cesar Rodas: No. It was like GDB. I don't know if they share any code, but looks like it. No, I never used any debugger. Not because I don't need it. I need it but they are just too complex to my tiny little head. So I don't use them.
I use Xdebug though. I like how change, how it loops and how my exception, how it gives me so much information so I can just fix thing quickly. I never used a debugger. I believe this could be good to somebody but not me. That doesn't mean that it's wrong. It means that I might never use it.
And I was in the podcast last Saturday and one of the topics was all about how to make Xdebug a realtime debugger with some IDE that I don't remember. It was one of this in Java, I believe it was Eclipse or the other one, I don't remember.
But like basically, with some configurations that are really simple, you could just do like how you debug JavaScript from a code. Like you can tell it's just 'open this web page and stop here'. So PHP will actually do that, so you can just jump to your IDE and say, 'OK, just show me all the variables' values, just jump or just post there.'
It was really cool. I never used it though. And these thing seems that good for another kind of people, for most modern people. And certainly, I don't fit there, so I won't use it. But it seems cool.
Manuel Lemos: Well, actually, this is a bit confusing because it says that it would work as a SAPI extension. But at the same time, it says that it's a SAPI Agnostic. Would it be possible to have multiple SAPIs on one PHP environment?
Cesar Rodas: I think so. I think what they're trying to say is, and I say I might be wrong, I will be wrong, what I believe is that they will just bundle it into an extension.
So, you can use all their utilities and all their debug function from Apache or from any other Web server. And also, it will come with their own interface, which looks pretty much like the GDB. That's what I understand, but that might be wrong.
Manuel Lemos: Yeah.
Cesar Rodas: Although, I don't know who are maintaining these projects but I have to say these things are really complex machine code. It's really complex. I saw the source code of Xdebug and all the sort of dark magic that are happening there are just amazing.
Manuel Lemos: Let's see how this goes, because so far, I'm not sure if there's a real need for yet another debugger. But I think it won't hurt either. So let's see how this goes.
Cesar Rodas: And we are voting already. So, even if I vote No, it makes no difference. There are 34 votes for Yes and zero for No, so I believe it will come bundled in the next PHP versions.
Manuel Lemos: Actually, all the... Yeah, it has been approved by everybody. So yeah, you may be right on how useful this will become.
Cesar Rodas: Yeah.
Assigning Variables Automatically in the Class Constructor (22:44)
Manuel Lemos: OK, now moving to yet another feature. Actually, we are going to back, because last month we had two guests that came to talk about security. And so, that episode was just about security features. So there are some features not related to security that were left behind. But I think they are somehow important.
One of them is about automatic property initialization. Let me share the screen here. What this means in practice is that when you create an object, you can pass through the constructor variables that will be automatically initialized when the object is created.
I think this is interesting. This is useful that probably will save you some keystrokes. I don't know if it is really something necessary but it seems useful. What do you think, Cesar?
Cesar Rodas: I'm looking at both proposals. I believe that the second one, which is the constructor promotion, it's rather confusing. It will bring so much confusion.
Manuel Lemos: Yeah.
Cesar Rodas: It changes how a method is defined. And when you are looking at a method... because people follows certain standards always, like properties are defined first. So, when you are looking into one class, you see how many properties are defined.
You have to look into two places now, into the top of the class definition and to the constructor. And what happens when that class has a private or a parent class? I'm sorry. So I would have to just look into too many places. So that will defeat all the purpose of just saving you a few keystrokes and will just bring so much problem.
And the other one, it looks weird because you see this into your functions as signatures. It's even weirder because the body of the function is optional. That is really weird.
But if I'm forced to just choose between one of these proposals, I would choose about the automatic property initialization. I'm not saying that is the less evil, sort of speaking.
Manuel Lemos: Well, I think if you do not want to use it, just don't use it.
Cesar Rodas: Yeah.
Manuel Lemos: But probably for other people that won't use it, this will be great.
Proposal of Renaming $_GET to $_QUERY and $_POST to $_FORM (26:01)
Manuel Lemos: Anyway, moving on with the next proposal, at least debate that is going on in the PHP Internals. I'm not sure if this discussion already ended, but there is a proposal here to somehow rename the $_GET and $_POST variables to $_FORM and $_QUERY because, for instance, when you have a POST request, it may also get some GET variables. So they thought the names are not consistent, they should rename them.
Well I don't know if, after so many years calling things GET and POST, it will be any benefit to replace these names. What do you think, Cesar?
