Time to promote some open source projects again! This time we’ve got an alternative to Laravel, but one that requires PHP7 (awesome!), some packages that really care about request validation and query param filtering, HPKP (security upgrades for everyone!), a package that makes your objects stricter and finally, a treat from the people who made Symfony!
是时候再推广一些开源项目了! 这次我们有了Laravel的替代品,但是需要PHP7(太棒了!),一些真正关心请求验证和查询参数过滤的软件包,HPKP(每个人的安全升级!),使您的对象更加严格的软件包。最后,从制作Symfony的人们那里得到一种享受!
This library aims to make it easy to build HTTP Public-Key-Pinning headers in your PHP projects, and requires at least PHP 7.
该库旨在简化在PHP项目中构建HTTP Public-Pinning标头的过程,并且至少需要PHP 7。
HTTP Public Key Pinning, or HPKP, is a security policy delivered via a HTTP response header much like HSTS and CSP. It allows a host to provide information to a user agent about which cryptographic identities it should accept from the host in the future. This can protect a host website from a security compromise at a Certificate Authority where rogue certificates may be issued for your hostname.
HTTP公钥固定或HPKP是通过HTTP响应标头提供的安全策略,就像HSTS和CSP一样。 它允许主机向用户代理提供有关其将来应从主机接受哪些加密身份的信息。 这可以保护主机网站免受证书颁发机构的安全威胁,在该机构中可能会为您的主机名颁发流氓证书。
Read more about HPKP here.
在此处阅读有关HPKP的更多信息。
Incoming is a PHP library designed to simplify and abstract the transformation of loose, complex input data into consistent, strongly-typed data structures.
Incoming是一个PHP库,旨在简化和抽象将松散,复杂的输入数据转换为一致的强类型数据结构的过程。
// Create our incoming processor $incoming = new Incoming\Processor(); // Process our raw form/request input into a User model $user = $incoming->process( $_POST, // Our HTTP form-data array new User(), // Our model to hydrate new UserHydrator() // The hydrator above );Explaining it to any great detail is outside the scope of this short post, but in essence it allows us to precisely define what kind of input information goes through and hydrates our model, rejecting, filtering, or transforming everything else.
对它进行任何详细的解释都超出了本文的范围,但是从本质上讲,它使我们可以精确地定义通过哪种输入信息并充实我们的模型,从而拒绝,过滤或转换其他所有内容。
It’s like Fractal, backwards. (Fractal makes sure the output matches a set structure, rather than input)
就像分形一样,倒退。 (分形确保输出匹配设置的结构,而不是输入)
The library currently has one outstanding issue – and it’s a discussion around a feature – but could definitely use some users and feedback! Maybe even a SitePoint post about it?
该库当前有一个未解决的问题-它是关于功能的讨论-但肯定可以使用一些用户和反馈! 甚至关于它的SitePoint帖子?
Yet another input filtering mechanism, this component of the Linio framework (?!) aims to abstract HTTP request input handling, allowing a seamless integration with your domain model. The component is responsible for:
Linio框架的这个组件(?!)的另一种输入过滤机制旨在抽象化HTTP请求输入处理,从而实现与域模型的无缝集成。 该组件负责:
Parsing request body contents 解析请求正文内容 Validating input data 验证输入数据 Hydrating input data into objects 将输入数据水合为对象So, in a way, just like Incoming above.
因此,在某种程度上,就像上面的“传入”一样。
You use input handlers to specify which data you’re expecting from requests:
您可以使用输入处理程序来指定期望从请求中获取哪些数据:
class RegistrationHandler extends InputHandler { public function define() { $this->add('referrer', 'string'); $this->add('registration_date', 'datetime'); $user = $this->add('user', 'Linio\Model\User'); $user->add('name', 'string'); $user->add('email', 'string'); $user->add('age', 'integer'); } }and then reference that in a controller:
然后在控制器中引用它:
class RegistrationController { public function registerAction(Request $request): Response { $input = new RegistrationHandler(); $input->bind($request->request->all()); if (!$input->isValid()) { return new Response($input->getErrorsAsString()); } $data = $input->getData(); $data['referrer']; // string $data['registration_date']; // \DateTime $data['user']; // Linio\Model\User return new Response(['message' => 'Valid!']); } }The library also supports types, constraints, transformers, and more – all about which you can read in the docs.
该库还支持类型,约束,转换器等,所有这些都可以在docs中阅读。
On a similar note, request-parser does something more lightweight.
