I've hit this a few times and had to remind myself how Postgres behaves when aggregating JSON columns or including them in ROW_TO_JSON. The short answer is that Postgres does the right thing. When a JSON column is included in ROW_TO_JSON or JSON_AGG the resulting values are not nested, encoded JSON. Here's our sample table… Continue reading PostgreSQL’s ROW_TO_JSON and JSON_AGG with JSON Columns
Say there's a Symfony form that requires either one field to be submitted or another field. In this case, it's okay if both are submitted, but at least one is required. I had this exact situation come up earlier this week and all the solutions I found were related to adding validation to models. I… Continue reading How to Require One Symfony Form Field and/or Another
There are two side of the security coin: authentication and authorization. Authentication answers the question of who (a principal) is making the request to a given endpoint. Authorization is what determines if the principal is actually is allowed to do what they are trying to do. If authentication fails, a 401 Unauthorized response should be… Continue reading When to Return a 401 vs 403 HTTP Response
One thing I do pretty consistently when adding something to a web application is design the entity objects first, along with any associated value objects, without really thinking (or caring) about how those entities will be persisted or retrieved. For example, I recently had to design and build an audit log system for a project… Continue reading Design Data First
This article ist mostly about Symfony, but the advice here applies across frameworks. It's easier to define what's shouldn't be injected as a dependency: things global to the framework or the application being built. A form system is something global to the framework/application. Should the FormFactory be injected into every controller? How about templating? Should… Continue reading What Dependencies Should be Injected into a Controller?
Specifically inversion of control is about not making a choice in one place and forcing that choice to be made elsewhere. