Laravel Packages
/
September 18, 2018

Laravel View Models

The Laravel View Models by Brent Roose of Spatie is a package that can move the work you might do in a controller to a “view model”:

Have you ever made a controller where you had to do a lot of work to prepare variables to be passed to a view? You can move that kind of work to a so-called view model. In essence, view models are simple classes that take some data and transform it into something usable for the view.

A view model class is designed to house the complex logic of your views and clean up view-related logic from controllers:

class PostViewModel extends ViewModel
{
    public $indexUrl = null;

    public function __construct(User $user, Post $post = null)
    {
        $this->user = $user;
        $this->post = $post;

        $this->indexUrl = action([PostsController::class, 'index']); 
    }

    public function post(): Post
    {
        return $this->post ?? new Post();
    }

    public function categories(): Collection
    {
        return Category::canBeUsedBy($this->user)->get();
    }
}

The above view model class gets created in the controller:

class PostsController
{
    public function create()
    {
        $viewModel = new PostViewModel(
            current_user()
        );

        return view('blog.form', $viewModel);
    }

    public function edit(Post $post)
    {
        $viewModel = new PostViewModel(
            current_user(), 
            $post
        );

        return view('blog.form', $viewModel);
    }
}

And together, the view model and the controller provide your view with the following abilities:

<input type="text" value="" />
<input type="text" value="" />

<select>
    @foreach ($categories as $category)
        <option value=""></option>
    @endforeach
</select>

<a href="">Back</a>

All public methods and properties in a view model are automatically exposed to the view.

I think this package is an excellent abstraction of this logic, and instead of passing the view model to the view, you can return a view directly like this:

class PostsController
{
    public function update(Request $request, Post $post)
    {
        // …

        return (new PostViewModel($post))->view('post.form');
    }
}

And last but not least, you can expose functions which require extra parameters:

class PostViewModel extends ViewModel
{
    public function formatDate(Carbon $date): string
    {
        return $date->format('Y-m-d');
    }
}

Which you can then reference in your template:

Thanks to Brent Roose and the folks at Spatie for this excellent package! You can access the code and installation instructions from the GitHub repository spatie/laravel-view-models.

Until very recently, very few people actually liked the enterprise software they were forced to use at work, from the technology managers grumbling about extortionist vendors to the end users grappling with user interfaces designed by engineers. That all started to change once the industry began to realize that software could be provided as a service.

As browsers and internet connections became more reliable, software-as-a-service emerged as the modern way to deliver enterprise applications, and the industry hasn’t looked back. Mobile apps accelerated this shift to an even greater degree, and now hundreds of dedicated apps for the different parts of running a business — from sales and marketing to operations and finance — are available for companies to adopt on a trial basis, rather than locking themselves into three-year contracts with indifferent vendors hawking huge, sprawling software suites that companies still had to manage themselves.

But the inherent bargain with this new world is that the SaaS provider is now the one responsible for all of the technical complexity associated with delivering these applications to the end user. And expectations for performance and uptime go up every year alongside demand for new features and potentially game-changing technologies like machine learning.

Doing this right is hard. That’s why we invited five experts who have worked inside the technology organizations behind some of the most widely used and liked enterprise software applications of the day to speak at our 2018 GeekWire Cloud Tech Summit this past June.

Learn what forward-thinking SaaS operations are doing to keep up with customer demand in the sessions below.

Milena Talavera, Senior Engineering Manager, Slack

Slack’s workplace collaboration software has been widely adopted among the tech set, but it has faced scaling issues as more and more users demand more and more of its product. Talavera explained how Slack developed Flannel, an edge caching system that helps the company deliver some of its main product features to end users without delay.

Mark Nelson, EVP of Product Development, Tableau

The “consumerization of IT” is another way to describe some of the changes that have taken place in the enterprise software market as SaaS has taken over. Nelson walked attendees through the history of this shift, and how engineering teams need to have a different mindset to deliver SaaS products compared to traditional IT products.

Susan Galbraith, Sr. Manager of Software Development, Smartsheet

Push notifications are both an absolute necessity and an easy way to drive your users crazy; it’s easy to run into problems getting the balance right. Galbraith showed attendees how Smartsheet built its notification system, and how it supported the back end of the system while using data to get the front end just right.

Bob Karaban, VP of Engineering, SkyKick

Given the scale at which modern SaaS apps can operate, automating as much of one’s technical infrastructure as possible is a smart idea. Karaban discussed how SkyKick has used automation to improve performance and reliability as user demands grow.

Catherine Renwick, VP Platform Engineering at Workday

Workday’s SaaS human resources products are used startups and big companies alike, and the most personal part of a company’s relationships with its employees demands a certain approach. Renwick revealed how Workday’s technical organization focuses on delivering its service as reliably as possible while absorbing feedback from customer behavior on what it needs to improve.

As of July 2018, Google started marking your website as “not secure” for anyone visiting it using Google Chrome. If you don’t want to lose traffic, it’s a good idea to make sure SSL is set up on your site so people can visit it via HTTPS protocol.

Now is the time to set that up; here’s what you need to do.

Note: You may still see your site as “Not secure” after “successfully” installing an SSL certificate. See our troubleshooting tips at the end of this article for that.

Step 1: Grab Your SSL Certificate

According to the Google Developers blog, enabling HTTPS on your website doesn’t only protect the integrity of your data. HTTPS is also a requirement for many new browser features. Not only that, but it makes your visitors feel more secure whenever they visit your site. These are important reasons your site needs an SSL certificate.

Recently, if you open your website using a Chrome browser, you’ve probably seen that big, ugly “Not Secure” message in front of your URL.

That’s not a pleasant thing to see when you’ve invested so much of your time and effort into developing a great website for your visitors.

Before you run out and look for an SSL certificate to buy, make sure you already know where you stand with your current web host.

SSL is fairly simple to set up, but you need to follow the right procedure for your situation. If your web host already offers a free SSL solution, then don’t waste money buying a certificate.

You might also consider reconsidering your choice of web hosts


The Best Web Hosting Services




The Best Web Hosting Services
Looking for the best web hosting service for your needs? Whether it’s for a small blog or a major corporate website, here are our best recommendations.
Read More

.

These are typically the SSL certificate options you have to choose from.

SSL services that offer free SSL certificates often also offer paid ones.

The difference is that most free certificates need to be manually renewed. You can do this via a cron job


How to Schedule Tasks in Linux with Cron and Crontab




How to Schedule Tasks in Linux with Cron and Crontab
The ability to automate tasks is one of those futuristic technologies that is already here. Every Linux user can benefit from scheduling system and user tasks, thanks to cron, an easy-to-use background service.
Read More

, but that’s beyond the scope of this article.

Some web hosts actually offer free management of those cron jobs if you use a service like Let’s Encrypt. SiteGround is one host that does this.

Whichever option you go with, when you order a certificate you’ll see a page like the one below. Both the certificate and the key are a part of the package.

Copy both blocks of encrypted text and save them to a safe place.

Step 2: Install Your SSL Certificate

Most guides that describe how to install an SSL certificate will tell you that you have to have a dedicated IP. This means purchasing a more expensive dedicated hosting plan


What Should You Be Looking for in a Web Host?




What Should You Be Looking for in a Web Host?
Whether you’re creating a new website, or migrating an old one, you need to make sure you’re getting the best deal possible from your chosen web host.
Read More

.

If you have such a plan, and you go into your account you’ll see that you have a dedicated IP associated with it.

If you have a shared hosting plan, where multiple websites share the same server, then you don’t have a dedicated IP that goes with your URL.

Does that mean you can’t install an SSL certificate without a dedicated hosting plan? No. Thanks to a technology called Server Name Indicator (SNI), you can still install an SSL certificate for your site.

If you have a shared hosting plan, ask your web host whether they support SNI for SSL encryption.

To install your certificate, you’ll need to go into cPanel and click on SSL/TLS Manager.

