How to easily access private properties and methods in PHP using invader
https://freek.dev/3048-how-to-easily-access-private-properties-and-methods-in-php

https://redd.it/1rrne9p
@r_php

A server side analytics tool for Laravel
https://simplestats.io/blog/server-side-analytics-laravel

https://redd.it/1rrrhmc
@r_php

99.9% type coverage, PHPStan strict, zero N+1 — building a production CRM in PHP 8.4

Hey r/php, I just shipped v3.0 of an open-source CRM I've been building (Relaticle). Wanted to share some PHP-specific engineering decisions, since this community appreciates that kind of thing.

PHP 8.4 strict mode in production: Every class is final. Every file uses strict_types. Typed properties and return types everywhere:

declare(stricttypes=1);
final class People extends Model implements HasCustomFields
{
/** @use HasFactory<PeopleFactory> */
use HasFactory;
use HasUlids;
use SoftDeletes;
use UsesCustomFields;

/** @var list<string> */
protected $fillable = ['name', 'creationsource'];

/ @return BelongsTo<Company, $this> /
public function company(): BelongsTo
{
return $this->belongsTo(Company::class);
}
}

Spatie's laravel-data for typed DTOs:

final class SubscriberData extends Data
{
public function __construct(
public string $email,
public ?string $first_name = '',
public ?string $last_name = '',

# PHP 8.4 with strict_types everywhere is genuinely a joy to write. The language has come so far.

99.9% type coverage: I run PHPStan at level 7 (via Larastan). Every method signature is typed. Every return type is explicit. CI fails on any violation — no exceptions, no baselines.

/ @param Collection<int, Contact> $contacts /
public function processImport(Collection $contacts): ImportResult
{
}

# Is it overkill? Maybe. But in a CRM where data integrity matters (contacts, deals, money), catching type mismatches at static analysis time is cheaper than catching them in production.

N+1 query prevention: One line in AppServiceProvider:

Model::preventLazyLoading(!app()->isProduction());

# Strict lazy loading enabled globally. Forget an eager load? Exception in development. This alone caught 10-20 performance issues before they shipped.

PostgreSQL over MySQL: Migrated from MySQL to PostgreSQL 17+ in v3.0. Key reason: JSONB. I built no-code custom fields — users create fields without touching code. All stored as JSONB with GIN indexes:

-- PostgreSQL JSONB with proper indexing
CREATE INDEX idxcustomfields ON contacts USING GIN (customfields);
-- Partial path queries that MySQL JSON can't do efficiently
SELECT * FROM contacts WHERE customfields->>'industry' = 'SaaS';

# MySQL's JSON type can't do proper indexing or partial path queries at this level. For a CRM with dynamic schemas, PostgreSQL is the better fit.

Testing with Pest: Comprehensive test suite — unit, feature, and browser tests. Pest's syntax makes test writing feel less like a chore:

arch('strict types')
->expect('App')
->toUseStrictTypes();

arch('avoid open for extension')
->expect('App')
->classes()
->toBeFinal();
});

# Architecture tests prevent structural issues at CI time. If someone accidentally breaks a convention, CI catches it.

Import wizard (the hardest problem): Real-world CSVs are chaos:

Automatic date format detection (uses Laravel's date validator under the hood)
Fuzzy + exact column matching
Relationship mapping (person → company linkage)
Chunked processing for large files
Granular error reporting (which rows failed, why) If anyone's solving CSV import in PHP, happy to discuss approaches.

Stack:

PHP 8.4 + Laravel 12
PostgreSQL 17+ + Redis
Filament 5 + Livewire 4
Docker + docker-compose Links:
GitHub: https://github.com/Relaticle/relaticle (1.2K stars)
Free hosted: [https://relaticle.com](https://relaticle.com) (no credit card)
License: AGPL-3.0. For internal use — no restrictions.



What PHP 8.4 features have you found most useful in production? Curious what patterns this community is adopting

https://redd.it/1rru8yy
@r_php

Appel à settings/password depuis mon front SPA Nuxt

Hello,

mon front SPA Nuxt fait un appel PUT à l'endpoint de Laravel Fortify /settings/password lorsque le user connecté veut modifier son mot de passe depuis son dashboard. Le mot de passe est bien enregistré mais la réponse est une redirection alors que je veux que ce soit une réponse JSON avec un message de succès ou d'erreur.
Comment faire ?
Merci

Voici mes bouts de code:

Fonction appelée par le formulaire:

const resetPassword = async () => {
loading.value = true

try {
const data = await api('/settings/password', {
method: 'PUT',
body: {
currentpassword: currentPassword.value,
password: password.value,
passwordconfirmation: passwordConfirmation.value,
}
})
status.value = 'success'
message.value = 'Mot de passe modifié avec succès'
currentPassword.value = ''
password.value = ''
passwordConfirmation.value = ''
} catch (err: any) {
console.log(err);
status.value = 'error'
message.value = err.data?.message || 'Une erreur est survenue'
} finally {
loading.value = false
}
}

Le composable useApiFetch:

export function useApiRequest() {
const config =
useRuntimeConfig
()
const xsrfToken =
useCookie
('XSRF-TOKEN')

return
$fetch
.create({
baseURL: config.public.apiBase,
credentials: 'include',
headers: {
'Accept': 'application/json',
'X-XSRF-TOKEN': xsrfToken.value || '',
},
})
}

La Response de l'appel à l'endpoint contient un Header Location qui entraîne la tentative de redirection.




https://redd.it/1rrxwgz
@r_php

Livestream: Road to Laracon with Aaron Francis and Zuzana Kunckova

I often see people asking about getting started with conference speaking and eventually speaking at larger conferences like a Laracon, so I figured it was time to actually dig into it.

Tomorrow (3/12) at 12pm EDT (4pm UTC), I'm going live with Aaron Francis and Zuzana Kunckova to talk about the road to conference speaking. We'll be covering where talk ideas come from, CFP submissions, what goes into preparing a talk, and working your way up from meetups to a Laracon. Aaron and Zuzana will also be sharing their own paths to the Laracon stage.

Would love to see you there! Drop any questions here ahead of time or ask in chat during the stream.

Stream link: https://www.youtube.com/watch?v=FuQjSPBIHlo

https://redd.it/1rr61vr
@r_php

Why Array String Keys Are Not Type-Safe in PHP And What Will PHPStan Do About It
https://phpstan.org/blog/why-array-string-keys-are-not-type-safe

https://redd.it/1rxze5d
@r_php

AuditTrailBundle: symfony profiler support

AuditTrailBundle now includes a Symfony Web Profiler integration, allowing developers to inspect audit logs recorded during a request directly from the debug toolbar and profiler panel.

The integration is fully optional — the collector is only registered when WebProfilerBundle is present, so there is zero overhead for applications that don't use it.

Looking for early community feedback: is this a useful addition, or does the Doctrine profiler panel already cover your needs? Would love to hear from anyone who has worked with audit logging in Symfony before shipping this.

https://preview.redd.it/sxtoxhwxb1qg1.png?width=1221&format=png&auto=webp&s=f6892f51bfecd5d9a7d1a58ad8824aca7e81f2bc



https://redd.it/1ry6lgw
@r_php

How far can $5 of free trial credit last on Laravel Cloud?
https://youtu.be/kcvi5Tzd6Ms

https://redd.it/1rydsbo
@r_php

Typewriter - GraphQL code generation tool for PHP
https://github.com/plmrlnsnts/typewriter

https://redd.it/1ryr3pp
@r_php

PSL 6.1: HTTP/2, HPACK, Compression, and Cache
https://github.com/php-standard-library/php-standard-library/releases/tag/6.1.0

https://redd.it/1ry6m7y
@r_php

Best AI Models with Laravel
https://laravel.com/blog/which-ai-model-is-best-for-laravel

https://redd.it/1ry40v1
@r_php

Laravel Nestedset: Effective tree structures for SQL databases

Version 7.1 of the aimeos/laravel-nestedset package for managing trees using nested sets is now available. It's an improved version of the popular kalnoy/nestedset package which, unfortunately, has been virtually abandoned by its owner.

Repo: [https://github.com/aimeos/laravel-nestedset](https://github.com/aimeos/laravel-nestedset)

The 7.1 release contains:

Support for Laravel 13
Implemented siblings relation
Delete descendants correctly
Fixed infinite recursion with serialization
Tests for all supported databases

To dig deeper into the package, please check:

https://laravel-nestedset.org

If you like our package, leave a star :-)

https://redd.it/1ryubp5
@r_php

Who's hiring/looking

This is a bi-monthly thread aimed to connect PHP companies and developers who are hiring or looking for a job.

Rules

No recruiters
Don't share any personal info like email addresses or phone numbers in this thread. Contact each other via DM to get in touch
If you're hiring: don't just link to an external website, take the time to describe what you're looking for in the thread.
If you're looking: feel free to share your portfolio, GitHub, … as well. Keep into account the personal information rule, so don't just share your CV and be done with it.

https://redd.it/1rxvavn
@r_php

What would you do if you had to quickly review the basics of Symfony?

