Blog Archive

The first few milliseconds of HTTPS

Date: 12 Jun 2014
Tags: has published my presentation about the first few milliseconds of HTTPS. This presentation has been presented by me at the International PHP Conference in Berlin last month.

Throttle your API calls: RateLimitBundle

Date: 28 May 2014
Tags: [ api ]  [ bundle ]  [ http ]  [ PHP ]  [ ratelimit ]  [ symfony2

A web application is not complete without an API nowadays. APIs allow third parties - or just end users - to use the data from the platform for whatever they want. But by allowing applications to make automated calls to your API can result quickly in our systems overloading. Too many times third party applications will be polling your API when they don’t really need too, and maybe you can lighten the load a bit with some heavy-duty caching, but in essence you want that every API call made matters.

Dynamic form modification in Symfony2

Date: 19 Mar 2014
Tags: [ dynamic ]  [ events ]  [ form ]  [ PHP ]  [ symfony2

Sometimes (or actually, a lot of the time), handling forms will go beyond the basics. And even though Symfony2 gives you out-of-the-box a really clean way of creating forms, it sometimes just isn’t enough.

Fortunately, you are not alone in writing forms, and many posts exists with information on how to handle complex forms. In this post, I will try and demonstrate how to create a dynamic form where you can select a city based on the chosen province. 

Bitwise mask emulation with Solr

Date: 28 Feb 2014
Tags: [ bit manipulation ]  [ solr

Solr is great for searching through a massive data collection in lots of different ways. But one thing Solr lacks is the possibility to search bitwise. And this by itself makes sense: Solr uses inverted indexing and doing bitwise operations on it’s indexes might result in a loss of performance. There are, however, some plugins that will allow you to use bitwise operations, but there might even be a more native way:

SPL Deepdive: RegexIterator

Date: 12 Feb 2014
Tags: [ regexiterator ]  [ spl

If everything goes according to plan (which never is the case), I’ll try and highlight some of the fascinating stuff that can be found inside the SPL. I do a lot of presentations about the SPL, and one of the things I like to tell people is that even though the SPL, - iterators particularly - is a magnificent piece of code that is often underused and misunderstood, it does come with some quirks and glitches that aren’t documented properly.

Email Subaddressing

Date: 04 Feb 2014
Tags: [ email ]  [ exim ]  [ mail ]  [ subaddressing

Sometimes you are looking so hard for a solution, that you won’t even see them even if they punched you in the face. Email Subaddressing is one of those issues I couldn’t get fixed.

Symfony2 app/console bash completion

Date: 02 Feb 2014
Tags: [ bash ]  [ completion ]  [ symfony2 ]  [ zsh

If you do command line work under Linux, you probably are aware that when pressing <TAB> automatically completes your command, or give you options for it that are currently available. For instance, when entering cd l en pressing <TAB>, bash gives you a list of all directories starting with an l, which you can select instead of type. If there is only one available directory that starts with an l, it will automatically fill this in for you.

A great way to speed up your CLI development work, and an even better way to get acquainted with all options that are available to you for certain applications.

Realtime PHPUnit

Date: 02 Feb 2014
Tags: [ continuous tests ]  [ phpunit

Not all IDEs (actually, i haven’t seen even one IDE that does this), can run your unit-tests as soon as something changes.

Decoding TLS with PHP.

Date: 30 Dec 2013
Tags: [ encryption ]  [ rc4 ]  [ ssl ]  [ tls

As a proof of concept I wanted to see in how far I could decode some TLS data on the client side. Obviously, this is very complex matter, and even though TLS looks deceptively simple, it isn’t. To make matters worse, PHP isn’t quite helping us making things easy neither. 

External code coverage with travis / scrutinizer

Date: 20 Nov 2013
Tags: [ CI ]  [ clover ]  [ scrutinizer ]  [ travis

I really love the [travis-ci][1] and [scrutinizer-ci][2] combo. Between them there are not many things missing like you would find in more complex systems like Jenkins for instance. Both travis and scrutinizer are really easy to setup (just click on which github repository you want to test), setup your yaml config files and off you go: instant CI.

TeleHash: an encrypted p2p network for your apps

Date: 12 Nov 2013
Tags: [ dht ]  [ encryption ]  [ json ]  [ kademlia ]  [ p2p ]  [ telehash

In the current day and age, using a plain HTTPS connection might not be the most secure way to communicate anymore. Sure, for your purposes and goals we can assume that this communication is safe enough, but cracks are appearing in the security, and we might need to move to better, more secure ways in maybe a shorter period than anyone expected. But how do we do this? We are not crypto-experts, and you probably have no idea how HTTPS works to begin with. Should we find ourselves a secure way to encrypt our data? Should we “invent” new methods that look safe, just because it’s too complex to explain what’s going on?

