deploy a php solution on customer's server
hi,
one customer, want to host the developed php solution on their server - they have use-only license.
how can i protect the source code on that server?
what i am looking for is a way to prevent them to change the code and for us to be able to prevent them for further usage if for example the payments stop.
thanks.
https://redd.it/1mw4gn1
@r_php
hi,
one customer, want to host the developed php solution on their server - they have use-only license.
how can i protect the source code on that server?
what i am looking for is a way to prevent them to change the code and for us to be able to prevent them for further usage if for example the payments stop.
thanks.
https://redd.it/1mw4gn1
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
"Lambo PHP devs" what are you using?
Hi all,
I heard often phrases like "node js devs are unemployed and php devs drive lambos".
What are these lambo php devs using most of the time? Vanilla php? Wordpress? Drupal? Laravel? Symfony?
https://redd.it/1mw6zxx
@r_php
Hi all,
I heard often phrases like "node js devs are unemployed and php devs drive lambos".
What are these lambo php devs using most of the time? Vanilla php? Wordpress? Drupal? Laravel? Symfony?
https://redd.it/1mw6zxx
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Video interview: PHP in 2025 with core dev Gina Banyard and contributor Larry Garfield
https://youtu.be/Sjf4jXh2GJA
https://redd.it/1mw84cs
@r_php
https://youtu.be/Sjf4jXh2GJA
https://redd.it/1mw84cs
@r_php
YouTube
PHP in 2025 with core dev Gina Banyard and contributor Larry Garfield
0:00 - Intro
1:08 - Motivation to work on PHP
1:54 - Modern PHP
3:12 - JIT
5:02 - Non web server uses
6:23 - Personal work on PHP
8:24 - Governance
9:29 - Funding
12:02 - Future directions
14:36 - Cleaning up
15:56 - Closing thoughts
1:08 - Motivation to work on PHP
1:54 - Modern PHP
3:12 - JIT
5:02 - Non web server uses
6:23 - Personal work on PHP
8:24 - Governance
9:29 - Funding
12:02 - Future directions
14:36 - Cleaning up
15:56 - Closing thoughts
Has anyone integrated Dodo Payments with Laravel?
I’m trying to integrate Dodo Payments into my Laravel 12 project.
I installed their PHP SDK but I’m running into a syntax error (@ related) when I try to use it. I couldn’t find any Laravel-specific tutorial or video for Dodo Payments integration—only general PHP or Node.js examples.
👉 Has anyone here successfully integrated Dodo Payments with Laravel?
Did you use their PHP SDK directly or a Laravel package?
Any example code, blog, or tutorial you can point me to?
How did you handle subnoscriptions and webhooks in Laravel?
Any help (or even just pointing me to the right resources) would be super appreciated.
https://redd.it/1mwe8k2
@r_php
I’m trying to integrate Dodo Payments into my Laravel 12 project.
I installed their PHP SDK but I’m running into a syntax error (@ related) when I try to use it. I couldn’t find any Laravel-specific tutorial or video for Dodo Payments integration—only general PHP or Node.js examples.
👉 Has anyone here successfully integrated Dodo Payments with Laravel?
Did you use their PHP SDK directly or a Laravel package?
Any example code, blog, or tutorial you can point me to?
How did you handle subnoscriptions and webhooks in Laravel?
Any help (or even just pointing me to the right resources) would be super appreciated.
https://redd.it/1mwe8k2
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Keycloak + Symfony (KnpU OAuth2Client) users getting logged out after ~30–60 minutes despite long session settings
I'm integrating Keycloak with a Symfony app using
---
### Environment
Symfony 7
KnpU OAuth2ClientBundle
Keycloak (latest, running in Docker)
---
### Symfony `security.yaml` (relevant parts)
```yaml
firewalls:
main:
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AdminFormAuthenticator
- App\Security\KeycloakAuthenticator
entry_point: App\Security\AdminFormAuthenticator
logout:
path: app_logout
target: app_home
remember_me:
secret: '%kernel.secret%'
lifetime: 2592000 # 30 days
path: /
always_remember_me: true
```
I also store the refresh token in session and use it to refresh the access token when needed:
```php
if (!$request->query->has('code') && $session->has('refresh_token')) {
$accessToken = $this->refreshAccessToken($client, $session->get('refresh_token'));
} else {
$accessToken = $this->fetchAccessToken($client);
}
```
---
### Keycloak session/token settings
SSO Session Idle: 30 days
SSO Session Max: 10 days
Client Session Idle: 30 days
Client Session Max: 10 minutes (?? maybe suspicious?)
Offline Session Idle: 30 days
Access Token Lifespan: 15 days
Refresh Token lifespan: refresh disabled (default)
Login timeout: 30 minutes
Screenshots from KC settings:
- [Image 1](https://i.sstatic.net/fzTV9bz6.png)
- [Image 2](https://i.sstatic.net/la6nYY9F.png)
- [Image 3](https://i.sstatic.net/9QQTJbCK.png)
---
### The problem
Despite these "long" settings, sessions actually expire and users get logged out after about 30–60 minutes. Reports from users match what I've also experienced.
It looks like either:
Keycloak is expiring client sessions early (e.g. because of the 10 min Client Session Max?), or
Symfony is not persisting/refreshing tokens properly, or
My
---
### My question
What is the likely cause of users being logged out after 30–60 minutes?
Is this due to Keycloak's Client Session Max = 10 minutes overriding the longer SSO Session Idle/Max?
Do I need to explicitly enable refresh tokens in Keycloak and adjust their lifespan?
Is my Symfony `remember_me` irrelevant here because OAuth2 tokens control session duration?
What's the recommended setup so Keycloak + Symfony sessions last ~days or weeks, not 30 minutes?
Any insight into how these Keycloak session settings interact with Symfony's session + refresh token logic would be appreciated.
https://redd.it/1mx0u6r
@r_php
I'm integrating Keycloak with a Symfony app using
knpuniversity/oauth2-client-bundle and a custom authenticator. The flow works fine, but my users (and myself) are getting logged out after about 30–60 minutes, even though I've configured long session lifetimes in Keycloak and Symfony.---
### Environment
Symfony 7
KnpU OAuth2ClientBundle
Keycloak (latest, running in Docker)
---
### Symfony `security.yaml` (relevant parts)
```yaml
firewalls:
main:
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\AdminFormAuthenticator
- App\Security\KeycloakAuthenticator
entry_point: App\Security\AdminFormAuthenticator
logout:
path: app_logout
target: app_home
remember_me:
secret: '%kernel.secret%'
lifetime: 2592000 # 30 days
path: /
always_remember_me: true
```
I also store the refresh token in session and use it to refresh the access token when needed:
```php
if (!$request->query->has('code') && $session->has('refresh_token')) {
$accessToken = $this->refreshAccessToken($client, $session->get('refresh_token'));
} else {
$accessToken = $this->fetchAccessToken($client);
}
```
---
### Keycloak session/token settings
SSO Session Idle: 30 days
SSO Session Max: 10 days
Client Session Idle: 30 days
Client Session Max: 10 minutes (?? maybe suspicious?)
Offline Session Idle: 30 days
Access Token Lifespan: 15 days
Refresh Token lifespan: refresh disabled (default)
Login timeout: 30 minutes
Screenshots from KC settings:
- [Image 1](https://i.sstatic.net/fzTV9bz6.png)
- [Image 2](https://i.sstatic.net/la6nYY9F.png)
- [Image 3](https://i.sstatic.net/9QQTJbCK.png)
---
### The problem
Despite these "long" settings, sessions actually expire and users get logged out after about 30–60 minutes. Reports from users match what I've also experienced.
It looks like either:
Keycloak is expiring client sessions early (e.g. because of the 10 min Client Session Max?), or
Symfony is not persisting/refreshing tokens properly, or
My
remember_me config doesn’t interact correctly with OAuth2.---
### My question
What is the likely cause of users being logged out after 30–60 minutes?
Is this due to Keycloak's Client Session Max = 10 minutes overriding the longer SSO Session Idle/Max?
Do I need to explicitly enable refresh tokens in Keycloak and adjust their lifespan?
Is my Symfony `remember_me` irrelevant here because OAuth2 tokens control session duration?
What's the recommended setup so Keycloak + Symfony sessions last ~days or weeks, not 30 minutes?