I have an interview coming up, which will likely include a bunch of questions and coding in the context the Symfony framework.

I've been working with a piece of software written on top of Symfony for the past two years so I'm not starting from zero by any means. However, there are definitely subsets of Symfony that I've been exposed to more than others.

Ideally, I would want to have a good coverage of all underlying concepts that are actually relevant and being actively used in development, without having to read through the entire docs.

How would you approach a situation like this? Are there any good up-to-date study plans that cover all relevant aspects in a sufficient depth.

It's worth noting that I'm more or less fluent in php itself.

Any help is greatly appreciated.

Kind regards



https://redd.it/1rycbp5
@r_php

⚡ NativePHP for Mobile v3.1: The Biggest Performance Leap Yet
https://nativephp.com/blog/nativephp-v31-the-biggest-performance-leap-yet

https://redd.it/1ryy5jb
@r_php

Wondering if an AI agent such as Claude can help me update an older website

I'm helping a small company that has a heavily customized Opencart 2.0 site that won't run on anything beyond php 5.6.

I looked at the code thinking that maybe I could just upgrade it but it would be a monumental task given the extent of customizations.

I've always hand-coded everything I've built and never used an AI agent to help me with programming tasks. I was an old-school StackOverflow kind of person.

This is way too much for me, however.

Any thoughts on using an AI agent such as Claude (or others) to run through the code and make it compatible to run on php8+?

I appreciate any advice. Thanks in advance.

https://redd.it/1ryivrn
@r_php

Policies vs. Gates: When to Use Which
https://slicker.me/laravel/policies-vs-gates.html

https://redd.it/1rz6vmv
@r_php

Make your Domain speak the business language
https://medium.com/@dariuszgafka/make-your-domain-speak-the-business-language-cc8bd3acf4fc

https://redd.it/1rz9i3v
@r_php

Perfex CRM <=3.4.0 allows unauthenticated RCE via insecure deserialization
https://nullcathedral.com/posts/2026-03-16-perfex-crm-unauthenticated-rce-insecure-deserialization

https://redd.it/1rzfnk1
@r_php

What are your must-have composer plugins?

Just recently held the power of Composer plugins. Personally the Composer Upgrader to upgrade all libraries is a life saver, with Rector to upgrade the code and Mago for the rest.

https://redd.it/1rzizui
@r_php

I've been maintaining a small Forge app for 9 years. Here's what that's been like

I always wanted to be an indie developer. My first product was GitFTP Deploy, a tool for deploying via FTP released in 2015. It grew slowly. I got featured on CSS-Tricks which felt huge at the time, but it was a gradual thing: a sale here, a nice email there.

F-Bar was the complete opposite. While developing I posted a screen screenshot on Twitter late at night in February 2017, a trip to the bathroom, and when I came back my phone was buzzing. Taylor Otwell had retweeted it. Suddenly I had a buzz and traction even before it was released, I rushed to get the product out the door.

The early days were so much fun. Got some features on different Laravel outlets and I am greateful for this. Also, support emails started coming in and I would fix bugs the same evening, push an update, and get a thank you back within a couple of hours. I got a bit hooked on it, honestly. I learned more about building products in those first months than from any course or blog post.

I'm not naturally someone who puts himself out there. But getting something you made in front of people and having them actually care, that's hard to beat. I went to Laracon EU and people knew what F-Bar was. People came up and said they used it every day. For a solo developer from Sweden, that meant everything. People were very kind to me.

Over the years Laravel Forge evolved. Redesigns, new features, new hosting providers. The landscape around it changed too: more alternatives, serverless, new ways to deploy. Through all of it I kept adapting F-Bar.

I never made much money from it. It was a one-time purchase, and honestly most months I probably used it more than anyone. But I kept going because I use it every day and because people kept emailing me every now and then saying they relied on it.

It's a different kind of ownership than my day job. At work a bug is a ticket. With F-Bar, a nasty email hits different. When it's your product, your name on it, your decision to charge, it's personal in a way that employment never is.

I heard rumors that Forge had plans on retiring the old API, but I kept procrastinating until end of last year when I saw there was a hard date. No patching this time. I ended up rewriting large parts of it. Once I started, it just kept growing.

For the first time in nine years I moved to a subscription. That was not an easy decision. Some users were not happy. Existing users got grandfathered in, but a few still thought I was just slapping a paywall on the same app. I was so eager to ship that my communication was behind and the messaging didn't explain the why clearly enough.

I imagined this would be my living. It wasn't. But being in charge of the whole thing, the code, the design, the support, the decisions, there is nothing else like it.

Still here. Still using it every day.

https://redd.it/1rzlmrf
@r_php