Earlier this year Troy Hunt released version 2 of his popular Pwned Passwords API service. The new version comes with even more compromised passwords and a more secure way to query the password API that doesn’t require sending plain text passwords over the network.

The API update comes at a good time. When NIST updated its password guidelines in 2016, it included a new recommendation to check “memorized secret verifiers”, or passwords, against known data breaches:

When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised. For example, the list MAY include, but is not limited to passwords obtained from previous breach corpuses.

Since the API release, the community has created API wrappers in many of our favorite programming languages. In this post, I round up the libraries in 7 languages ...

A deploy process should provide consistency, incorporate tests, and utilize a multi stage deploy process to protect your production server, provide useful logging, catch breaking changes quickly, and integrate smoothly with your version control software.

There are a few options available for managing a deploy process like this. Many of these are managed services which means much of it is opaque and outside your control. If you’re like me, you’d rather have total access to and control of your deploy chain. The best option for control freaks like us, is Jenkins.

This post will walk through creating a dedicated Jenkins server and setting it up with an SSH key on your GitHub account.

Tools

Moving forward this post will assume a few things about you and your project:

• Your projects host their repositories on GitHub.
• You have a DigitalOcean account. You can create one here.
• You have some ...

In this post we’ll learn how to verify phone numbers with Twilio in a Symfony project. We will discover how to model and validate a user’s phone number, and then use Twilio’s PHP SDK to create a call flow where the user has to enter a 6 digit code to verify themselves. The frontend view will provide a form to capture their number, displaying further instructions or validation errors, and then seamlessly redirect the user to another page once they’ve been verified.

If you need a refresher on Symfony, check out creating a Symfony 3 project with basic user handling. Those of you who don’t use Symfony should be able to carry the core ideas across to your framework of choice. Knp University’s screencast on Joyful Development with Symfony 3 is also helpful for starting a new project.

Check out this example project on ...

In this tutorial, we’ll walk through on how to set up receiving SMS in WordPress with a PHP plugin. When the plugin is installed you will be able to respond to SMS and handle two-way messaging in your WordPress sites.

Prerequisites

• A ready WordPress installation. If you do not have one set up, here are the installation instruction.
• A Twilio phone number. You can use an existing phone number or purchase a new one from the Twilio Console.

Our two-way messaging project

When you send out SMS to your users, there is a chance that some users might reply to your SMS. When a user replies, the message is received by your Twilio number, Twilio will make an HTTP request to the message URL configured for that number. In your response to that request, you tell Twilio what to do in response to the SMS using Twilio’s subset ...

User handling is a fundamental part of a ton of web projects.  This post will walk through how to get setup using the Symfony 3 framework and the Friends of Symfony bundle so that your project can allow users to register, login and out, and view and edit their User profile.  The steps here will serve as a great starting point for your next web project.

Assumptions

This post will assume you have already set up a couple of things:

• LEMP or equivalent development environment

• make sure you have a working database user and password – you will need to input these during the install process

• global install of Composer

Install Symfony Standard Edition

The install command will create a new folder and build the project within it. Inside the directory where you would like to place your project folder run the following command:

composer create-project symfony/framework-standard-edition UserLove

Interactive Install ...

Writers want to stay in touch with their readers. Sending bulk SMS is a great tool to have in your toolbelt. Let’s build a WordPress plugin in PHP so you can send text messages to readers about topics they care about.

WordPress Plugins

Plugins let you extend and add functionality to your WordPress site. Since we are adding an entirely new function to WordPress, we have to use a plugin to achieve this.

First, we need to install WordPress if you haven’t already. You can download and install one locally by following the installation instructions here. I have my WordPress installation path as localhost/sendex/. I’ll be using it as my reference all throughout this tutorial.

Once you are done with the installation, log into your WordPress admin dashboard. This is where we will be working from now on. The admin dashboard should be localhost/sendex/wp-admin ...

Make sure your subscribers see every post by offering instant SMS notifications when you publish new blog posts in WordPress.

At the end of this project, you will have a custom WordPress Plugin that allows:

1. WordPress users to have a “Mobile Phone” field in their profile to sign up for notifications
2. posts to automatically send a notification message to every subscriber who signs up

If you’re in a hurry, you can find the almost-ready code on GitHub, just drop in the latest Twilio PHP Library and update your Twilio variables in sms-notify.php.

Setup

You will need to already have a WordPress Blog running to build this plugin.

In your WordPress directory, go to wp-content/plugins and make a directory called sms-notify. Inside that directory, make a file named sms-notify.php. In this file we’ll start with some plugin metadata. This is what WordPress reads to ...

Have you ever needed to pull some data from a Google Spreadsheet? My default in the past would be to export the data and upload it to the app directly, but it turns out it’s not very difficult to read directly from Google Spreadsheets using the Google Drive API.

In this tutorial, we’ll read, write, update, and delete data from a Google Spreadsheet with just a few lines of PHP.

I’ve spent a lot of time recently working with tech activism groups, and one piece of data folks often want to work with is legislators’ contact information. Let’s take this spreadsheet with the contact information for all United States legislators. Make a copy of this spreadsheet in your own account and we’re ready to go.

Getting Your Spreadsheet Ready for Programmatic Access

By default, a new spreadsheet cannot be accessed via Google’s API. We ...

So you want to build a Slack bot using PHP? You’re in the right place. This blog post will walk you through building your first Slack bot using PHP in 5 minutes. The clock is ticking, let’s get started.

Creating Our Bot

Before we write any code, we need to configure our Slack bot within our Slack team. Head over to https://[yourslackteam].slack.com/apps/build/custom-integration and then click “Bots”.

Give your bot a clever name. Or if you’re lacking inspiration feel free to use something simple like ‘php_bot’ and then click “Add Integration”.

The next page will give you an API token which you’ll want to keep handy. We’ll be making use of it shortly.

Using RTM with PHP using slack-client

Our bot will use Slack’s Real Time Messaging (RTM) API. In order to use RTM with PHP we will use ...

Time kills all deals, but so do faulty VoIP connections.
 
“Every damn time! Every time we were closing the deal, we’d have some interruption or the connection would break down or lag. By the time they’d call back, the customer changed their mind.” says Costin Miu
 
Costin previously used Skype to manage sales calls for his e-commerce website. But, when he wasn’t near his computer, he would have to rely on whatever data connection he had available. And even if he was at his computer to answer a call, he’d suffer delays or dropped calls. It wasn’t good for business. As a dyed-in-the-wool engineer, he set out to fix his problem with code along with his friend Georgi. They chose Twilio as their weapon of choice.
 
Costin and Georgi’s solution is an iOS app, Holonumber. The app gives anyone a reliable secondary line for ...