You should see various options for managing SSL certificates.

To install your initial SSL certificate for HTTPS, choose the Install option.

You’ll see the option to choose the domain you’d like to install the certificate onto. Choose the correct domain from the dropdown box.

Next, paste the long encrypted certificate text that you copied when you purchased the certificate.

Then, scroll down and also paste the encrypted text for the Private Key that you copied when you bought the certificate.

Once you save, make sure to go into WordPress and refresh all caching. Also clear your browser cache (press Ctrl + F5).

View your site again by typing the site URL with “https://” in front of it. If all is well, you’ll see the “Secure” status in front of your site URL.

Congratulations! You now have a functioning SSL certificate, and your site can be accessed via HTTPS.

But, you’re not done. If people type in the old URL of your site into their browser, they’ll still see the unsecure version. You need to force all traffic through HTTPS.

How to Enforce HTTPS on Your Site

Your host may actually have a management area set up for you to handle required SSL changes.

For example, Siteground embeds Let’s Encrypt into cPanel. There, HTTPS Settings allow you to turn on HTTP Enforce and External Links Rewrite.

• HTTPS Enforce redirects traffic (like people who only type in the site URL without “https” in front of it, to HTTPS.
• External Links Rewrite modifies external links that start with “http” to “https” so a “Mixed Content” warning doesn’t show up in the browser for your site.

If you don’t have this automated feature with your web host, then you have to do it the manual way.

Browse to the .htaccess file in the root of your web server. Edit it to include the following lines of code.

RewriteCond %{HTTP_HOST} yoursitedomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yoursitedomain.com/$1 [R,L]

Once you’ve saved this change, anyone who accesses your site via HTTP will be redirected to HTTPS.

Problem 1: CDN Images

You’d think at this point that you’re home free. Well think again.

In many cases, your site may come up, but many of the images will appear broken.

This can happen if you’re using a CDN service for your images. This is because all of your images are provided via the unsecured CDN links. Since your traffic is all redirected to use HTTPS, those images can’t load.

There are two methods of fixing this. The easiest is to modify your SSL certificate to use a wildcard. For example if you use Let’s Encrypt, you’ll see the option to use a wildcard in the SSL management page.

A wildcard lets you use your SSL certificate on any subdomain of your site.

Enable this, and obtain the certificate, private key, and CA bundle encrypted texts from the SSL details.

Go into your CDN service. In the example below, I use MaxCDN. You should find an SSL option in the area where you can manage the Zone for your site.

In here, you’ll see fields where you can paste the SSL Certificate and the Private Key.

Use the same encrypted text that you pasted into cPanel previously.

Once you save this, the images should all load properly on your site.

If the SSL service you use doesn’t offer the wildcard option, you’ll actually need to purchase a second SSL certificate for your CDN image assets, and install it using the steps above.

Problem 2: Insecure Links

If you haven’t done anything else to your site except enabled your SSL Certificate and enforced HTTPS, you may still see the “Not Secure” error.

This will even show up when your site loads through HTTPS. The most common cause of this problem is that you still have a bunch of insecure links on your site. This is usually due to links in your sidebar, header, or footer.

Go into WordPress and look through all of your header and footer code, as well as your sidebar widgets. Look for links to services like Gravatar, Facebook, or others.

Change those links to use “https” rather than “http”.

Once you’re finished, clear all caches and reload your site. All issues should be resolved at this point and your site is now fully secure!

Protecting Your Visitors With HTTPS Is Smart

Even though your motivation for doing this may be to boost your SEO, the reality is that you’re also protecting your visitors from any packet sniffing hackers.

This is especially valuable if you ask your visitors for information about themselves like names, addresses, phone numbers, or credit card info.

For a personal website, that’s important enough. But if you’re running a business, you should understand why website security is so important to your business success


5 Reasons Why Website Security Is Crucial for a Growing Business




5 Reasons Why Website Security Is Crucial for a Growing Business
Let’s look at how having strong security standards can help with your growing website’s promotional efforts.
Read More

.