Any insight into how these Keycloak session settings interact with Symfony's session + refresh token logic would be appreciated.
https://redd.it/1mx0u6r
@r_php
With PHP8.5 we'll get Error Backtraces V2 on Fatal Errors
https://wiki.php.net/rfc/error_backtraces_v2
https://redd.it/1mx1q54
@r_php
https://wiki.php.net/rfc/error_backtraces_v2
https://redd.it/1mx1q54
@r_php
By simply configuring the .env file, a simple and safe Blue-Green Deployment is instantly set up for the Laravel sample
https://github.com/patternhelloworld/docker-blue-green-runner
https://redd.it/1mxcryw
@r_php
https://github.com/patternhelloworld/docker-blue-green-runner
https://redd.it/1mxcryw
@r_php
GitHub
GitHub - patternhelloworld/docker-blue-green-runner: By simply configuring the .env file, a safe isomorphic Blue-Green Deployment…
By simply configuring the .env file, a safe isomorphic Blue-Green Deployment is instantly set up. - patternhelloworld/docker-blue-green-runner
Facade Maker
Speed up facade creation in Laravel with Facade Maker.
Generate facades and services instantly, keeping your app structure clean and consistent.
Try it here: https://laravel-hub.com/package/facade-maker
https://redd.it/1mxcke4
@r_php
Speed up facade creation in Laravel with Facade Maker.
Generate facades and services instantly, keeping your app structure clean and consistent.
Try it here: https://laravel-hub.com/package/facade-maker
https://redd.it/1mxcke4
@r_php
Laravel Hub
facade-maker - Laravel Hub
A Laravel Package that helps you create facade architecture.
VSCode setup recommended extensions
Hi everyone,
I'm currently working/learning PHP in my work place and I'm looking at the setup or VSCode extension for PHP. What are the essential extension for PHP in VSCode? Also, I'm beginner in PHP in general so I appreciate any suggestion. The project is in PHP Laravel though I think it doesn't matter. Thank you in advance .
https://redd.it/1mxi09q
@r_php
Hi everyone,
I'm currently working/learning PHP in my work place and I'm looking at the setup or VSCode extension for PHP. What are the essential extension for PHP in VSCode? Also, I'm beginner in PHP in general so I appreciate any suggestion. The project is in PHP Laravel though I think it doesn't matter. Thank you in advance .
https://redd.it/1mxi09q
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
$SESSION array does not work from a subdomain.
Hi, everybody!
I have the following situation. A web page is in a subdirectory of my domain:
[`https://myowndomain.com/app`](https://myowndomain.com/app)
And it works fine.
Now, a subdomain was made in another domain that points to the previously mentioned web page:
`https://app.farawaydom.com -> https://myowndomain.com/app`
Works fine except that the $\SESSION array is null when accessed from app.farawaydom.com .
Is there any solution to this issue?
Thank you in advance.
https://redd.it/1mxn4fv
@r_php
Hi, everybody!
I have the following situation. A web page is in a subdirectory of my domain:
[`https://myowndomain.com/app`](https://myowndomain.com/app)
And it works fine.
Now, a subdomain was made in another domain that points to the previously mentioned web page:
`https://app.farawaydom.com -> https://myowndomain.com/app`
Works fine except that the $\SESSION array is null when accessed from app.farawaydom.com .
Is there any solution to this issue?
Thank you in advance.
https://redd.it/1mxn4fv
@r_php
PHP Performance Benchmarking
Hi There,
I'm looking for multiple studies regarding PHP performance in scenarios of CPU model difference of Intel VS AMD
I want to find on which specific scenarios - which would serve better.
Are there any studies conducting such tests to see if there are any actual difference in reality?
https://redd.it/1mxxxfx
@r_php
Hi There,
I'm looking for multiple studies regarding PHP performance in scenarios of CPU model difference of Intel VS AMD
I want to find on which specific scenarios - which would serve better.
