Backdoor Activates in Magento Supply Chain Attack Impacting 1000 Stores
https://cyberinsider.com/backdoor-activates-in-magento-supply-chain-attack-impacting-1000-stores/
https://redd.it/1kcktte
@r_php
https://cyberinsider.com/backdoor-activates-in-magento-supply-chain-attack-impacting-1000-stores/
https://redd.it/1kcktte
@r_php
CyberInsider
Backdoor Activates in Magento Supply Chain Attack Impacting 1000 Stores
A supply chain attack has compromised dozens of Magento-based ecommerce modules, injecting a backdoor that lay dormant for six years.
I've spent 10+ years in PHP — Here's what I wish I knew earlier (especially for beginners)
After a decade of building everything from small tools to full-fledged platforms in PHP, I thought I’d share a few things I wish someone had told me earlier. Hope this helps someone starting out or even those stuck in the middle:
1. Use modern PHP — PHP 8+ is awesome. Strong typing, attributes, JIT — don’t write PHP like it’s 2010.
2. Frameworks aren’t everything — Laravel is amazing, but understanding the core PHP concepts (OOP, HTTP handling, routing, etc.) makes you dangerous in a good way.
3. Stop writing raw SQL everywhere — Use Eloquent or at least PDO with prepared statements to avoid headaches and security issues.
4. Testing saves lives — Even basic PHPUnit tests can save you from late-night debugging nightmares.
5. Composer is your best friend — Learn it well. It turns PHP into a modern ecosystem.
6. Invest in debugging skills — Learn Xdebug or at least proper logging with Monolog. Dump-and-die will only take you so far.
7. Use tools like PHPStan or Psalm — They will catch issues before they become bugs.
8. Security isn’t optional — Validate, sanitize, escape. Always.
9. Build side projects — That’s how I learned 90% of what I now use in client projects.
10. Join the community — Reddit, Discord, GitHub, Laracasts forums. You’ll grow 10x faster.
Curious to hear from you all:
What are your top “I wish I knew this earlier” PHP lessons?
https://redd.it/1kcmy5h
@r_php
After a decade of building everything from small tools to full-fledged platforms in PHP, I thought I’d share a few things I wish someone had told me earlier. Hope this helps someone starting out or even those stuck in the middle:
1. Use modern PHP — PHP 8+ is awesome. Strong typing, attributes, JIT — don’t write PHP like it’s 2010.
2. Frameworks aren’t everything — Laravel is amazing, but understanding the core PHP concepts (OOP, HTTP handling, routing, etc.) makes you dangerous in a good way.
3. Stop writing raw SQL everywhere — Use Eloquent or at least PDO with prepared statements to avoid headaches and security issues.
4. Testing saves lives — Even basic PHPUnit tests can save you from late-night debugging nightmares.
5. Composer is your best friend — Learn it well. It turns PHP into a modern ecosystem.
6. Invest in debugging skills — Learn Xdebug or at least proper logging with Monolog. Dump-and-die will only take you so far.
7. Use tools like PHPStan or Psalm — They will catch issues before they become bugs.
8. Security isn’t optional — Validate, sanitize, escape. Always.
9. Build side projects — That’s how I learned 90% of what I now use in client projects.
10. Join the community — Reddit, Discord, GitHub, Laracasts forums. You’ll grow 10x faster.
Curious to hear from you all:
What are your top “I wish I knew this earlier” PHP lessons?
https://redd.it/1kcmy5h
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Do PHP shops tend to use the cloud / CI/CD or not?
Hi. Sorry if this is a dumb question, but I'm wondering if PHP shops tend to deploy their sites to the cloud, using Jenkins / Bitbucket Pipelines / Github Actions or whatever, or if such sites still tend to be 'deployed' to traditional hosting, e.g. Linode? I get the sense that the PHP world is a bit...dusty, you see. I tend to see cloud / CI/CD mentioned more on Java/C# job ads as a 'nice to have'.
https://redd.it/1kcpokp
@r_php
Hi. Sorry if this is a dumb question, but I'm wondering if PHP shops tend to deploy their sites to the cloud, using Jenkins / Bitbucket Pipelines / Github Actions or whatever, or if such sites still tend to be 'deployed' to traditional hosting, e.g. Linode? I get the sense that the PHP world is a bit...dusty, you see. I tend to see cloud / CI/CD mentioned more on Java/C# job ads as a 'nice to have'.
https://redd.it/1kcpokp
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
New in Symfony 7.3: Configurable Compound Rate Limiter
https://symfony.com/blog/new-in-symfony-7-3-configurable-compound-rate-limiter?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
https://redd.it/1kcwcki
@r_php
https://symfony.com/blog/new-in-symfony-7-3-configurable-compound-rate-limiter?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
https://redd.it/1kcwcki
@r_php
Symfony
New in Symfony 7.3: Configurable Compound Rate Limiter (Symfony Blog)
In Symfony 7.3, you can now configure compound rate limiters without writing custom code.