Cesar Rodas: That makes no sense. If it bothers you at the top of your script, just rename them. And if you want to do that, in the php.ini file, in the configuration file, you can just tell it, 'OK, PHP just prepend these files for every single request or for every time you execute something.'
And there you can just change however those double functions are named, if that really bothers you. But I think, imagine people just upgrading PHP from whatever version just for that little stupid change. That makes no sense. It makes no sense at all. If you ask me, I would vote No.
Manuel Lemos: Yes, right. It's totally unnecessary that cause an incompatible change because everybody got so used to calling it GET and POST. Why bother changing it to something else?
Well, anyway, this is just a discussion. I did not follow it to the end but I think it did not go anywhere.
Using Composer to Install PHP Classes and JS Classes (28:15)
Manuel Lemos: Now, moving on to a topic this time more related with something that was just released in the PHP Classes and also JS Classes site, which is a new feature that is the actual main reason for the podcast being recorded so late this month.
I was trying to finish it in time to cover it in this hangout sooner rather than later, which is basically the support for PHP Classes and JS Classes to act as Composer repositories.
So, first for all those that are not aware what is Composer, there is this article that was published just now in the PHP Classes blog which tells you about what is Composer and how to install it and how to install packages with it and some other details of operation.
So, for those not familiar, basically it's probably just a tool of PHP script. Actually, it's an application that is made of several scripts but since it is bundled as a PHAR archive, you won't actually see how many files are in there, but there are many, certainly. It is not a small application.
But what matter is that what it does. Basically, it can access repositories and download and install packages. One of its main features that packages that have dependencies like packages that need other packages, the Composer will download both the dependent and dependency packages. And they will be installed both and you can benefit of each features of all the packages that are included. And they get installed in a directory named vendor inside their project directory.
And also, as a consequence of this, especially for PHP, it automatically generates code for an autoloader that considers all the classes that were installed. I think it is a great benefit.
Cesar, I supposed you have been using Composer for quite a long time. Actually, you were one of several people that suggested that PHP Classes also supports Composer. What can you add about the benefits of using Composer besides what I have mentioned?
Cesar Rodas: Well, the main benefit is that... Even if Composer might not be the best thing out there, it has a lot of things that could be improved, although they have changed how we think in terms of libraries.
Before that, you would have to install things in different ways like every framework did it differently, every project did it differently. So what they have done is basically they have provided a universal way of doing that.
And that came in hands with autoloading things. You just require one file and then you forget about it, like you just tell them, 'I want to use this given class' and you forget about where they are and things like that.
The way how the PHP Classes Composer works is even better than how you would do it manually, because it doesn't do any autoloading magic like any I/O runtime to just find where a given file is. Because it compiles ahead of time a list of classes, so it's super efficient. It is as sufficient as it could possibly go. It is really great.
Manuel Lemos: So just to put this into context, let me show again the article because it covers all the aspects. It basically tells you what is Composer, how to install it. And here, there are some details that are relevant. It tells you that you can get Composer from the Composer site which is getcomposer.org.
There are couple of ways to install it, actually. One, it's just the same. It also executes the script that verifies if your PHP environment has all the extensions, all the settings that are necessary to make Composer run correctly.
I'm not going through all the details that are mentioned here in this article. The article itself as all the details. So those that want to know more can read the article and know more about it.
And then, it tells you how to install packages, actually PHP Classes packages, with Composer. It tells you that you need to create a composer.json file.
Here, it's worth to mention out of curiosity, it seems that Composer is inspired on Node Package Manager, which is an application of Node.js. Since it's JavaScript, this explains why practically all configuration files used by Composer are in JSON format which is a way to serialize JavaScript data structures.
The basic composer.json file just tells you what packages you need and where you can get them. In the case of PHP Classes, the names of the packages have a prefix name phpclasses/ because this is one thing useful of Composer, which is the fact that you can get packages from different repositories, not just PHP Classes, not just JS Classes.
It is also possible to get packages from JS Classes despite they are not PHP. Packages can be any type of files, not necessarily PHP, even when you use Composer which is basically an application for PHP projects.
And here, you can also specify some version requirements and then you have the definition of repositories. If you don't have this definition of repositories, there is a default which is to get from another repository named Packagist which is developed and managed by the Composer developers.
In the case here of the example, this JSON file is presented as a sample in the PHP Classes site to get you started. Just to explain what this mean, for instance, it tells you how to get the Form Generation package which has this name. And here below, it tells you how to configure, to tell a Composer to get it from the PHP Classes Composer repository.