Are there any studies conducting such tests to see if there are any actual difference in reality?
https://redd.it/1mxxxfx
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Pretend - Impersonate users with ease
https://github.com/horlerdipo/pretend
https://redd.it/1mxxpl0
@r_php
https://github.com/horlerdipo/pretend
https://redd.it/1mxxpl0
@r_php
GitHub
GitHub - Horlerdipo/pretend: A simple package to impersonate users when building APIs with Laravel Sanctum, allowing administrators…
A simple package to impersonate users when building APIs with Laravel Sanctum, allowing administrators to generate temporary tokens and act on behalf of other users without using sessions. - Horler...
I've published my first PHP app as a Docker image
I've just published the Docker image I asked some advice about here a few days ago.
https://www.reddit.com/r/PHP/comments/1mq53si/best\_strategies\_to\_distribute\_a\_php\_app\_in\_a/
First of all, I would like to thank all those who commented the post. I received many useful tips which helped me to build the image. So which decisions did I make?
1. No Composer in the image. The Dockerfile runs the Composer commands during the build process, and do not include Composer in the final image. As a result, the image starts very fast, even at the first run.
2. Run Composer in a separate stage, then copy the vendor dir and other useful files to the final image. Another advice received here. I hope this way no unexpected files are included in the image.
What I think I could have done.
1. Use FrankenPHP. It it simpler to setup than Nginx Unit, but it costs an extra 30Mb or more in the final image.
2. Run Composer after the build. I feel a little bit uncomfortable about including the vendor dir in the image. A composer.lock file and the appropriate Composer commands executed in the container entry point provide the same result, without any notable security issue, afaik. Maybe I care too much about the Packagist stats of those open source packages, and not enough about the container immutability.
3. Use a makefile or another tool for advance configuration. It could have made sense for a more complex setup, but the requirements here are simple enough to be tackled with a few cli commands.
The resulting image is available here: https://hub.docker.com/r/lagdo/jaxon-dbadmin, and the Dockerfile is here: https://github.com/lagdo/dbadmin-app/tree/main/docker.
I'll explain what the application is in a next post.
Thanks again for all your contributions.
https://redd.it/1my2rld
@r_php
I've just published the Docker image I asked some advice about here a few days ago.
https://www.reddit.com/r/PHP/comments/1mq53si/best\_strategies\_to\_distribute\_a\_php\_app\_in\_a/
First of all, I would like to thank all those who commented the post. I received many useful tips which helped me to build the image. So which decisions did I make?
1. No Composer in the image. The Dockerfile runs the Composer commands during the build process, and do not include Composer in the final image. As a result, the image starts very fast, even at the first run.
2. Run Composer in a separate stage, then copy the vendor dir and other useful files to the final image. Another advice received here. I hope this way no unexpected files are included in the image.
What I think I could have done.
1. Use FrankenPHP. It it simpler to setup than Nginx Unit, but it costs an extra 30Mb or more in the final image.
2. Run Composer after the build. I feel a little bit uncomfortable about including the vendor dir in the image. A composer.lock file and the appropriate Composer commands executed in the container entry point provide the same result, without any notable security issue, afaik. Maybe I care too much about the Packagist stats of those open source packages, and not enough about the container immutability.
3. Use a makefile or another tool for advance configuration. It could have made sense for a more complex setup, but the requirements here are simple enough to be tackled with a few cli commands.
The resulting image is available here: https://hub.docker.com/r/lagdo/jaxon-dbadmin, and the Dockerfile is here: https://github.com/lagdo/dbadmin-app/tree/main/docker.
I'll explain what the application is in a next post.
Thanks again for all your contributions.
https://redd.it/1my2rld
@r_php
Reddit
From the PHP community on Reddit
Explore this post and more from the PHP community
Laisser la production en mode dev
Bonjour
Je fais ce post suite à un projet communautaire pour un serveur minecraft qui est une plateforme de vente d'objets en symfony.
Lors du passage en production (le premier de toute ma vie), j'ai eu de très nombreux problèmes notamment liés au mapping et au versioning des images.
Depuis, même après 6 heures de debug le problème est le suivant:
Si le projet est en mode dev, aucune erreur et les couleurs custom de tailwind sont bien appliquées.
si le projet est en mode prod, les images ne chargent plus et les couleurs de tailwind sont toutes remplacées par un bleu clair par défaut.
Quels sont les risques à laisser l'application en mode dev même pour les utilisateurs? Il n'y a aucune donnée sensible ni aucune manipulation d'argent, donc j'hésite vraiment à utiliser cette solution bien qu'elle relève de la facilité.
