Tag Archive: php

I had an issue on this old legacy site in work where I was writing a basic acceptance test where it clicks all the links in the top section of the home page. The problem was that one of the links opened another window using JavaScript. So I had to reconfigure Codeception to get it running.

There are various different drivers that codeception uses, PhpBrowser which doesn’t do JS, Selenium WebDriver does, and you have several options; you could install Selenium, chrome headless browser, or phantomjs. I chose phantomjs, as it was easiest (for me) to get up and running on a non X Server.

First up, you’ll need phantomjs. Go download it, unpack the zip, move the folder somewhere, and then symlink the bin/phantomjs to /usr/bin/phantomjs.

Next, launch phantomjs like so:

phantomjs --webdriver=4444 --ignore-ssl-errors=true --ssl-protocol=any

Now, in your YAML:

# Codeception Test Suite Configuration

# suite for acceptance tests.
# Run the following command FIRST:
# phantomjs --webdriver=4444 --ignore-ssl-errors=true --ssl-protocol=any


class_name: WebGuy
         - WebDriver
         - WebHelper
             url: 'https://USER:PASS@YOUR_URL_HERE'
             browser: phantomjs
                 acceptSslCerts: true

If you have a site using HTTP Basic Auth, put USER:PASSWORD@ in yopur URL, if not, remove it.

Now in your acceptance test, you can write:

$i->click('Nouvel abonnement');

Note that, in your Javascript, when you run the open window function, you specify a name. This is the name you use, and not the title from the HTML <head> section!

And there you have it! We can now test with javascript functionality!


It’s something to do with using PHP FPM / Fast CGI, and auth headers being disable for that.

So we add this to the directory entry of the .htaccess:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

You now have your missing header back!

In PHPStorm, you can do a regex find and replace. To upgrade a crappy old site using <?, just use the following regex:



DOMDocuments are cool, and a really nice way of dealing with HTML in an OO fashion. However, sometimes, we have an HTML string element which we need to add to our Document. Here’s how you do it:

    function createNodesFromHTML(DOMDocument $doc,$str) 
        $nodes = array();
        $d = new DOMDocument();
        $child = $d->documentElement->firstChild->firstChild;
        while($child) {
            $nodes[] = $doc->importNode($child,true);
            $child = $child->nextSibling;
        return $nodes;

        $dom = new DOMDocument();
        $icon = '<i class="fa fa-remove"></i>'; // This is our string

        $button = $dom->createElement('a');
        $button->setAttribute('href', '/whatever/delete/12345');
        $button->setAttribute('class', 'btn btn-sm btn-danger');
        // This is us turning the string(s) into nodes we can add
        $nodes = createNodesFromHTML($dom, $icon);
        echo $dom->saveHTML();

As any decent developer knows, register_globals was a terrible idea, a security risk, and turned ON by default in old versions of PHP!

Thankfully it was removed in PHP 5.4. However, if you are stuck developing on a site that used register_globals, you may find yourself in a situation where seemingly you can’t upgrade beyond PHP 5.3.

However, it’s not all bad news, we can put a piece of code in place which emulates register_globals. This will let us turn it off. It still means your code is less than secure, but of course that’ll be fixed in time as you upgrade and refactor the site, right?

To emulate register_globals, just add the following code to one of your initialisation/bootstrap scripts:

// Emulate register_globals on
if (!ini_get('register_globals')) {
    $superglobals = array($_SERVER, $_ENV,
        $_FILES, $_COOKIE, $_POST, $_GET);
    if (isset($_SESSION)) {
        array_unshift($superglobals, $_SESSION);
    foreach ($superglobals as $superglobal) {
        extract($superglobal, EXTR_SKIP);

Now you can turn it off in php.ini. Why is it so bad though? Well, have a look at this:


Looks like nothing should happen on that page, right? nothing has been defined.

WRONG! try adding ?loggedIn=anything to the end of the URL:


As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to http://www.puphpet.com, fill in the forms to configure your VM,  generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.

Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.

Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.

The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.