Here, this line below, it just tells to not bother to check Packagist which is the other repository, because in this case I just need packages from PHP Classes. So if you need also packages from Packagist, you need to remove these lines.
If you just need packages from PHP Classes, it's better to keep this line because it had certain overhead to check all the packages that are available in Packagist and it takes a bit of time. So just to save you time, you just add this line here in case you do not need any packages from there.
And then, you just run a simple command to install the packages. And later, if you have newer versions of the packages or want to add or remove packages, you can run Composer update.
This is basically all you need to get you started using Composer. Other than that, there is a detail that is all different from other repositories. That's the fact that PHP Classes, at least a good part of the packages require that the user is somehow authenticated, to identify what is the user that is downloading the package.
This is a feature of PHP Classes from a long time ago because it uses this information of authentication to know which users are using which packages.
So, when the packages are updated, you get an email from the site, unless you don't want to. But for those users that want to, you can get notified 'Oh, there's a newer version. You can get it now, so you would benefit from bug fixes or new features.'
The important part here is that by default, Composer would prompt the user to enter a user name and a password. The user name for this would be your username in PHP Classes, but the password is actually a different password from the actual password that's use to access the site.
It's just a token that is more secure, because if somebody steals your token, they won't know what your real password to access the site.
So, given this, the only detail that is worth mentioning here, besides what I mentioned, is the fact that if you came to update or install frequently, it would be a bit tedious to enter your user name and password at once.
To avoid this overhead, there is a guy named Stephan Hochdoerfer, I'm sure I'm not pronouncing his name correctly, I hope you can excuse me, he's from a company bitExpert and they developed a patch to make this authentication configuration more usable.
So instead of you entering the user name and password manually, you can just define a configuration file to define what is the user name and password for all the repositories that require authentication.
And this is the sample configuration to specify your user name and password for installing packages for different repositories. There is, for instance, one for PHP Classes if you need it and another for JS Classes if you need it.
The user names are equal in different sites because they share the common system of accounts, but the actual passwords are different. Because the sites are distinct and they keep user-based tokens for accessing you Composer repositories.
But don't worry, if you need to go through this again, just to read this article. I'm not going to talk much further about this. This is just giving an idea of what is the same as when using Composer with other repositories that do not require authentication and what is different.
Other than that, one good thing that was already mentioned here is regarding the autoloading of things, as Cesar mentioned, in the case of PHP Classes, you have your life simplified. Because usually you have to configure and create a composer.json file to tell how to use what standard of autoloading rules you would need.
In the case of PHP Classes, the site already knows which are the classes files and it tells Composer, 'Oh, these are the Classes files.' And Composer does some magic behind the scenes, which is to read, parse those files and extract the class names. So, it generates a very simple array that it uses for configuring the autoloading.
And on the part of your application, all you need to do is just include this line here in the beginning of your scripts that just say "require('vendor/autoload.php'); and this vendor directory and this autoload script are automatically generated and updated by Composer every time you need to install or update your packages.
Then, in your application, all you need to do is create objects referring your classes as usual. You no longer have to go through all the process of requiring the class files explicitly. So, instead of having a bunch of require statements, it's all simplified with autoload feature and the support for Composer to generate the rules according to whatever is installed in your system.
And I think this is great. Cesar, you have been using this for quite a lot. I think it's much more productive to do it this way. What do you think?
Cesar Rodas: Do what, the autoloading or just Composer...
Manuel Lemos: Yes, the way Composer promotes simplification of autoloading.
Cesar Rodas: Yes. It does saves you a lot of time. I think it's worth to mention that there are several kinds of autoloading. There is a PSR-0, I believe, that tell you how you should write your classes using namespaces or just plain class names. I believe that is a great recommendation to follow, but I don't like things that force you to just do things in certain ways. So, they support also a class map.
Manuel Lemos: Yeah, that's true.
Cesar Rodas: They support that and that's why you can easily just use any PHP Classes regardless how class are named or into what folders they actually are, it will work. So, that's fantastic.
Manuel Lemos: Yes. That's a good point because many, many, many users... I look at classes that are approved in PHP Classes every day and the greatest part does not use namespaces at all. Because they do not feel the need to have namespaces.
Namespaces are good to avoid collisions of classes that may have the same names but they are from different package, probably from different authors. But most of the authors do not have that concern.
So forcing the users to follow a PHP recommendation rule for applying something that they would need to change their code and start applying namespaces. And probably some of them are using older versions of PHP that would not support namespaces. Probably it would be a awkward and discouraging.
