Obfuscate PHP code

Couldn't find all that much besides Zend Guard and ionCube PHP Encoder.

When it comes to open source solutions the only one that stood out was YAK Pro and so far is working.

Any other, preferably open source, solutions to check out?

Also any insight on this subject is appreciated.

https://redd.it/1nxnebf
@r_php

CodeIgniter vs Laravel vs symphony for PHP developer

I'm PHP developer, who developed web apps using procedural PHP coding and have good understanding on OOP too. Now for me its time to learn one of the PHP frameworks.
I'm freelancer and also created few small web apps that are still working very well.

My plan is:

Be competent for job searching in the future if I might need to.
To replace my old and procedural PHP codes with better framework code.
To create my own startup web app.

I prefer to have:

Control and freedom
Fast and security
Fast speed of development and scalability

So which one would you choose for me based on your experiences.

Thank you in advance.

https://redd.it/1nxx8ny
@r_php

NGINX UNIT + TrueAsync

How is web development today different from yesterday? In one sentence: nobody wants to wait for a server response anymore!
Seven or ten years ago or even earlier — all those modules, components being bundled, interpreted, waiting on the database — all that could lag a bit without posing much risk to the business or the customer.

Today, web development is built around the paradigm of maximum server responsiveness. This paradigm emerged thanks to increased internet speeds and the rise of **single-page applications (SPA)**. From the backend’s perspective, this means it now has to handle as many fast requests as possible and efficiently distribute the load.
It’s no coincidence that the two-pool architecture request workers and job workers has become a classic today.

The one-request-per-process model handles loads of many “lightweight” requests poorly. It’s time for concurrent processing, where a single process can handle multiple requests.

The need for concurrent request handling has led to the requirement that server code be as close as possible to business logic code. It wasn’t like that before! Previously, web server code could be cleanly and elegantly abstracted from the noscript file using CGI or FPM. That no longer works today!

This is why all modern solutions either integrate components as closely as possible or even embed the web server as an internal module. An example of such a project is \*\*NGINX Unit\*\*, which embeds other languages, such as JavaScript, Python, Go, and others — directly into its worker modules. There is also a module for PHP, but until now PHP has gained almost nothing from direct integration, because just like before, it can only handle one request per worker.

Let’s bring this story to an end! Today, we present **NGINX Unit** running PHP in concurrent mode:
[Dockerfile](https://github.com/EdmondDantes/nginx-unit/blob/true-async/src/true-async-php/Dockerfile)

Nothing complicated:

# 1.Configuration

**unit-config.json**

{
"applications": {
"my-php-async-app": {
"type": "php",
"async": true, // Enable TrueAsync mode
"entrypoint": "/path/to/entrypoint.php",
"working_directory": "/path/to/",
"root": "/path/to/"
}
},
"listeners": {
"127.0.0.1:8080": {
"pass": "applications/my-php-async-app"
}
}
}

# 2. Entrypoint

<?php

use NginxUnit\HttpServer;
use NginxUnit\Request;
use NginxUnit\Response;

set_time_limit(0);

// Register request handler
HttpServer::onRequest(static function (Request $request, Response $response) {
// handle this!
});

It's all.

`Entrypoint.php` is executed only once, during worker startup. Its main goal is to register the `onRequest` callback function, which will be executed inside a `coroutine` for each new request.

The `Request`/`Response` objects provide interfaces for interacting with the server, enabling non-blocking write operations. Many of you may recognize elements of this interface from Python, JavaScript, Swoole, AMPHP, and so on.

This is an answer to the question of why PHP needs TrueAsync.

For anyone interested in looking under the hood — please take a look here: [NGINX UNIT + TrueAsync](https://github.com/EdmondDantes/nginx-unit/tree/true-async/src/true-async-php)

https://redd.it/1nxzpt3
@r_php

Launched a package: Laravel Auto Transaction - Simplifying Database Transaction Management

After working with Laravel applications, I noticed developers often forget to wrap critical operations in transactions or miss rollback handling. This led to data inconsistencies in production.

So I built Laravel Auto Transaction - an open-source package that automates database transaction management.

**Key Features:**

* Automatic commit on success, rollback on failure
* Middleware support for entire routes
* Built-in retry mechanism for deadlock handling
* Multi-database connection support
* Zero configuration required


This is my first Laravel package. The tests are passing, documentation is ready, and it's available on Packagist.

📦 Installation: `composer require sheum/laravel-auto-transaction`

🔗 GitHub: [github.com/laravel-auto-transaction](https://github.com/mohamadsheam/laravel-auto-transaction)

📖 Packagist: [packagist.org/laravel-auto-transaction](https://packagist.org/packages/sheum/laravel-auto-transaction)

I'd appreciate any feedback, suggestions, or contributions from the Laravel community.

