PHP & Web Development Blogs

Your biggest asset is also your biggest risk... your developers

Your business thrives because of the incredible work and innovation of your developers. With simple keystrokes your developers can completely transform your business, add new features, and drive new sales.

But those same keystrokes can take down production, create security back doors, and put your business at risk. That's why it's more important than ever for your team members to be up to speed with the latest technology, especially around performance and security.

Of course, some things are easier said than done - after all everyone is super busy these days. So how can you help keep your team members learning, and putting your business first in the process?

Conference Parties

There's nothing better than attending a PHP or programming conference in person - the chance to meet speakers face to face, to network, the knowledge, and the hallway track. However, many companies aren't able to afford multiple (or even one) conference for their developers - especially ones that require airfare and hotel.

However, that doesn't mean you shouldn't still participate in these conferences. The good news is that roughly once a quarter Nomad PHP streams talks from a conference right to your computer. This means that your team members can all participate in a multi-day conference from the comfort of your office (or their home) - and you can provide this for your team for less than the cost of a single conference ticket!

Make the conference party even more special by providing lunch during the lunch break, bringing in party gifts, having give-aways during the conference, and planning activities during longer breaks for your team.

Since many conferences take place on Friday, not only are you providing invaluable training and an incredible work benefit, but ending the week on a super positive note that your team members will appreciate (and your risk assessment teams will greatly appreciate as new security practices and compliance practices are put into place).

Monthly Lunch and Learns

Every month Nomad PHP offers live virtual talks by the industry's top experts. With talks at 11am Pacific, and 6pm Pacific it's a perfect time to grab a conference room and order a couple pizzas for lunch (or if Eastern, grab some snacks and maybe a beer) and play the monthly meeting on the large screen.

Your team members will have the opportunity to take notes, discuss with each other, and perhaps most importantly ask the speaker real-world questions that directly impact your business, providing tangible solutions to the problems they are facing.

And since every Nomad PHP Pro meeting is recorded, your team members can refer back to the video at any time, watching sections relevant to them or digging in for more information.

Developer Book Club

Encourage your team members to share what they're learning with others, and help build each other up. Not only are you helping grow skills and ensure your team is following the latest best practices, but you're also fostering a mentor-mentality within your team - where each team member feels invested in the growth of other members.

With Nomad PHP you receive a new issue of [php[architect]](/books) each month and have several additional books available to read on demand - providing the latest updates and an invaluable resource to help your book club get started.

Developer Movie Nights

Sometimes we all just want to get away, grab some popcorn, and watch a movie. Similar to lunch and learns, give your developers a night or two where they can get together and watch one of the 250+ training videos available on Nomad PHP. You can even make it a movie marathon!

Whether it's pizza, popcorn, sodas, beers - your team members will have the chance to kick back, relax a bit, build team camaraderie, and learn valuable skills to help your business succeed. Essentially, turning a training day into a fun team-bonding activity.

Learning Path Challenges

Every company has challenges, and areas they need their team members to master. Whether it's DevOps and containerization, security, performance, management, modernization, or soft skills - work with your team to determine what skills will help them succeed and work with your team members to put together video learning paths.

Your team members can watch through these videos on-demand, go back and replay to refresh their knowledge, and work their way towards mastery in the subjects that will help your company succeed.

Certification

Show that you are invested in your developers by helping them earn Professional Certification. These certifications demonstrate that your team members have a fundamental grasp of the technology they are working with and understand when and how to use this technology.

With free certification exams included with Nomad PHP - you no longer have to worry about failed exams or expensive test credits. Your team members can take the exams at their own pace, discover the areas they need to improve, and take the exam again when they are ready. After all, shouldn't the goal of certification be to help your developers learn these skills and prove their expertise?

You can go even further with certifications by having a special company award, framing their certificate, or calling out newly certified developers at team meetings or all-hands.

Learning Incentives/ Rewards

Of course there are even more ways you can help your developers learn new skills, grow their careers, and build loyalty within your company. With Nomad PHP there are numerous ways for your team members to grow their skills, and numerous ways you can reward/ incentivize them - from rewards for the most active learner, to setting goals for learning new skills, to obtaining certifications, to attending streams, to watching videos on-demand. All of these are included with our Professional Nomad PHP Team subscriptions.

Want to learn more about getting a Nomad Team Subscription for your developers? Give us a call (844) CODE-PHP

Have more ideas on how to help your developers grow their skills or help employers make education more accessible? Please leave your ideas in the comments below!

To say that we have been hard at work here at Nomad PHP, or that I'm excited about these three announcements would be a tremendous understatement. Over the past several months, behind the scenes, we've been working to bring even more features and benefits to Nomad PHP - these have already included unlimited streaming of all past meetings and access to PHP Architect.

Available today, however, you'll also have access to online, live workshops - as well as soon have the ability to stream select PHP conferences live, and finally to prove the knowledge you have gained through our online certification.

Online, Live Workshops

Like our online meetings, we are excited to announce that available today you can participate in online, live, and interactive workshops. Our first workshop will feature Michael Stowe, author of Undisturbed REST: a guide to Designing the Perfect API as he demonstrates how to build the perfect API using modern technologies and techniques.

Additional workshops will be announced as we continue, with a minimum of one workshop per quarter. These workshops will be part of your Nomad PHP subscription, and will be recorded for later viewing.

Nomad PHP Certification

With the many changes impacting the PHP ecosystem, we're proud to announce the ability to prove your knowledge with our online certification. Each certification is made up numerous, randomly selected questions to be completed within a specific time frame. Depending on the exam it may or may not be proctored, but all exams monitor user activity to ensure compliance.

To pass the exam, a passing grade (specified on each exam) must be completed for each section within the allotted time frame. Failure to complete or pass any section will result in a failing grade for the entire exam.

Upon completion, you will receive a digital certification with verification to post on LinkedIn or your website, as well as having your Nomad PHP updated to show the passed certification.

Initial certification exams will include PHP Developer Level I, PHP Engineer Level II, and API Specialist Level I. The PHP Developer exam will cover core components of PHP, the Engineer will cover a broad spectrum of topics including modern technologies, and the API Specialist will cover REST design and architecture practices.

All three exams will be available by January 31, 2019, and will be included with a Nomad PHP subscription.

Stream Select PHP Conferences Live

One of the primary goals of Nomad PHP is to bring the community together, and allow users all over the country to participate in conference level talks. What better way to do this than to bring community conferences online?

Like our traditional talks, these conferences and select conference sessions will be live-streamed as part of your Nomad PHP subscription, allowing you to participate in real-time with in-person conference attendees.

The first conference to be streamed will be DayCamp4Developers: Beyond Performance on January 18, 2018. Additional conferences to be streamed will be announced shortly.

Community and Corporate Sponsorships

With these new additions to Nomad PHP, now is the perfect time to take advantage of our new Community and Corporate sponsorships.

Your support of Nomad PHP not only makes all the above possible, but allows Nomad PHP to continue to serve and give back the community. We're proud, that despite operating at a loss, to have already contributed over$4,000 to the PHP community in the last 5 months.

To learn more about the sponsorship and community opportunities we have available, please visit our Advertising section.

Other Ways to Support Nomad PHP

Of course, while financial support helps us keep afloat and do more for the community, there are even more, and just as important ways to support Nomad PHP. Please consider linking to Nomad PHP, or sharing the service with your friends.

In today's digital age, where data breaches and cyber attacks are increasingly prevalent, safeguarding sensitive information is paramount. Cryptography, the art of secure communication, plays a crucial role in ensuring data confidentiality, integrity, and authenticity. Implementing cryptography in PHP, one of the most widely used server-side scripting languages, offers a robust means to protect your data. In this guide, we'll explore how to utilize cryptography effectively in PHP to enhance the security of your applications.

Understanding Cryptography Basics

Before diving into PHP implementations, it's essential to grasp the fundamental concepts of cryptography. At its core, cryptography involves techniques for encrypting plaintext data into ciphertext to conceal its meaning from unauthorized parties. Key aspects of cryptography include:
   
. Encryption: The process of converting plaintext data into ciphertext using an algorithm and a secret key. This ciphertext can only be decrypted back to its original form using the appropriate decryption key.
   
. Decryption: The reverse process of encryption, where ciphertext is transformed back into plaintext using the decryption algorithm and the correct key.
   
. Symmetric Encryption: A type of encryption where the same key is used for both encryption and decryption. Examples include AES (Advanced Encryption Standard) and DES (Data Encryption Standard).
   
. Asymmetric Encryption: Also known as public-key cryptography, it involves a pair of keys: a public key for encryption and a private key for decryption. RSA and ECC (Elliptic Curve Cryptography) are common asymmetric encryption algorithms.

Implementing Cryptography in PHP

PHP provides robust cryptographic functions through its OpenSSL and Mcrypt extensions, allowing developers to implement various encryption techniques easily. Here's a step-by-step guide on how to perform common cryptographic operations in PHP:

1. Symmetric Encryption

<?php
$encryptionKey = openssl_random_pseudo_bytes(32);

$plaintext = "Sensitive data to encrypt";
$ciphertext = openssl_encrypt($plaintext, 'aes-256-cbc', $encryptionKey, 0, $iv);

$decryptedText = openssl_decrypt($ciphertext, 'aes-256-cbc', $encryptionKey, 0, $iv);

echo $decryptedText;
?>

2. Asymmetric Encryption

<?php
$config = array(
 "digest_alg" => "sha512",
 "private_key_bits" => 4096,
 "private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$keyPair = openssl_pkey_new($config);

openssl_pkey_export($keyPair, $privateKey);
$publicKey = openssl_pkey_get_details($keyPair)["key"];

$plaintext = "Confidential message";
openssl_public_encrypt($plaintext, $encrypted, $publicKey);

openssl_private_decrypt($encrypted, $decrypted, $privateKey);

echo $decrypted;
?>

Best Practices for Cryptography in PHP

While implementing cryptography in PHP, it's essential to adhere to best practices to ensure maximum security:
   
. Use Strong Algorithms: Always use widely recognized cryptographic algorithms like AES for symmetric encryption and RSA for asymmetric encryption.
   