So I think with the support of the class map which is the way PHP Classes tells Composer where the class files are, it's a way to please all types of audience, all types of developers, regardless if they use namespaces or not or if they follow some PSR recommendation or not.
I'm not following it accurately, but by the way, I think there is a new recommendation for autoloading from the FIG group, right?
Cesar Rodas: Yeah, there are several recommendations.
Manuel Lemos: It is called PSR-4?
Cesar Rodas: Yeah, the first and the last one are for autoloaders. I followed PSR-0. I follow it because I want it. I think everyone should do that. But everyone, they should do it if they wanted to.
Manuel Lemos: Right.
Cesar Rodas: I try to read the last recommendation, I don't follow it. And quite frankly, I don't care. When I have one problem with one library and one Composer, I just say, 'OK, just create me a classmap of this directory' and I forget about it.
So I did that in two projects that Composer, it didn't like how I was loading things and I said just forget it, just create one classmap. And if you think about it, runtime, when you are running production code, that is the best way, actually. Because in production code, how likely is that one request would change one library one second apart. So why even bother checking?
I have to say that it's great to see that PHP Classes support Composer. I would encourage the people to just enable it because I believe they should give permissions, right?
Manuel Lemos: Well, the way it works for now, I would rather have the people to do it with the consciousness of what they are doing. But I also believe that probably some authors are not yet aware and some users may want to use Packagist from Composer.
So what I plan to do, which is a bit different than what is already detailed in this article, is if there is one user, one logged user that wants to access a package using Composer, it automatically adds the package to the Composer repository. So users will not depend on authors do it explicitly, it will be added to the repository.
This already happens to dependencies. For instance, if you have a class that depends on another and the author of the other class did not add it to the Composer repository, the site will add manually and tell the author that it was added. So he probably would come to the site and verify if everything is OK.
The hope is that all authors get educated about the use of package installers in Composer or others. Because there are package installers, not just Composer. I remember, for instance, a long time ago, there is the PEAR package installer that's more oriented to the PEAR repositories.
And there are others. And I suspect that somebody will also develop new package installers after this. Although I think Composer provides a reasonably good solution for this.
Cesar Rodas: I remember that I was doing something probably a year ago, then I said that Composer is cool enough. And to me, it's not an exciting problem to solve. So I just stopped doing that.
Manuel Lemos: What I think is that probably some people will develop, I will not say forks, but new package installers that probably are compatible with Composer but have certain features that were for some reason were not added to Composer.
I don't know if it will be the case, but for instance, as I mentioned Stephan here added support to specify the authentication configuration to Composer, but that feature was requested, he actually sent a pull request to Composer project like three months ago. There was a dialogue but after the dialogue, there was no follow-up on whether that feature would be merged or not.
Since that's feature that's needed, it's something that would not please people that need that feature. Probably that motivates people to develop a better installers that can be Composer or something else.
And talking about that, there is something that Composer, by default, does not handle very well, which is the installation of the so called asset files, which are like those in JavaScript, CSS and images.
Because the way it works, packages are installed inside the vendor directory. They have sub-directories inside the vendor directory. And if usually, the vendor directory is not inside the Web documentary of a site, so after installing, there will be the need to somehow to move those JavaScript, CSS and Image files to somewhere under the document root that is more what the application needs.
Currently, this can be addressed with an add-on application, an add-on package. And I even mentioned this in the article because it addresses a need that many, many projects have. They also have their own JavaScript packages that need to go somewhere.
And Composer, for now, can be used to solve this problem with an add-on, but it would be better if this feature was built-in. And there is a common configuration to define where the files go, so you do not rely on different extensions, different composer plug-ins that define, use their own configurations options to define where the files go.
So this is just one example of a need that is not yet very well addressed. Hopefully, it will be addressed better in the future. For now, it's addressed with plug-ins but nothing stops anybody to create a new package installer that addresses this better.
And there are many packages installers, for instance, for other language, for JavaScript, there are quite a few, that I think could also be used for PHP projects. Just like Composer can be used to install JavaScript files, JavaScript installers could also be used to install PHP files.
This is just to mention that when I talked to Stephan, he mentioned that some people prefer Bower which is a JavaScript package installer. I don't know if you're familiar with that.
Cesar Rodas: Yeah. Bower. The good thing about relying into Bower is that it is sponsored by Twitter somehow, like two Twitter employees are involved in the project. They certainly do have money and Twitter uses it. So, yes, I use it. And the funny fact about that is because it is written in JavaScript, you have to install...
Manuel Lemos: Node.js.
Cesar Rodas: ... Bower using NPM. So, so much irony. You need to use another package installer.