Thanks

https://redd.it/1nya2h2
@r_php

Symfony 7 + API Platform - Complete Docker Setup
https://youtu.be/98ZSfji9XKs

https://redd.it/1nyibl5
@r_php

Laravel-based static site generator HydePHP v2 is released
https://hydephp.com/posts/hydephp-version-2-0-released

https://redd.it/1nyiif4
@r_php

Symfony 7 + API Platform - Complete Docker Setup
https://youtu.be/98ZSfji9XKs

https://redd.it/1nyi8jh
@r_php

A Week of Symfony #979 (September 29 – October 5, 2025)
https://symfony.com/blog/a-week-of-symfony-979-september-29-october-5-2025?utm_medium=feed&utm_source=Symfony%20Blog%20Feed

https://redd.it/1nyj5yc
@r_php

I realized I'm moving away from MVC towards Livewire, should I stop myself?

I got into Livewire with version 3 release and ever since then I don't think I've built an app without it. Especially Volt components, it's so convenient and snappy with no page refresh after each form submission that I just.. Can't do without it anymore?

In my current project, I'm planning to make it a long term one, it's the one I'm placing all my chips on. And I'd like to have a "clean" structure with it. So I'm contemplating if Livewire will cause too much confusion later on with my codebase.

For example I'm currently building the MVP, and further down the line I'll eventually have to change some logic, like "allow users to create post if they have enough credit", or if they've renewed their membership etc. And for this, to me it feels like it makes more sense to have this "control" in a "Controller" rather than one Volt file where I also have my frontend code.

I'm aware that I can use gates or custom requests for this, but my point is that this logic will still be scattered in a bunch of Volt components rather than one Controller that "controls" the whole Model.

I don't have any js framework knowledge and I've always used blade templates on my apps, so Livewire is the only way I currently know to build an SPA-like interface. I also never liked the separate frontend and backend approach.

What do you think? Should I go back to MVC structure, continue with Livewire? Or stop being so old headed and learn React or Vue?

https://redd.it/1nynw6u
@r_php

Laravel-based static site generator HydePHP v2 is released
https://hydephp.com/posts/hydephp-version-2-0-released

https://redd.it/1nyr46w
@r_php

Weekly /r/Laravel Help Thread

Ask your Laravel help questions here. To improve your chances of getting an answer from the community, here are some tips:

What steps have you taken so far?
What have you tried from the documentation?
Did you provide any error messages you are getting?
Are you able to provide instructions to replicate the issue?
Did you provide a code example?
Please don't post a screenshot of your code. Use the code block in the Reddit text editor and ensure it's formatted correctly.

For more immediate support, you can ask in the official Laravel Discord.

Thanks and welcome to the r/Laravel community!

https://redd.it/1nytmj5
@r_php

Testing with Pest - any support

Hi guys,

I’ve started working with Pest browser testing, and I’m looking for ways to speed up the process of writing tests. A few times I got stuck on some steps that took me quite a while to figure out.

Do you have any advice or tips?

https://redd.it/1nz1t1r
@r_php

Laravel docker setup

Hey, so I’ve been learning some laravel, (with laracasts), and I’ve been using laravel herd for development.

However, I’d like to have some docker dev environment. I’ve read that the best practice is to have a container specifically for artisan & php commands, isolated from the fpm one.

So I made my own version heavily inspired by the official docker docs.

Would u say it’s good enough?
https://github.com/Piioni/Dockerconfig/tree/dockerlaravel

https://redd.it/1nz8cn1
@r_php

Weekly Ask Anything Thread

Feel free to ask any questions you think may not warrant a post. Asking for help here is also fine.

https://redd.it/1nz88ca
@r_php

Weekly help thread

Hey there!

This subreddit isn't meant for help threads, though there's one exception to the rule: in this thread you can ask anything you want PHP related, someone will probably be able to help you out!

https://redd.it/1nzb6zr
@r_php

Opinions Welcome - ParagonIE Open Source Software

Hi /r/PHP,

It's been a while since I've posted here. My company maintains several open source libraries under [the paragonie/ namespace](https://packagist.org/packages/paragonie/), all with a security and cryptography focus.

