在PHP包管理上面,PHP发展的很缓慢,导致的结果就是很少发现程序员会使用像PEAR这样的工具。相反,大多数开发人员会选择他们自己喜欢的框架来处理代码,比如DB交互、ORIM’S、Oauth、Amazon S3整合等。缺点就是在转换框架的时候(或者根本不需要返回使用框架)就感觉像在做噩梦,因为涉及到使用新工具,你必须重新学习里面的一切东西,而这并不简单。OK,Composer来帮助你解决这些问题。
介绍
Composer通过把自己定位成“所有项目的粘合计”来着手解决问题。这也就意味着包可以被写,开发和以某种格式进行共享,其他开发人员可以轻松插入到应用程序中。
这篇文章将向大家讲解如何安装和使用Composer包。在文章最后,你就可以把代码块插入到任何一个框架中进行体验,你可以使用CodeIgniter,FuelPHP,Laravel,Symfony2,Lithium,Yii,Zend等。
安装
Composer包含两大逻辑部分:一个是用来存储包,另一个是命令行应用程序,帮助你发现、下载、更新和分享代码。
$ cd/path/to/my/project $ curl -s http://getcomposer.org/installer| php
在项目列表中,会有一个composer.phar文件,里面包含了所有逻辑代码行工具。你可以通过运行下面代码来确定是否安装成功。
$ php composer.phar
这个命令执行后会显示所有可用的命令。
我个人比较建议大家使用这个命令:
$ sudo mv composer.phar /usr/bin/composer
把这个文件移到bin目录下,它允许你简化命令。
$ composer about
如果你是在Windows上运行,你可以下载这个文件,然后通过PHP解析器安装,无论在哪里都可以。
解析composer.json文件
如果你是一名Ruby程序员,你会觉得这个文件跟Gemfile文件很相似,或者你是一个Node程序员,那么会觉得和package.json文件很像。同样,Composer会根据你的应用需求用composer.json文件来指定设置和封装。
在大多数基本的form里面,composer文件看起来是这样的:
{
"require": {
"kriswallsmith/assetic": "*"
}
}
意思是需要一个“assetic”包,通过“kriswallsmith”创建和指定任意一个版本。你也可以指定一个特殊的版本,你可以使用下面命令代替:
"kriswallsmith/assetic": "1.0.3"
你甚至还可以使用这种方法:
"kriswallsmith/assetic": "1.0.*"
这个有一些微小的变化,但是他不会升级到1.1.0,程序员需要注意界面上细微的变化。
安装要求
现在,在你的composer.json文件下面会有一个或多个包,这个时候可以运行:
$ php composer.phar install
或者,如果你听了我的建议,你只需要在Unix机器上面运行:
$ composer install
你会发现,正在下载文件并且会放在应用程序根目录下面的vendors文件夹里面。这个逻辑也可以使用下面的配置:
{
"require": {
"kriswallsmith/assetic": "1.0.*"
},
"config" : {
"vendor-dir" : "packages"
}
}
自动加载
自动加载在PHP里面有一点乱糟糟的,作为开发人员,他们有属于自己操作方式。比如Smarty包,使用自己的自动载入。有一些开发人员会把多个类放到一个文件里面,或者文件名小写,这些做法都太随意啦!
PHP官方社区创建了PSR-0标准,从而来规范这些随意的做法。Composer默认支持这个标准。Composer里面自带PSR-0自动加载机制,在项目里面加入下面一行代码:
include_once './vendor/autoload.php';
显然,如果autoload.php文件目录有变化,你也需要在代码里面做出相应改动。
下面,你可以在应用程序中使用如下代码:
<?php
use Assetic\Asset\AssetCollection;
use Assetic\Asset\FileAsset;
use Assetic\Asset\GlobAsset;
$js = new AssetCollection(array(
new GlobAsset('/path/to/js/*'),
new FileAsset('/path/to/another.js'),
));
// the code is merged when the asset is dumped
echo $js->dump();
这是一个使用Assetic的例子,当然,这里也有许多命名空间代码,但是这样做是为了避免包之间互相冲突。
PSR-0的命名惯例本质是:
\
下面这个例子是Buzz HTTP包:
$browser = new Buzz\Browser;
$response = $browser->get('http://www.google.com');
echo $browser->getLastRequest()."\n";
echo $response;
看起来像是被美化的file_get_contents(),但是它处理所有类型的智能逻辑,并且在后台处理HTTP Response/Request,你也会发现命名空间语法也不是那么的强烈。
真实的世界
目前,大多数PHP存储依靠主代码库。如果你使用Facebook SDK,例如,你仅仅从GitHub或者zip文件中通过复制粘贴的方式把版本推到你的代码中,然后把它放到你的版本控制系统里面,将会变更。
版本和你的代码只是作为静态文件放在里面,在某种意义上,你可能会忘记升级,如果你关注到Facebook已经发布了一个新版本。最新版本文件会显示在最上面。
使用Composer就无需关注版本变化情况,你只需运行一下更新,那么所有需要更新的都会自动更新。但是为什么还会有大量的代码在你的仓库里呢?你不需要它们在那里吗?