NativePHP for Mobile (with Android) is here! 🚀
https://nativephp.com/mobile
https://redd.it/1kcy0vk
@r_php
https://nativephp.com/mobile
https://redd.it/1kcy0vk
@r_php
Nativephp
Build native applications, with the tools you already know.
SymfonyOnline June 2025 : Efficient Web Scraping with Symfony & PHP
https://symfony.com/blog/symfonyonline-june-2025-efficient-web-scraping-with-symfony-and-php?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
https://redd.it/1kd0cfp
@r_php
https://symfony.com/blog/symfonyonline-june-2025-efficient-web-scraping-with-symfony-and-php?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
https://redd.it/1kd0cfp
@r_php
Symfony
SymfonyOnline June 2025 : Efficient Web Scraping with Symfony & PHP (Symfony Blog)
Learn how to scrape the web efficiently and ethically with Symfony & PHP. 🎤 Efficient Web Scraping with Symfony & PHP with Suparn Padma Patra at #SymfonyOnline June 2025
Which code style tool warns you from too high complexity?
Hi,
I once worked on a php project and phpstorm would show me a warning in the editor when I nested codeblocks too deep like 4 nested if conditions.
I can't find that tool anywhere. I set up phpstan and php-cs-fixer but nothing. maybe it's some kind of custom rule?
https://redd.it/1kd14m1
@r_php
Hi,
I once worked on a php project and phpstorm would show me a warning in the editor when I nested codeblocks too deep like 4 nested if conditions.
I can't find that tool anywhere. I set up phpstan and php-cs-fixer but nothing. maybe it's some kind of custom rule?
https://redd.it/1kd14m1
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Building a model reservation system with atomic locks
https://youtu.be/czHUFCWVY0c
https://redd.it/1kd3i14
@r_php
https://youtu.be/czHUFCWVY0c
https://redd.it/1kd3i14
@r_php
YouTube
Building a model reservation system with atomic locks
We're using Laravel's atomic locks and database-generated columns to build a reliable reservation system—without race conditions or extra tables. I'll show you how to hook into Laravel’s cache lock system, add polymorphic relationships, and use generated…
How to show uploaded image preview on EasyAdmin "new" entity page?
Hi everyone,
I'm working on a small side project and decided to use EasyAdmin as the admin panel. Overall, it's been great and covers most of my needs. However, I've run into one issue I can't figure out.
I have an entity that includes an image. I'd like the image to be displayed:
1. On the "edit" page — showing the currently saved image.
2. On the "new" page — as soon as a file is selected (before saving the entity).
I managed to override the
But I can't figure out how to make the image preview appear when creating a new entity — right after selecting a file. Has anyone dealt with this or could point me in the right direction?
Thanks in advance!
https://redd.it/1kcwos4
@r_php
Hi everyone,
I'm working on a small side project and decided to use EasyAdmin as the admin panel. Overall, it's been great and covers most of my needs. However, I've run into one issue I can't figure out.
I have an entity that includes an image. I'd like the image to be displayed:
1. On the "edit" page — showing the currently saved image.
2. On the "new" page — as soon as a file is selected (before saving the entity).
I managed to override the
ea_fileupload_widget and added an <img> tag to preview the image, which works fine on the "edit" page.But I can't figure out how to make the image preview appear when creating a new entity — right after selecting a file. Has anyone dealt with this or could point me in the right direction?
Thanks in advance!
https://redd.it/1kcwos4
@r_php
Reddit
From the symfony community on Reddit
Explore this post and more from the symfony community
Nightwatch open source alternative ?
Hi
I'm managing more than a dozen laravel apps, on a few servers.
I've heard of nightwatch recently, and found interresting to be able to monitor all my apps in one central place.
But, in my company, we have a very strict policy about data that should not get out.
I'm dreaming of building something like nightwatch, but perhaps a bit more lightweight.
Perhaps something collecting Laravel Pulse data, centralizing it on a main dashboard, that could be queried at whole, the server level, or app by app...
Anyone might be interested joining this journey ? wants to share their needs ? or even collaborate on this open source project ?
https://redd.it/1kd9bbl
@r_php
Hi
I'm managing more than a dozen laravel apps, on a few servers.
I've heard of nightwatch recently, and found interresting to be able to monitor all my apps in one central place.
But, in my company, we have a very strict policy about data that should not get out.
I'm dreaming of building something like nightwatch, but perhaps a bit more lightweight.
Perhaps something collecting Laravel Pulse data, centralizing it on a main dashboard, that could be queried at whole, the server level, or app by app...