So for this box, I created exec-once/install-stuff.sh which contained the following:

yum -y install httpd php
yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!

I then made set-vhosts.sh, and import-database.sh, which look like these:

echo "
Adding vhosts to /etc/httpd/conf/httpd.conf
echo "
<VirtualHost *:80>

   DocumentRoot /var/www/fife/web
   ServerName fife
   ErrorLog /var/www/fife/log/error.log

   <Directory "/var/www/fife">
      Options -Indexes +FollowSymLinks
      Order allow,deny
      Allow from all
      AllowOverride All

" >> /etc/httpd/conf/httpd.conf

And …

mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql

I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!

You can then also start thinking about using puPHPet for deploying your setup to your production server 🙂 There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. https://github.com/tknerr/vagrant-managed-servers . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!

This is real easy, but i keep forgetting which option to use!

If you have separated some of your code into a composer vendor package, and are currently using it in a project, it can be annoying if you need to update it. First you need to open that project up, make your changes, commit, push, wait for tests to pass on travis etc, tag a new version (depending), update packagist if it hasn’t automatically already, and then you can go back into composer and update.

So to save that hassle, composer has the –prefer-source option (–prefer-dist is the one that confused me). This puts the .git folder in your vendor package folder, allowing you to edit, commit, and push from there. Much better.

If you already have the package installed, just delete it. If you haven’t installed it yet, just require it. Both with the –prefer-source option.

composer require delboy1978uk/user --prefer-source
// or
composer update delboy1978uk/user --prefer-source

Replacing my own package above with the one you need, of course. Have fun!Screen Shot 2016-01-14 at 20.26.55

Because this is the way you ensure your code is awesome, and provably works!

If you you have some code you think could be reused in lots of projects, create a repository in Github and share it with the world!

I set up a project on github called delboy1978uk/blank. It’s literally a blank PHP project waiting to be written.

However it already has configuration for Travis for automated testing, and it also hooks up with Scrutinizer, which will analyse the code coverage report Travis sends it,  giving you reports on how many of your class methods have been tested, and the quality of your code (less complex methods = good!).

You can clone the repository, rename a folder and a couple of files, and search and replace my blank class name refs, then you are good to go! Just composer install and you can run tests by running:

vendor/bin/codecept run unit --coverage-html

The coverage option generates an html report you can browse in the tests/output folder.

If you try it straight away you’ll see there is one test in tests/unit/del/BlankTest.php. Tests usually follow this pattern. If it says you pass a string as an argument, and return some object, then test it! The simplest example is a getter/setter. If you run setsomething(‘hello’); then getSomething() should be ‘hello’. Most tests say something like $this->assertTrue() or $this->assertInstanceOf() or $this->assertEquals(). You get the idea. Check the code coverage reports to ensure the tests cover all eventualities. But it’s great seeing your code working, with tested PROOF that it works.

So to summarise:

  • Create your new repository on Github, activate your new repository in Travis CI , and activate your new  repository in Scrutinizer
  • Clone https://github.com/delboy1978uk/blank somewhere and delete the .git from it
  • Clone https://github.com/you/your-project somewhere-else
  • Copy everything from somewhere to somewhere-else (including hidden files)
  • Tweak the composrr.json, rename the class file and test file, search and replace refs
  • Commit & Push 😀
  • Register your project on Packagist!

All that should be doable in 5 minutes, so you can instantly get set up ready to code the real stuff! Try writing your assumptions first in the test file!


Phpunit is being removed from Pear, so the best way to install it now is by creating a phpunit.sh which you drop into your puphpet/files/exec-once-unprivileged directory:

composer global require "phpunit/phpunit=4.4.*"
export PATH=$PATH:~/.composer/vendor/bin/

Then just vagrant provision, and that should be it!

This is insanely easy to set up. Run this, or stick it in your .bashrc. If you are running your server on a VM or remote server, change localhost to the IP of your dev box.

export XDEBUG_CONFIG=”idekey=PHPSTORM remote_host=localhost profiler_enable=1″

Now you can start listening for conections in your IDE.