[Laughter]
Manuel Lemos: Right. There is not a single solution of downloading the Composer phar file.
Cesar Rodas: Yeah.
Manuel Lemos: OK, anyway, I think it is probably one of the best things that happened in the latest times, too, in the PHP world. I think it started to grow up in 2012, I think. And everybody, well, not everybody, but lots of people are talking about it, because I think that the greatest part of the people that use Composer are people that use the command line.
But still, a great part of the PHP developers are using Windows. They prefer things to be more GUI oriented. So I think although it's a good thing, there will be some hurdles in the adoption of Composer or any other kind of command line-based installer.
Cesar Rodas: Now that I think of it, why is nobody is doing some Web interface for Composer or any project that actually can work using the PHP server that can solve those problems?
Manuel Lemos: Yeah, that could be an interesting topic to address, for instance, by a new type of installer or a fork of Composer or an add-on that works well.
Because the way it works now, Composer can only be called from the command line, the shell. And the only environments on which the shell is not enabled, that would be a struggle to install things. Actually, struggle is not the word, it will be impossible.
Cesar Rodas: Yeah.
Manuel Lemos: And this probably would be a problem to the adoption. And well, I agree with you, it's an idea for an eventual evolution.
Cesar Rodas: Definitely.
Manuel Lemos: In any case, as I was going to mention, in the PHP Classes site, I wanted to actually encourage more authors to do this. So, they get up to date on their practices. I think using the installer is a good practice because it solves a lot of problems that are usually a drag to deal.
And besides the section on this article on which I tell each author what they need to do to provide packages for PHP Classes repository, I also have a topic here below that tell them that they can earn more reputation and credibility when they support Composer, adding their package to the Composer repository intentionally, not just automatically like the site promotes.
Anyway, the site tries to make it even easier to support package in the Composer repository, to add their package to their Composer repository by cutting a few hurdles. One of those hurdles is the need to define a composer.json file. It's not necessary.
Usually, when you develop a package and want to put it in some kind of Composer repository, you need to define your own package composer.json file. The PHP Classes site automatically generates all the definitions that otherwise you would have to create in the composer.json file.
If your package already has a Composer.json file, the site will read your definitions from there and integrate those definitions. If you don't add them, it's not necessary. The site will take care of extracting all metadata and will actually generate a Composer.json file for you.
And this is useful, because all you need to do in the end is just to do a few clicks and add the packages, all packages or just a few, to the Composer repository.
Another thing that the PHP Classes site tries to solve is the versioning. Every time we do an update, the package version needs to be bumped. Otherwise, Composer will not know there is a new version. So what the PHP Classes does is first check if your package already has an assigned version number. if it doesn't, it assigns it to 1.0.0.
And then, if you have update or remove any parts of the package, it automatically bumps the version by increasing the lower digit of the version. So, if you were on 1.0.0, it will become 1.0.1. And if for some reason, you don't like what is the actual version it ended up with, you can bump it manually by going to the package editing page and put the correct version number in there.
As I mentioned, all this is to simplify the use of Composer, so you don't have to go through much of the effort. So Composer already solves a lot of problems, but in this case, if you publish your packages in the PHP Classes site, it simplifies it even further. So you don't have to think too much on how to do it.
And as I was mentioning, the site even tries to encourage the authors to do it, to add their packages as soon as possible to the Composer repositories, because the site will award reputation points to every package that you add to the Composer repository.
And this will let you increase in the ranking of authors, class authors, by reputation. So all the points that you have earned so far for all the good actions that you did as a class author, you get extra points for this.
As I mentioned in the past, later, you will be able to redeem those points to obtain additional privileges. But this part is not yet implemented. The idea to follow up through that route is there.
Additionally, one last detail which is if you have already your PHP Classes account linked with your Facebook account or Twitter account, when you add your packages to the Composer repository, the site will post in your timeline for you, telling that your packages were added to the Composer repository.
So, everybody that looks at what you are posting in your social networks will eventually notice and come to the site. It will hopefully will get you more credibility and reputation.
Well, many things were implemented here to encourage the authors to jump on the Composer bandwagon. Cesar, do you think this will encourage authors? Or do you see any hurdles that will prevent them to adopt Composer somehow?
Cesar Rodas: I think that they should. I believe also that even if they are not using Composer, that whenever they release a new open source project, they should share it through their Facebook or through their Twitter or to any social network.
The benefit is that you gain visibility and people when they will hire you, they would look at those numbers. They might Google your name and what you have done. So, that definitely helps.