Yearly mail routine

Date: 22 Oct 2013

**January 1, **

This year will be different. I will sort all my mail directly into different mailboxes. I will make sure my inbox will be 0 at all times. Yes! This is going to be an awesome worry-free mail year!

FullSpectrumLaser aka: why you should think twice on buying from them

Date: 21 Jul 2013
Tags: [ full spectrum laser ]  [ lasercutter ]  [ no service

After buying a secondhand generic Rabbit laser cutter, I immediately fell in love with laser cutting and engraving. It really rocks, you can make really neat things and we even use it for promotion for my company. Awesome stuff, but our laser cutter wasn’t good enough: it’s a pretty cheap chinese manufacturing, with buggy software that only can communicate through a LPT port (remember those, me neither). So we decided to take a look around to see if we could find a better cutter, and we came out at Full Spectrum Laser. We decided to buy a laser cutter from them:  - worst - decision - ever..

PHP's Resources and garbage collection

Date: 10 Jul 2013
Tags: [ deamon ]  [ garbage collection ]  [ PHP ]  [ strace

Today, I’ve found a nice bug/feature/whatsmathing in PHP. I was playing around with writing a daemon and if you have any experience writing daemons (in any language), there are a few rules you have to live by. For instance, setting your effective uid and gid to a non-privileged user (in case you needed to do some privileged initialization, like opening a socket on a tcp port < 1024), setting the process as a group leader with posix_setsid(), and redirecting stdio file descriptions. And here something went wrong which took a while to find and fix..

Twitter Customer Support: the best thing that happened for customers and companies

Date: 07 Jul 2013
Tags: [ social media ]  [ twitter

I’m not a social media 2.0 hipster kinda guy. I use Twitter a lot on personal account, I do not have Facebook. But i do some LinkedIn. There’s lots of power in (ab)using social media, I understand this, and I understand I do not use their full potential (nor I want to do so). However, there is one case I like to use social media with Twitter in particular: complaining to companies. Why? It works.. and almost at a 100% satisfaction rate.

Saffire update may 2013: coalesce

Date: 22 Apr 2013

One of the things that happens over and over again is that you need to check a value, and if it’s not set, it should set a default value. Normally, these variables could be initially set by properties, but sometimes you don’t have any control on initialization. For instance, when these values come from users.

Scrum issues: being agile isn't easy..

Date: 01 Apr 2013
Tags: [ scrum

I do a lot of consulting work and because of this I see lots of different development processes at many companies. Some of them are good, but most of them are not. And this problem isn’t caused by lack of trying, but of lack of expertise. Most - if not all - software development departments I visit try to be “agile” by implementing scrum. But unlike what many people think, implementing scrum in an efficient way isn’t that easy. It takes time and effort on ALL levels of a company. If your clients, or IT department aren’t ready to do scrum, then you won’t succeed either. You could of course, implement some of the facets of scrum, but scrum - it is not.

How Saffire doesn't do things different

Date: 21 Feb 2013
Tags: [ saffire

The question I get asked a lot, is what makes Saffire different? The most honest answer: nothing. There is absolutely nothing that makes Saffire different from other language, because Saffire doesn’t do things different. And there is a good reason for this: after many decades  of developing languages by many and much smarter people than yours truly, I do not pretend to have found the correct way on how to do things different - and better.

PHP5.5: Try/Catch/Finally

Date: 12 Feb 2013
Tags: [ catch ]  [ exception ]  [ finally ]  [ PHP ]  [ try

Exception handling is available in PHP since version 5.  It allows you to have a more fine-grained control over code when things go wrong ie, when exceptions occur. But since PHP 5.5, exception handling has finally evolved into what it should have been from the beginning: the finally part has been implemented.

Custom symfony2 config loader

Date: 30 Jan 2013
Tags: [ custom ]  [ loader ]  [ PHP ]  [ symfony2

It happens more and more: large projects where your symfony2 site is just a small part in the big picture. Lots of additional components might even play a bigger part, especially when you are dealing with asynchronous components  which are connected through message queues for instance. So the question is: we want to make sure that all your components are using the same settings, be it your symfony2 project, your bash-scripts, 3rd python application and whatnot. How do we keep this all in sync?