Anyone might be interested joining this journey ? wants to share their needs ? or even collaborate on this open source project ?
https://redd.it/1kd9bbl
@r_php
Reddit
From the laravel community on Reddit
Explore this post and more from the laravel community
Privacy Driven Development: How Not to Do It
https://dailyrefactor.com/privacy-driven-development-how-not-to-do-it
https://redd.it/1kddqcg
@r_php
https://dailyrefactor.com/privacy-driven-development-how-not-to-do-it
https://redd.it/1kddqcg
@r_php
i made a weird terminal emulator in php with a plugin system
hey, just sharing this weird little project I made in a day, its a terminal emulator written in php with a very pacman inspired plugin manager cuz why not. it even has paranoid mode for running stuff in a bubblewrap sandbox.
termongel
feedback, roast, pr whatever welcome!
https://redd.it/1kdasgy
@r_php
hey, just sharing this weird little project I made in a day, its a terminal emulator written in php with a very pacman inspired plugin manager cuz why not. it even has paranoid mode for running stuff in a bubblewrap sandbox.
termongel
feedback, roast, pr whatever welcome!
https://redd.it/1kdasgy
@r_php
GitHub
GitHub - termongel/termongel: unconvential php based terminal emulator for linux
unconvential php based terminal emulator for linux - termongel/termongel
Browsing Past Editions of The Laralist is now Available
Hey everyone,
I just wanted to let you know that we've added a newsletter archive to The Laralist.
Now, you can easily browse through past editions and catch up on curated Laravel, PHP, package news, tips, and interesting reads you might have missed.
I hope you find it useful!
You can see it here: https://thelaralist.com/archives
https://redd.it/1kdpoua
@r_php
Hey everyone,
I just wanted to let you know that we've added a newsletter archive to The Laralist.
Now, you can easily browse through past editions and catch up on curated Laravel, PHP, package news, tips, and interesting reads you might have missed.
I hope you find it useful!
You can see it here: https://thelaralist.com/archives
https://redd.it/1kdpoua
@r_php
Substack
Archive - The Laralist
Full archive of all the posts from The Laralist.
What is the best authentication method, in PHP?
I’m currently developing a side project that I intend to publish later. It’s a Vue-based frontend application interfacing with a PHP backend via a REST API. I’m looking to implement a secure and reliable authentication method. What would be the most effective and safest approach to handle authentication in this architecture?
https://redd.it/1kdr3cq
@r_php
I’m currently developing a side project that I intend to publish later. It’s a Vue-based frontend application interfacing with a PHP backend via a REST API. I’m looking to implement a secure and reliable authentication method. What would be the most effective and safest approach to handle authentication in this architecture?
https://redd.it/1kdr3cq
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Looking for a good logging solution
Hi,
I'm running a hobby project with Symfony-Docker (frankenphp) and want to get an overview of my logs. So i need some kind of dashboard where I can search and filter my logs. I read about elk https://symfony.com/doc/current/logging/handlers.html but it says it's not a good fit for production because it sends the logs during request-response. So I was wondering if there is some solution that can just read the logfile and send it to elk or do you use any other tool for logging?
https://redd.it/1kdsiaa
@r_php
Hi,
I'm running a hobby project with Symfony-Docker (frankenphp) and want to get an overview of my logs. So i need some kind of dashboard where I can search and filter my logs. I read about elk https://symfony.com/doc/current/logging/handlers.html but it says it's not a good fit for production because it sends the logs during request-response. So I was wondering if there is some solution that can just read the logfile and send it to elk or do you use any other tool for logging?
https://redd.it/1kdsiaa
@r_php
Symfony
Handlers (Symfony Docs)
ElasticsearchLogstashHandler This handler deals directly with the HTTP interface of Elasticsearch. This means it will slow down your application if Elasticsearch takes time to answer. Even if all HTTP…
Are enums just extremely cool or I am doing use them to often.
When I first learned about enums, I wasn't sure what to use them for. But now, I use them quite often—primarily to store values in the database or to create config enums that also provide labels through a label function.
How do you use enums to make your code cleaner?
https://redd.it/1kdw6da
@r_php
When I first learned about enums, I wasn't sure what to use them for. But now, I use them quite often—primarily to store values in the database or to create config enums that also provide labels through a label function.
How do you use enums to make your code cleaner?
https://redd.it/1kdw6da
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Is this somebody overusing AI?
I was reading a PR recently and saw this code:
This does the same thing (edit: in my app, which takes values or Closures) as
Am I off base here?
https://redd.it/1kdx7xk
@r_php
I was reading a PR recently and saw this code:
->color(Closure::fromCallable([$this, “getStateColor”]))This does the same thing (edit: in my app, which takes values or Closures) as
->color($this->getStateColor()). Except, at least to me, I have no idea why any human would write it the former way unless they were heavily using AI without thinking (this guy’s code regularly breaks, but previously this could be ascribed to a lack of skill or attention to detail).Am I off base here?
https://redd.it/1kdx7xk
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community