Plus now, you give them points so they can even appear in the web site, in the ranking. So I believe that it is a win-win situation that they should do it. I mean, they can lose anything and they can gain a lot.
If I can talk personally, I think that most of the work that I've got so far has been because I've been doing Open Source and much part of that Open Source is my PHP Classes accounts.
I can't say where I'm working and what I'm going to be doing but when that's official, I'm going to announce. It's a big company and it's just great. So if I can give out...
Manuel Lemos: Oh, really?
Cesar Rodas: Yeah, I can't give names until it is confirmed. It's just because of open source. And gaining visibility is the way of actually doing it.
Manuel Lemos: Oh, great. So that's a sort of something recent that happened, some job offer that you got. Well, I don't know if it...
Cesar Rodas: Yeah. It's a huge company. It's not from America, it's from New Zealand. And that's all I can tell.
Manuel Lemos: Oh, New Zealand. How many companies in New Zealand that are big?
Cesar Rodas: I don't know. I don't know. They could be so huge. I don't know.
Manuel Lemos: But now, that you've talked about it, hopefully, if you actually...
Cesar Rodas: Make it.
Manuel Lemos: ...make it, you'll eventually come here and tell us about it.
Cesar Rodas: Sure.
Manuel Lemos: Or is it super secret?
Cesar Rodas: No, no, no, no. No, not really. They are a very Open Source friendly company. So, I wouldn't have any problems of saying anything.
Manuel Lemos: OK. Well, in that case, good luck for you. I'm certain, I'm sure that you deserve that for all the contributions that you have done.
And many people follow your work so I'm sure they will be happy to know whatever is the big secret company that you are talking about.
Well, anyway, just to conclude this topic, Composer, we actually talked a lot about it because I think it is important, just to mention one last thing that I mentioned in the article, the Composer support is one of the feature...
Cesar Rodas: One question that many authors may be fearing when they enable that, if someone downloads one package through Composer, will that boost the download count so I could be ranking better?
Manuel Lemos: Yes.
Cesar Rodas: Cool.
Manuel Lemos: That's the reason why the downloads are authenticated. That's the reason why. Actually, there are two reasons. One reason's already mentioned which is the site keeps track of users that downloaded it. And once the site knows which users have downloaded it, when you update your package, it sends an email. So, this way, you can establish a networks of users of your packages.
And the other detail is that since you can track the number of downloads that unique users, not installs or views or hits, a user may download your package ten times but in the end, it only counts one time. That's the real measure of reputation that you have.
And the site counts the number of unique distinct users since the beginning of the site that downloaded your package. It doesn't matter if you download it via the web page or via Composer, it's the same tracking method. That number of distinct users will appear exactly on your reputation page.
Now, that you mentioned it, let me show who have never seen this in practice. At the top of your page, when you are logged, there is a number here that shows your reputation number, reputation count.
And you click there and it opens a page. It shows a nice animation of how many points you've earned recently and shows your current reputation. There is a log of the actions that you did in the latest times. One of the actions here is the number of users of your package.
Cesar Rodas: Wow.
Manuel Lemos: This number here, for instance, this is my profile. In my case, 264,263 users have downloaded my packages so far. These are unique distinct users. And for you to appear at different number, depending on how many users download your packages. And for all users that have published their packages, it's the same.
And all these counts to one specific type of reputation, which is the class author reputation. So, when you click on the class author reputation link, it will detail all your actions as class author. And here, you see the user packages and packages added to the installation repository. In this case, it's Composer.
So all your packages are here. One day ago, I added all my packages to the Composer repository and it's like 30 packages and it shows all the points that are earned for that.
And you can even go and browse to the past to see your past actions. If you remove something, it discounts the points that you earned before. If you add something, you earn more points and so on.
This is just an idea of what it means to have reputation in this site. Anyway, back to what I was just saying, just to conclude this part related with Composer.
Composer support is just one of the features that I mentioned that would be developed, earlier in June when it was the 14th birthday of PHP Classes site. It was one of the planned features.
The list of features that I have there, it was just a tentative list, not necessarily by the correct implementation of order. Guessing what is the more important thing to implement next is a bit hard. Some things seems to be more urgent than others.
The next thing that I hope to implement is to implement finally a better navigation of package files for users that go to the site. Because many users are complaining they do not like the usability. I confess that I do not like the current usability as it is today because nowadays, it could be more Ajaxy and minimize the number of clicks that users have to go through to navigate through all pages.