. Key Management: Safeguard encryption keys carefully. Utilize secure key management practices, such as storing keys in secure vaults and rotating them regularly.
   
. Data Integrity: Implement mechanisms to verify data integrity, such as HMAC (Hash-based Message Authentication Code), to detect tampering attempts.
   
. Secure Communication: When transmitting encrypted data over networks, use secure protocols like HTTPS to prevent eavesdropping and man-in-the-middle attacks.
   
. Stay Updated: Keep PHP and cryptographic libraries up to date to patch any security vulnerabilities and ensure compatibility with the latest cryptographic standards.

By following these guidelines and leveraging the cryptographic capabilities of PHP, developers can strengthen the security posture of their applications and protect sensitive data from unauthorized access. Remember, effective cryptography is not just about encryption but also encompasses key management, integrity verification, and secure communication practices. With diligence and proper implementation, PHP can be a powerful tool for building secure and resilient systems in today's digital landscape.

Unit testing is a crucial aspect of modern software development, ensuring that individual units of code function correctly in isolation. In PHP, unit testing helps developers identify bugs early in the development cycle, improve code quality, and facilitate code maintenance. In this comprehensive guide, we'll walk you through the process of creating unit tests in PHP, using popular testing frameworks like PHPUnit.

Why Unit Testing?

Unit testing involves testing individual components or units of code in isolation from the rest of the application. Here are some reasons why unit testing is essential:
   
. Bug Detection: Unit tests help identify bugs and regressions early in the development process, making them easier and cheaper to fix.
   
. Code Quality: Writing unit tests encourages developers to write modular, well-structured, and maintainable code.
   
. Improved Documentation: Unit tests serve as executable documentation, providing clear examples of how individual components of your code should behave.

Getting Started with PHPUnit:

PHPUnit is the most widely used testing framework for PHP. It provides a robust set of features for writing and executing unit tests. Let's dive into how you can get started with PHPUnit:

Installation:

You can install PHPUnit using Composer, the PHP package manager. Simply navigate to your project directory and run the following command:

composer require --dev phpunit/phpunit

This command installs PHPUnit as a development dependency in your project.

Writing Your First Test:

Now that PHPUnit is installed, let's create a simple test case. Create a new directory named tests in your project root, and within that directory, create a file named ExampleTest.php. Here's an example of what your test file might look like:

<?php

use PHPUnit\Framework\TestCase;

class ExampleTest extends TestCase
{
 public function testTrueAssertsToTrue()
 {
 $this->assertTrue(true);
 }
}

This test case contains a single test method named testTrueAssertsToTrue, which asserts that true is indeed true.

Running Tests:

To run your tests, simply execute PHPUnit from the command line, pointing it to your test directory. Run the following command in your project root:

vendor/bin/phpunit tests

PHPUnit will discover and execute all test cases within the specified directory, providing detailed feedback on the results.

Writing Testable Code:

Writing testable code is essential for effective unit testing. Here are some best practices to follow:
   
. Separation of Concerns: Ensure that your code follows the principle of separation of concerns, with clear boundaries between different components.
   
. Dependency Injection: Use dependency injection to inject dependencies into your classes, making it easier to replace them with mock objects during testing.
   
. Mocking and Stubbing: Use PHPUnit's mocking and stubbing features to simulate the behavior of dependencies and isolate the code under test.

Advanced Features:

PHPUnit provides a wide range of advanced features for writing comprehensive unit tests. Some notable features include:

-Data Providers: Use data providers to run a test method with multiple sets of data.

-Annotations: PHPUnit supports annotations for marking test methods, setting up fixtures, and configuring test execution.

-Code Coverage: PHPUnit can generate code coverage reports, showing which parts of your codebase are covered by your tests.

Conclusion:

Unit testing is an indispensable practice in modern PHP development, and PHPUnit makes it easy to write and execute unit tests for your codebase. In this guide, we've covered the basics of getting started with PHPUnit, writing testable code, and leveraging advanced features to write comprehensive unit tests. By incorporating unit testing into your development workflow, you can improve code quality, reduce bugs, and build more robust and maintainable PHP applications.