Je suis à l'écoute de vos solutions / avis
https://redd.it/1my4g7a
@r_php
Bonjour
Je fais ce post suite à un projet communautaire pour un serveur minecraft qui est une plateforme de vente d'objets en symfony.
Lors du passage en production (le premier de toute ma vie), j'ai eu de très nombreux problèmes notamment liés au mapping et au versioning des images.
Depuis, même après 6 heures de debug le problème est le suivant:
Si le projet est en mode dev, aucune erreur et les couleurs custom de tailwind sont bien appliquées.
si le projet est en mode prod, les images ne chargent plus et les couleurs de tailwind sont toutes remplacées par un bleu clair par défaut.
Quels sont les risques à laisser l'application en mode dev même pour les utilisateurs? Il n'y a aucune donnée sensible ni aucune manipulation d'argent, donc j'hésite vraiment à utiliser cette solution bien qu'elle relève de la facilité.
Je suis à l'écoute de vos solutions / avis
https://redd.it/1my4g7a
@r_php
Reddit
From the symfony community on Reddit
Explore this post and more from the symfony community
PHP RFC: JSON Schema validation support
https://wiki.php.net/rfc/json_schema_validation
https://redd.it/1my5413
@r_php
https://wiki.php.net/rfc/json_schema_validation
https://redd.it/1my5413
@r_php
Q: Import One Million Rows To The Database - 2?
Inspired by this video:
[https://www.youtube.com/watch?v=CAi4WEKOT4A](https://www.youtube.com/watch?v=CAi4WEKOT4A)
A *“friend of mine”* is working on a project that needs a robust solution for importing and syncing millions of rows across many users. The app is a marketing tool that syncs thousands of contacts from multiple external sources into a user’s address book. The system needs to:
* Fetch newly available contacts
* Update existing ones
* Remove contacts deleted from the original source
Ideally, all this should happen with minimal delay. The challenge grows as more users join, since the volume of operations increases significantly.
Right now, my *“friend”* is considering a recurring job to pull contacts and update them locally, but there are many open questions about scalability, efficiency, and best practices.
If you know of any resources, design patterns, or approaches that could help build an elegant and efficient solution, please share!
Thanks!
https://redd.it/1mya6cl
@r_php
Inspired by this video:
[https://www.youtube.com/watch?v=CAi4WEKOT4A](https://www.youtube.com/watch?v=CAi4WEKOT4A)
A *“friend of mine”* is working on a project that needs a robust solution for importing and syncing millions of rows across many users. The app is a marketing tool that syncs thousands of contacts from multiple external sources into a user’s address book. The system needs to:
* Fetch newly available contacts
* Update existing ones
* Remove contacts deleted from the original source
Ideally, all this should happen with minimal delay. The challenge grows as more users join, since the volume of operations increases significantly.
Right now, my *“friend”* is considering a recurring job to pull contacts and update them locally, but there are many open questions about scalability, efficiency, and best practices.
If you know of any resources, design patterns, or approaches that could help build an elegant and efficient solution, please share!
Thanks!
https://redd.it/1mya6cl
@r_php
YouTube
Import One Million Rows To The Database (PHP/Laravel)
In this video, we explore different ways to import large CSV files in Laravel, benchmarking each approach and discussing their pros and cons. From simple collection-based imports to high-performance concurrent processing - let's try it out together.
📜 Repository…
📜 Repository…
Boosting Laravel Boost
Laravel dropped a new package "Laravel Boost". It makes AI suck less by giving it a bunch of tools to better understand your app, and it's great. But I think we can give it an extra boost.
https://blog.oussama-mater.tech/laravel-boost/
https://redd.it/1myb0d2
@r_php
Laravel dropped a new package "Laravel Boost". It makes AI suck less by giving it a bunch of tools to better understand your app, and it's great. But I think we can give it an extra boost.
https://blog.oussama-mater.tech/laravel-boost/
https://redd.it/1myb0d2
@r_php
blog.oussama-mater.tech
Boosting Laravel Boost
In the era of AI, LLMs are undeniably part of our workflow. Let's make them suck less with Laravel Boost.