So, hopefully, if all goes well, that would be the next improvement to be done on the site. I decided to do that because some people are complaining, so it's important to address that need next. If anybody has a different opinion of things that should be implemented next, I also would like to listen.
I don't know if you, Cesar, have any ideas of things that should be implemented next which would be more important.
Cesar Rodas: From the top of my head, I do not know. If I have some, I would just write you an email. I have an advantage that I can send an email to the site owner.
[Laughter]
Manuel Lemos: Yeah. Well, anybody can send an email to the site owner. The email address is in the site.
Cesar Rodas: Yeah.
Manuel Lemos: Anyway, I also like to comment that I love criticisms. Sometimes, people take me wrong because when they ask for something, I explain why it is not implemented, they think that I am against them, which is totally not accurate.
Sometimes, I have to consider things that probably did not cross their minds and when I explain, some people take it personally and get upset. Don't be upset. I appreciate criticism probably more than people making compliments, because criticisms help the site to move on and things get better.
Cesar Rodas: Exactly.
JavaScript Innovation Award Winners of September 2013 (1:14:21)
Manuel Lemos: OK, now we finally move on to one final section on which we comment on the latest nominees to the Innovation Award.
And let's start first, let me open the window here, where is it? Too many windows. First, we comment on the latest nominees for the Innovation Award of September in the JS Classes site. I think I miscounted the months in previous editions of podcasts. So let's try to make it correctly this time.
So, we are going to talk about the nominees of September that were voted in October. And then, in November, the results came out. So there were like three nominees. Cesar, which ones would you like to comment this month?
Cesar Rodas: Let me see how it's named. It's secStore.js and the class says that it lets you store data securely using some encryption algorithm which is named AES.
Manuel Lemos: Yeah. If you could share the screen with it. OK.
Cesar Rodas: I don't know how to do that. It's really buggy into my Linux. Can you open the window for me? And I will just...
Manuel Lemos: You cannot share the window?
Cesar Rodas: No, it's broken here.
Manuel Lemos: Maybe clicking twice. The window may not be minimized. You need to, if it is minimized...
Cesar Rodas: OK, let me just make it bigger first. Then switch to share screen. I believe I should choose the desktop, right?
Manuel Lemos: No, no, it's the other... There should be an individual window for...
Cesar Rodas: Can you see my screen though?
Manuel Lemos: Yes. I can see it now.
Cesar Rodas: OK. So, I opened the README file. I think this class...
Manuel Lemos: I think you increased the font a bit too much. If you can...
Cesar Rodas: Yeah. So, basically what this class does is it lets you put things into the client browser. So, you add some state to your Web application, so you have to persist everything into the server side.
And the problem when you do that is that you cannot trust your clients to the browsers. People can just change things. They could just break things. So what this class lets you do is that you can encrypt before saving.
And a very good thing that caught my attention is that, if you have cookies, it lets you just save tiny data in your cookies. And they have HTML 5 support, it lets you save five megabytes.
So, I have a lot of usage for this library. In fact, I've been using things like this into production work, I did it myself. So I would just drop whatever I was using lately and just use this. So, I think it is really, really useful. It was by Jason Gerfen from the States. So kudos and thanks for sharing such a wonderful library.
Manuel Lemos: Yeah, on my behalf, I would like to talk about the other two classes. Actually, I think we mentioned it in the other month, but now we are trying to put things correctly.
And basically, there is one of the components is just to show some rulers and guides on screen so you can make it look more or less like Photoshop on which you can put some guides to important parts in your drawings.
In the case, it will put it in your page and show those guides. There are some screenshots here that show it better. You can see how it looks. There's another one and this is interesting.
This one is from Mark Rolich from Armenia, a Contents
Introduction (0:20)
PHP 5.5.6 and PHP 5.4.22 Releases (1.33)
PHP 5.6 Todo List and Planned Release Dates (7:17)
Expectations Proposal (9:00)
** as Power Operator (13:50)
PHPDbg, a New PHP Debugger (17:26)
Assigning Variables Automatically in the Class Constructor (22:44)
Proposal of Renaming $_GET to $_QUERY and $_POST to $_FORM (26:01)
Using Composer to Install PHP Classes and JS Classes (28:15)
JavaScript Innovation Award Winners of September 2013 (1:14:21)
PHP Innovation Award Winners of September 2013 (1:20:01)
Conclusion (1:26:18)regular contributor. Actually, he has sent already ten packages, which is great even more because four of them were nominated to the Innovation Award.
One even won the Innovation Award so kudos to him for his contribution. Actually, the one that won the award for the month was this one.
And the other one that I also would like to mention this month is the one that is called Element Sort, which is basically a jQuery plug-in that can sort page elements that are inside another element like, for instance listing that is contained in some container element. This one is from Shijo Thomas from India. So, kudos, Shijo.
PHP Innovation Award Winners of September 2013 (1:20:01)
Well, for JavaScript, that is all. Now, for PHP, we have much more to talk about, but we won't have the time. So we can just comment on a couple of classes, each one of us.
Cesar, which ones would you like to comment?
Cesar Rodas: Well, I would choose my own class but that was so selfish. So I chose the most... The first one is named Chaining Functions that basically lets you create one object and you can just put it to my variables. I would like to apply this given function, then this given function and then this given function. So you just put it into a queue and then you can execute them.
So, I think that it's really cool. I have some usage myself. It was developed by Augustinas Malinauskas ah, it's so hard to pronounce, I'm sorry. I believe it's she. She's from the United Kingdom. I might be wrong, I'm sorry. That name in Spanish looks like a female name.
Manuel Lemos: Yeah.
Cesar Rodas: I'm sorry if I'm doing something wrong.
Manuel Lemos: That name sounds Greek. The fact that she's in the UK, not necessarily was born there or maybe he's from a family from a different country. So, maybe... Well, it's hard to tell if it is a he or she, but it doesn't matter. What matter is that it was a great work.
Cesar Rodas: Yeah. Really good work. I might use it in the future.
And then, the other class, it's the... I don't know how it's called, so I'm scrolling up. It is called PHP Ubuntu One Backup. It was shared by Oscar Dias. I know that he is a male because it's a Spanish name or Latino name. He's from Brazil.
What this package does basically, it lets you put files into a Ubuntu One. I see from source code that it doesn't ask you for any passwords. So that's something good. It does the OAuth authentication and as an additional, it instruct you how to make MySQL dumps and how to save them as your backup. So really cool.
Manuel Lemos: Right, that's great.
And on my behalf, I also would like to mention a couple of interesting classes. Unfortunately, there are many more interesting classes this month but we can just comment on a few.
Let me comment first about this one called MySQL Functions Using PDO. Basically, the title says it all. This is a wrapper around PDO that provides a set of functions that are compatible with MySQL extension.
And this class, provided from Aziz Hussain from the United States, is interesting because it somehow addresses a need that applications that need the original MySQL extension. It is being deprecated in the latest versions and eventually it will be killed for sure.
Although when the idea of killing the MySQL extension sometime ago was announced, I wrote an article saying the plot to kill MySQL extension, the people said, Oh no, it's not going to be killed. Yes, it is going to be killed. It's a plot and it is going to die.
So a lot. It is bad, I think, because it will break many, many, many applications and it will discourage people to upgrade to newer versions on which MySQL extension will be killed.
But OK, at least this package by Aziz provides a workaround to address that need without having to set people back to older versions on which the MySQL extension is not killed. So I think it's a great idea. Not just innovative but also useful. So kudos for Aziz for his package.
The other package that I wanted to mention, this one is by Peter Kahl from Hong Kong. Basically, he developed a package that attempts to provide better handling of the missing pages in your site.
Usually, request to missing pages issue the status for 404 in the HTTP request. And usually, there is an error handler that will take care of the pages that are missing. This is where this class enters in action, which is something that it does to try to find pages that match better the URI of the request.
Probably, it was a request that somebody mistyped and missed some latter or some other part of the URL. And this class tries to find a better match for the current missing URL and redirect to that page. So I think this is a great plus.
Conclusion (1:26:18)
Manuel Lemos: So with this, we practically end this podcast. It's already a bit long. I would like to thank you, Cesar, again for coming and talking about the PHP topics and also about the new features, specifically the Composer support on PHP Classes and also JS Classes site.
One thing that I just forgot to mention is that there will be a new article to, I hope, help people to figure out how to deploy JavaScript packages using Composer with an additional plug-in for Composer to map the files to the right directories. And so, stay tune to that article that will appear in JS Classes blog.
So I don't know if you have any final comments, Cesar.
Cesar Rodas: No, that should be all. You know that if you need a co-host, just let me know. I'll be here.
[Laughter]
Manuel Lemos: Well, Ernani was supposed to come again but for some reason he couldn't. He's probably very busy in his personal life. Let's not push him to come when he can't.
[Laughter]
Manuel Lemos: It's always a pleasure to have you here, Cesar, with us.
So on my behalf, that's all for now. Bye.
Cesar Rodas: Bye.
[Music]