We have a bunch of cool stuff we're already planning to launch in 2026. A few teasers:

1. Post-quantum cryptography implemented in pure PHP
* This one's mostly blocked by [the Zeroth Rule of writing secure cryptography in PHP](https://paragonie.com/blog/2017/02/cryptographically-secure-php-development) and picking an implementation to write a PHP extension and submitting it to PECL.
* I highly recommend reading the linked blog post if you're deeply horrified by the prospect of implementing cryptography in PHP. [We do it](https://github.com/paragonie/sodium_compat) sometimes. We even [fork less secure libraries to offer secure alternatives sometimes](https://github.com/paragonie/phpecc).
2. Public key discovery for PASETO
* This is basically our answer to JWK. We're working on a few approaches with the cryptography community (mostly [C2SP](https://github.com/C2SP/C2SP) folks) on some infrastructure approaches before we publish our design.
3. [Post-Quantum PASETO](https://github.com/paseto-standard/paseto-spec/pull/36)
* Depends on the first two getting shipped :P
4. A tool to detect supply-chain attacks in Packagist
* I'm going to be a little vague about this until we get closer to open sourcing the tool, but we've got a proof of concept and we're actively tuning it to make false positives less annoying.
* We're also testing our methodology on NPM packages, browser extensions, WordPress plugins, and a few other areas of interest.

There is a lot of work we need to do before those are ready to launch, but they're coming soon.

In the past month, we've cut a bunch of releases to our more popular open source software, including:

* **sodium_compat** v2.4.0 / v1.23.0 -- Performance and testing improvements. See [this PR](https://github.com/paragonie/sodium_compat/pull/198) for more info.
* **constant_time_encoding** v2.8 / v3.1 -- Now uses ext-sodium (if it's installed) for some codecs, which accelerates performance over PHP code
* **doctrine-ciphersweet** and **eloquent-ciphersweet** - cut alpha releases of Framework-specific adapters for [CipherSweet](https://github.com/paragonie/ciphersweet) (searchable encryption library for PHP and SQL)

These releases were mostly us scratching our own itch: Either one of our clients needed this, or we wanted to see if we could improve the performance or assurance of our libraries.

Which brings me to the purpose of this post: **What software could we write today that would make your life easier?**

We have a few ideas: Full-text search for CipherSweet (with a few experimental ideas being assessed, though no promises on a 2026 release), extending our PHPECC fork to include pairing-based cryptography (e.g., BLS-12-381), a PHP implementation of [FROST](https://www.rfc-editor.org/rfc/rfc9591.html), and a PHP implementation of [Messaging Layer Security](https://www.rfc-editor.org/rfc/rfc9420.html).

Do any of those speak to you? Would you rather see something else? Did we overlook a really obvious win that you wish we started developing *yesterday*? Let us know in the comments below.

*Caveat*: We are **NOT** currently interested in developing anything directly AI-related.

https://redd.it/1nzjdcl
@r_php

i've built the world’s strictest laravel/php starter kit..
https://youtu.be/VhzP0XWGTC4?si=gA2aVOXzc8Ax44-j

https://redd.it/1nzkodk
@r_php

SymfonyCon Amsterdam 2025: Regular tickets Ends Wednesday!
https://symfony.com/blog/symfonycon-amsterdam-2025-regular-tickets-ends-wednesday?utm_medium=feed&utm_source=Symfony%20Blog%20Feed

https://redd.it/1nzl8nn
@r_php

Collaborating with devfluencers — open invite from a YC-startup doing AI code reviews

Hey Reddit devs 👋

I’m part of CodeAnt AI (YC-backed), and we’re launching an AI code review platform to help devs catch bugs, improve code quality, and ship faster — without the PR-level dread.

We’re looking to collaborate with tech creators / influencers who have an audience of developers and love writing about topics like: • AI & code • Dev productivity & workflows • InfoSec / AppSec • DevOps / infra / cloud / CI/CD • Testing, debugging, refactoring • Git, version control, architecture • Developer tooling & open source

What we offer: • Early access to features & launches (Dev360, open source, etc.) • Promo support & shared content • Revenue / affiliate or partnership opportunities (we can discuss)

If this sounds interesting, fill this form out- https://forms.gle/pw74HC1j2i7mot1J9

https://redd.it/1nzqb1z
@r_php

Reusable OpenAPI Classes: Eliminating Boilerplate in PHP API Documentation | LTSCommerce - Bespoke PHP Development
https://ltscommerce.dev/articles/reusable-openapi-classes-php-symfony.html

https://redd.it/1nzpj7a
@r_php

Old WordPress site with PHP errors — fix it or start from scratch?

Hi everyone!

I’m a web development student currently doing an internship. I was asked to look at a WordPress site that was built about 5 years ago. The site hasn’t had maintenance since then, and I’ve noticed a few issues: PHP errors due to undefined keys. Some frontend features, like a carousel, aren’t working.

I’m not sure whether it’s even feasible to fix this old site or if a rebuild would be a better option. I’d love some guidance from more experienced devs.

My questions:
1. Would you try to fix a 5-year-old, unmaintained WordPress site like this, or start fresh?

2. Are there best practices or approaches for safely assessing a site without making things worse?

3. Any advice for estimating the cost or effort of fixing vs rebuilding?

Thanks so much for any tips, guidance, or resources.

https://redd.it/1o00j91
@r_php