同样,请求解析器执行的功能更轻量。
public function index() { $page = $this->queryParameter('page')->int()->required(); $order = $this->queryParameter('order')->oneOf(['asc', 'desc'])->required(); $createdAt = $this->queryParameter('createdAt')->dateTime()->defaultsTo(null); }Simple, right? Define required and optional parameters, with types, directly on your current request. There’s more to it, of course, but this is the gist of it.
简单吧? 直接在当前请求上定义必需和可选参数以及类型。 当然,还有更多内容,但这就是要点。
With a mere 18 stars, this library could definitely use some attention – both in terms of users, and in terms of contributors / testers.
仅库18星,就用户和贡献者/测试者而言,该库肯定会引起一些关注。
Opulence could be the competition Laravel has been waiting for. It’s a full stack framework with a minimum requirement of PHP 7.0. As the docs say:
富裕可能是Laravel一直在等待的竞争。 这是一个完整的堆栈框架,最低要求为PHP 7.0。 正如文档所说:
Opulence is a PHP web application framework that simplifies the difficult parts of creating and maintaining a secure, scalable website. With Opulence, things like database management, caching, ORM, page templates, and routing are a cinch. It was written with customization, performance, and best-practices in mind. Thanks to test-driven development (TDD), the framework is reliable and thoroughly tested. Opulence is split into components, which can be installed separately or bundled together.
Opulence是一个PHP Web应用程序框架,它简化了创建和维护安全,可扩展网站的难题。 使用Opulence,诸如数据库管理,缓存,ORM,页面模板和路由之类的事情变得轻而易举。 在编写时要牢记定制,性能和最佳实践。 得益于测试驱动开发(TDD),该框架可靠且经过了全面测试。 富豪分为多个组件,这些组件可以单独安装或捆绑在一起。
Like Laravel, it comes with its own components all around and its author is very determined to keep it cutting edge.
像Laravel一样,它到处都有自己的组件,其作者决心保持其领先地位。
Opulence blew up on Reddit the other day, collecting generally favorable reviews, so the star count isn’t as low as on other projects we’re mentioning in this post, but it could still use contributors if we want to give it the inertia needed to bite at Laravel’s heels.
前几天,Reddit上的富裕度爆炸了,收集了普遍好评的评论,因此,星级数量虽然不如我们在本文中提到的其他项目那么低,但是如果我们想给它提供所需的惯性,它仍然可以使用贡献者。咬伤Laravel的脚跟。
Yell is a PHP package to make your objects strict and throw exceptions when you try to access or set some undefined property in them.
Yell是一个PHP软件包,可让您的对象变得严格,并在尝试访问或在其中设置一些未定义的属性时引发异常。
use Zeeshanu\Yell\Scream; class Person { use Scream; public $name; public $age; } $person = new Person(); $person->name = 'John Doe'; $person->age = 23; // An exception will be thrown when showing message "Trying to set undefined property $profession in class Person" $person->profession = 'Teacher';Deptrac is a new tool from Sensiolabs (Symfony), and is a static code analysis tool that helps to enforce rules for dependencies between software layers. What does this mean specifically? For example, you can define a rule like “controllers may not depend on models”. To ensure this, deptrac analyzes your code to find any usages of models in your controllers and will show you where this rule was violated.
Deptrac是Sensiolabs(Symfony)的新工具,并且是静态代码分析工具,可帮助强制实施有关软件层之间依赖性的规则。 这具体是什么意思? 例如,您可以定义一个规则,例如“控制器可能不依赖于模型”。 为了确保这一点,deptrac分析您的代码以查找控制器中模型的任何用法,并将向您显示违反此规则的位置。
As an introduction, here’s a handy video they prepared:
作为介绍,这是他们准备的便捷视频:
Admittedly, this package is a little less indie than the others, but seems interesting enough to warrant promotion – we’d definitely like to see some use cases for it in tutorials. Care to write some?
诚然,该程序包比其他程序包少一些独立性,但看起来很有趣,值得推广—我们肯定希望在教程中看到一些用例。 愿意写一些吗?
That’s it for June – as always, please throw your links at us with the hashtags #sourcehunt and #php – here’s the link to the combination. Naturally, if you’d like to sourcehunt a project written in another language, alter accordingly.
六月结束了-与往常一样,请使用#sourcehunt和#php标签将您的链接扔给我们-这是组合的链接 。 自然,如果您想寻找其他语言编写的项目,请进行相应的更改。
Happy coding!
祝您编码愉快!
翻译自: https://www.sitepoint.com/sourcehunt-php7-only-alternative-to-laravel-hpkp-and-more/
相关资源:Laravel开发-laravel-rules