最干脆的做法是添加vendors到你的“Ignore”列表里面(例如gitignore)并且让你的代码完全离开那里。当你在部署代码的时候,你只需运行composer install或者composer update。
如果你想使用更熟练,你可以手动运行整个过程,如果你有云端托管你可以设置hooks,一旦代码发布,就运行。
总结
将来,你将会看到更多的Composer,各种丰富多彩的框架已经开始提供了多种层次的集成。FuelPHP将构建Composer包,CodeIgniter提供自动加载并且已经在Symfony2上广泛使用。
使用Composer添加相关包到你的项目里面是一个很好的方式,无需安装PECLI扩展或者复制粘贴一个系列文件。那种方式已经很过时了,并且还浪费你大量的时间。
How can you protect against Cross-Site Scripting (XSS) attacks related to sessions?Apr 23, 2025 am 12:16 AMTo protect the application from session-related XSS attacks, the following measures are required: 1. Set the HttpOnly and Secure flags to protect the session cookies. 2. Export codes for all user inputs. 3. Implement content security policy (CSP) to limit script sources. Through these policies, session-related XSS attacks can be effectively protected and user data can be ensured.
How can you optimize PHP session performance?Apr 23, 2025 am 12:13 AMMethods to optimize PHP session performance include: 1. Delay session start, 2. Use database to store sessions, 3. Compress session data, 4. Manage session life cycle, and 5. Implement session sharing. These strategies can significantly improve the efficiency of applications in high concurrency environments.
What is the session.gc_maxlifetime configuration setting?Apr 23, 2025 am 12:10 AMThesession.gc_maxlifetimesettinginPHPdeterminesthelifespanofsessiondata,setinseconds.1)It'sconfiguredinphp.iniorviaini_set().2)Abalanceisneededtoavoidperformanceissuesandunexpectedlogouts.3)PHP'sgarbagecollectionisprobabilistic,influencedbygc_probabi
How do you configure the session name in PHP?Apr 23, 2025 am 12:08 AMIn PHP, you can use the session_name() function to configure the session name. The specific steps are as follows: 1. Use the session_name() function to set the session name, such as session_name("my_session"). 2. After setting the session name, call session_start() to start the session. Configuring session names can avoid session data conflicts between multiple applications and enhance security, but pay attention to the uniqueness, security, length and setting timing of session names.
How often should you regenerate session IDs?Apr 23, 2025 am 12:03 AMThe session ID should be regenerated regularly at login, before sensitive operations, and every 30 minutes. 1. Regenerate the session ID when logging in to prevent session fixed attacks. 2. Regenerate before sensitive operations to improve safety. 3. Regular regeneration reduces long-term utilization risks, but the user experience needs to be weighed.
How do you set the session cookie parameters in PHP?Apr 22, 2025 pm 05:33 PMSetting session cookie parameters in PHP can be achieved through the session_set_cookie_params() function. 1) Use this function to set parameters, such as expiration time, path, domain name, security flag, etc.; 2) Call session_start() to make the parameters take effect; 3) Dynamically adjust parameters according to needs, such as user login status; 4) Pay attention to setting secure and httponly flags to improve security.
What is the main purpose of using sessions in PHP?Apr 22, 2025 pm 05:25 PMThe main purpose of using sessions in PHP is to maintain the status of the user between different pages. 1) The session is started through the session_start() function, creating a unique session ID and storing it in the user cookie. 2) Session data is saved on the server, allowing data to be passed between different requests, such as login status and shopping cart content.
How can you share sessions across subdomains?Apr 22, 2025 pm 05:21 PMHow to share a session between subdomains? Implemented by setting session cookies for common domain names. 1. Set the domain of the session cookie to .example.com on the server side. 2. Choose the appropriate session storage method, such as memory, database or distributed cache. 3. Pass the session ID through cookies, and the server retrieves and updates the session data based on the ID.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Linux new version
SublimeText3 Linux latest version
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
Dreamweaver Mac version
Visual web development tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
