Unsafe SQL functions in Laravel

Recently the folks from Spatie released a security update for their laravel-query-builder package. Turns out it was vulnerable to SQL Injection. At the core of the vulnerability is the fact that Laravel offers a shorthand for querying only certain fields of JSON data, but that these do not get escaped when converted to a json_extract […]

bramus/enumeration – A Package to work with Enumerations in PHP

Earlier this week I released a new package on Packagist. It’s a Package to work with Enumerations in PHP, named bramus/enumeration. The package is my own take on Enumerations in PHP, which grew over time. 👨‍💻 Looking back at the code that eventually would form the basis for this package, I can see – thanks […]

php-timecop – A PHP extension providing “time travel” capabilities

Now this looks handy, especially when you’re writing/testing code that’s dependent on the system’s time: php-timecop is a PHP extension providing “time travel” and “time freezing” capabilities Freeze time to a specific point. Travel back to a specific point in time, but allow time to continue moving forward from there. Scale time by a given […]

Tools to automatically format PHP, JavaScript and CSS files

Good writeup by Freek on how to get PHP-CS-Fixer and Prettier up and running. When working on a project with other people, it’s important to pick a coding standard. Agreeing on a coding standard makes the code more readable for all developers that need to touch the project. It’s easy to make mistakes against those […]

Laravel Valet Environment Variables

To set/override Environment Variables in Laravel Valet, one had to manually edit the Nginx config files and restart Nginx after doing so. With the release of Laravel Valet 2.1.6 this is no longer needed: Valet 2.1.6 contains a merged PR that provides built-in support for an specific file named .valet-env.php in which you can set […]

Fixing the valet share 301 Redirect Loop

One of the nice things of Laravel Valet is that it includes an easy way to make your local site available publicly. For this it has the aforementioned Ngrok built-in. To use it, just run the valet share command, and your local site will be shared through a *.ngrok.io subdomain. However, when combining valet share […]