By George Oliveira

Pocket carry is a great alternative when belt-borne holsters aren’t an option. It can be very fast on the draw. Standing around with your hands casually in your pockets is and looks quite natural. Doing so allows you to have a full grip on your pocket pistol and the draw is lightening-quick since your hand is already on your gun.

Pocket carry is also a good choice when hugs and accidental bump-frisks might happen such as at family get-togethers. It’s a great option in non permissive environments since most people don’t expect someone to carry a gun in a pocket and it also makes a great carry method for a back-up gun.

To qualify for service in my pocket, a handgun has to meet four criteria:

1. It must be 100% reliable with carry ammunition. No if, ands or buts. My reliability test is 500 rounds of FMJ ammunition plus 200 rounds of carry ammunition, all run flawlessly. Yes, ammunition, especially carry ammo, is expensive, but failure at the wrong time is much more costly.
2. For me, 9mm is my choice. It’s a formidable caliber, especially with +P or +P+ ammunition, and offers high capacity. I understand that many shooters like even smaller calibers, but 9mm is my personal minimal caliber limit. Your mileage may vary.
3. The firearm’s size must be compact enough to not only fit in the pocket, but small enough to allow it to be drawn from the pocket with a hand wrapped around its grip. The frame can’t be too thick otherwise it could be difficult navigating the pocket opening, and the grip shouldn’t extend beyond the hand as it most likely will snag while being drawn. A pistol with a grip shorter than the hand is wasting valuable ammo-estate. Fill the hand with ammunition!

4. The shape of the rear end of the slide must be angled. A square-edge slide tends to get caught in the corner of the pocket during the draw stroke. That means that the gun shouldn’t get caught in the pocket during the draw even once. When it comes to life-saving tools and techniques, 99.9% success is failure in my book.

Once a pistol passes my four-point test, it comes down to how well it can be shot and its magazine capacity.

Notice that I didn’t include “accuracy.” A firearm can be inherently accurate, but demonstrate reduced practical accuracy. That is, it’s difficult to actually shoot it accurately.

Small revolvers are a good example. They’re very accurate guns, but their short sight radius, minimalistic sights and long, heavy trigger pull make it hard for shooters to attain the level of accuracy that they’re capable of achieving.

With all of that said and done, the last criteria is capacity. The more here, the better. After a gunfight, no one ever said that they wished they had less ammunition.

My pocket carry journey started with lightweight snubbies. Never really enjoying their recoil, I found that I didn’t practice as much as I should with them. It didn’t take too many cylinders worth of shooting for it to strain my wrist.

I tried carrying a heavier gun, a Ruger’s SP101. It’s a great gun and its steel frame greatly reduces recoil to a very comfortable level. I carried a light .38 in one pocket and the SP101 in the other. Surprisingly, I found the extra weight didn’t bother me. The SP101 reigned supreme for me as a pocket gun for several years.

That is, until Smith & Wesson introduced the M&P Shield. The Shield was about the same size as the SP101, lighter, has much better trigger, real sights and offered three extra rounds. What’s not to love? The Shield was my new pocket gun.

It was, until SIG SAUER introduced the P365. Its 12+1 capacity bests the Shield’s 8+1 and it’s even a bit smaller. Wow!

Capacity is where SIG’s new P320 really shines. It comes with two 10-round magazines, one flush and one extended, but, both leave the had unfulfilled. But their optional 12-round magazine fills the hand perfectly without extending beyond the hand’s grasp. Not only does the magazine offer higher capacity, it fits the hand better making it easier to shoot accurately.

What’s really amazing about the design of the P320 is that it manages to packs 12+1 rounds into a package that others only manage to get ten or less into.

I know that the P365 has had its growing pains, in particular, there are several reports of broken strikers. I changed out the factory MIM striker on my pistol with a steel version from Lightning Strike, and tested it extensively with both practice and carry ammo. All seems good, and the P365 is now officially my new pocket gun.

That is until…?