Testing with Apigility II

By Zdenek Machek | 04 March 2015 | Comment

After describing how easily you can test each controller and action in the previous blog post, soon you will face one problem called authentication and authorization.

Should you ignore it and run tests without it? You can but if you want functional tests to be sure all components need to be in place and verify everything works together, then you need to have authentication in place. Apigility handles both authentication and authorization. This is very helpful but it might be tricky to test it.

Read more »

Testing with Apigility I

By Zdenek Machek | 03 March 2015 | Comment

Apigility is a very interesting project built on ZendFramework 2 which allows you quickly create decent APIs. Decent in this case means that the API will correctly handle all requests and responses including content negotiation, http response codes, versioning and much more.

Apigility's killer feature is the admin interface which helps you to create all services, prepare documentation and generate code stubs.
One thing which Apigility is not doing at the moment is generating tests for your controllers and this is where this blog post might help you.

Read more »

PHPStorm, PHPUnit and Vagrant II

By Zdenek Machek | 30 November 2014 | Comment

Until PHPStorm moved to version 8 it wasn't exactly straight forward to run and debug PHPUnit tests from PHPStorm on a Vagrant Box. In the previous article on PHPStorm, PHPUnit and Vagrant  we discussed how to run PHPUnit tests on a remote webserver and what you'll need to do to get it working with Vagrant.

PHPStorm 8 brings an option to execute PHP over SSH. The option to run PHPUnit tests on a remote webserver still works but using SSH is definitely a cleaner/better option.

Read more »

Take screenshot with Behat after failed step

By Zdenek Machek | 08 August 2014 | Comment

Behat is a very popular tool for Behaviour Driven Develepment (BDD). It's a very robust and complex tool - but one very handy feature seems to be missing. When step/scenario fails, you get a message indicating where it failed, but what would really help is a screenshot and/or the ability to see the page where it failed, so you can quickly detect where the problem was.

This can be solved effectively with the old PHPUnit Selenium RC extension, and similar functionality can also be replicated easily with the Behat AfterStep hook.

Read more »

After years of hard work I finally published my book, it's called PHPUnit Essentials. Hopefully readers will find it useful because it's not just a copy of the PHPUnit manual, it's a practical guide to automated software testing for PHP developers.

A lot described in the book is the result of skills I learned developing applications at Loft and a lot I learned writing this book is now used for the automated testing we do at Loft.

Read more »

PHPStorm, PHPUnit and Vagrant

By Zdenek Machek | 20 January 2014 | Comment

If you are using Vagrant (VirtualBox) as your development environment and PHPStorm as your IDE, you might have already tried to run PHPUnit tests through the IDE. The problem is that the IDE is running on one machine and your development environment is another (virtual) machine. In this case you can't use the PHP CLI directly or you have to install it on both machines. And then you are missing the point why to use an extra development environment. But PHPStorm does support remote PHPUnit test execution, just the IDE configuration is not exactly straight forward.

Read more »

Killing rainbows

By Daniel Mason | 18 October 2013 | Comment

You often read about user password details being stolen from websites and other services, but how can you make sure your users' passwords are kept safe?

Hashing passwords is pretty standard. You don't keep your users passwords in plain text because if you get hacked, the attacker can just see their password, then use it to log into your site or worse, other peoples sites. Additionally the password hash can't be turned back into a actual password... or can it?

Enter Rainbow Tables

A rainbow table is a huge list with two fields, the potential password and the hash of that password. If you hash all of your passwords in the same way, even if that way looks pretty clever, then your user data can be cracked open by a rainbow table.

Read more »

It's dangerous to go alone! Take $this

By Daniel Mason | 26 June 2013 | Comment

Because you're passing a reference to an object, rather than a whole object, there's negligible overhead doing this and it means you can chain methods together.

class SimpleCounter {

protected $total = 0;

public function add($amount)
    $this->total += $amount
    return $this

public function subtract($amount)
    $this->total -= $amount
    return $this

public function getTotal()
    return $this->total;

And now...

$counter = new SimpleCounter();
echo $counter->add(5)
// 4
echo $counter->getTotal();
// 4

Read more »

Since its initial release in 2010, jQuery Mobile (jQM) has developed a well deserved reputation for being a flexible mobile framework. jQM's philosophy can be summarised in 3 points:

  • It offers a unified system
  • Allows universal access, and
  • Is easy to develop with

Read more »

Are you carrying too much baggage?

By Sarah Tupman | 18 April 2013 | Comment

We all love a slick functionality fueled website, but are your users being given what they want, when they really want it?

Your homepage gives your user the opportunity to sign up to your newsletter with some nifty validation, check out your office location on a google map, interact with your content on a social level and look at your great photography in a carousel. This is awesome, but we know they can't do all of these things simultaneously, right? When the user lands on your page, all they need to know is that they can do all these things - if they so wish.

Read more »