Mohammad Daneshmand’s Post

Laravel Tips & Tricks Sometimes we need to dispatch events after database changes, as shown in this picture. The Problem: If something goes wrong and the transaction rolls back, the event has already been dispatched. There are several solutions for this issue: One: add public $afterCommit = true; in PaymentNotification class Two: use afterCommit like this: DB::afterCommit(function () use ($order) {      PaymentNotification ::dispatch($order); // Only runs after successful commit }); Three: Dispatch the event outside the DB::transaction block: but first you need to check if order successfully updated My recommendation: solution one is the cleanest and most Laravel-idiomatic approach #Laravel #php #tips #tricks #coding #bug #solutions

PHPUnit, INI Injection, CVE-2026-24765 (Critical) How CVE-2026-24765 works: PHPUnit forwards PHP INI settings to isolated child processes using `-d name=value` command-line arguments without sanitizing INI metacharacters. The PHP INI parser treats `"` as a string delimiter, `;` as comment start, and newline `\n` as a directive separator. An attacker who controls a single INI value (e.g., via `` in phpunit.xml, inherited ini_get_all(), or environment) can embed a newline followed by arbitrary INI directives....

PHPUnit, INI Injection, CVE-2026-24765 (Critical) How CVE-2026-24765 works: PHPUnit forwards PHP INI settings to isolated child processes using `-d name=value` command-line arguments without sanitizing INI metacharacters. The PHP INI parser treats `"` as a string delimiter, `;` as comment start, and newline `\n` as a directive separator. An attacker who controls a single INI value (e.g., via `` in phpunit.xml, inherited ini_get_all(), or environment) can embed a newline followed by arbitrary INI directives....

A string is not an Email. An integer is not a Price. 🛑 One of the most common "code smells" I see in senior-level reviews is Primitive Obsession. It's the habit of using basic data types to represent complex domain concepts. Why is this a problem? Validation sprawl: You check for valid formats in 10 different places. Type Safety: You can't distinguish between a $userId and a $productId (they are both just ints!). Logic Leakage: Your business rules end up in your Controllers instead of your Models. The fix? Value Objects. 💎 By encapsulating the data AND the rules in a dedicated class, your code becomes self-documenting. It’s a small change that leads to a massive leap in maintainability. Are you a fan of Value Objects, or do you think they add too much "boilerplate" for simple projects? Let's discuss in the comments! 👇 #SoftwareEngineering #Refactoring #CleanCode #PHP #PHP8 #WebDevelopment #Laravel #Symfony

Mastering Test-Driven Development with PHP 8 Embark on a structured learning journey, starting with setting up your PHP 8 testing environment and understanding the core principles of TDD using PHPUnit and Composer. You will then learn about writing tests for fundamental PHP concepts, including functions, file system operations, array handling, and web interactions like forms and sessions. Through the practical exercise of building a book registration application, you will learn to apply TDD with different data storage solutions, from simple file systems to relational databases (MySQL) and document databases (MongoDB). Progressing further, you will discover how to implement TDD in object-oriented PHP 8, covering design patterns, database interactions with PDO, API development, and even exploring testing considerations for security, authentication, and authorization. https://lnkd.in/djExDUbM #book #php #tdd #test #webprogramming PHP PHP Conference Brasil ConFLOSS SouDevCon BPB PHPUnit

🔗 The "new" keyword is killing your code. Every time you write: class UserService { public function __construct() { $this->db = new Database(); } } You're hardcoding a dependency. Now your class: → Is impossible to test → Can't use different implementations → Is tightly coupled to Database Instead, inject dependencies: class UserService { public function __construct( private DatabaseInterface $db ) {} } Now you can: ✅ Swap implementations (mock for tests, real for prod) ✅ Test in isolation ✅ Keep classes flexible ✅ Change databases without rewriting code This is fundamental. Most PHP frameworks handle this automatically. But understanding it makes you a better developer. Stop using "new" inside your classes. Have you refactored code to use DI? 👇 #PHP #SoftwareArchitecture #Testing #CleanCode #WebDevelopment

🛠️ Code Smell: Divergent Change (The "Jack of All Trades" Class) Divergent Change occurs when one class is commonly changed in different ways for different reasons. This is a direct violation of the Single Responsibility Principle (SRP). The Symptom You find yourself editing the same Product class whether you are changing the tax calculation logic, the JSON export format, or the database persistence layer. 🚀 Why it Matters Reduced Side Effects: Changing the JSON format won't accidentally break your tax logic. Easier Testing: You can test TaxCalculator in isolation without mocking a giant Product object. Clarity: New developers immediately understand where specific logic lives. Stop making your classes " Swiss Army Knives." If it does too much, it's time to extract. 🛠️ #PHP #CleanCode #Refactoring #SoftwareArchitecture #CodingTips #Laravel #Symfony #Yii #codeigniter

#AppDevPanel - Universal #PHP Debug Panel for #Symfony, #Laravel, #Yii & any PSR framework. Stop switching between Telescope, Profiler & Clockwork. One install, one UI, all frameworks #opensource #webdev #debugging ⚡ 30 auto-collectors: SQL with EXPLAIN, HTTP requests, logs, events, cache, mail, queues & middleware - zero config, just install & go 🔬 28 live inspector pages: DB schema browser, Git management, test runner, route explorer, CLI execution - all from the browser, no SSH needed 🛠️ Code generation with diff preview, cURL builder from captured requests, one-click request replay, VS Code-style command palette (Ctrl+K), built-in Swagger UI & dark/light theme with PWA offline support 🌐 Language-agnostic API (#OpenAPI 3.1) - send debug data from #Python, #NodeJS or any language via REST. Debug multiple apps from one panel with the built-in service registry 📱 #React 19 frontend with #TypeScript, fuzzy search across keyboard layouts, #PHP 8.4+ with 40+ API endpoints. 100% free & #opensource forever (BSD-3-Clause). Install via #Composer in seconds https://lnkd.in/d47fPYf8

This is why your data randomly breaks. You delete a user. Everything looks fine. Until later you start seeing: orphaned records broken relations weird bugs in production And it usually comes from this: $table->foreignId('user_id')->constrained(); No delete behavior defined. Laravel gives you control: $table->foreignId('user_id') ->constrained() ->cascadeOnDelete(); Or: $table->foreignId('user_id') ->nullable() ->nullOnDelete(); Not defining this is not “fine”. It just delays bugs until production. Do you always define delete rules? Or only after something breaks? #Laravel #PHP #WebDevelopment #Programming

I built a free developer toolkit. Codelehihoo is a suite of free browser-based developer tools. Code and data formatter, generate mock data, test regex, convert colors, decode JWTs, compare diffs — all the small utilities you reach for daily. A few highlights: Auto-detect language and beautify for JSON, SQL, XML, HTML, CSS, YAML, Markdown, JS, and TypeScript JSON table view — paste or generate an array of objects and instantly browse it as a paginated, sortable, filterable table Color picker with live conversion between HEX, RGB, HSL, OKLCH, and Tailwind CSS classes Type/schema generation in 10 languages (TypeScript, Zod, Yup, Go, Java, Kotlin, Python, Rust, GraphQL, JSON Schema) Mock data generator with Faker.js presets and custom templates cURL to code converter (Python, JS, Go, Java, PHP, Ruby, C#) Password generator with entropy scoring and crack time estimates Check it out: https://lnkd.in/eF2iGEjj If you find it useful, I'd love to hear which tools you use most. #webdev #developer #tools #react #javascript #typescript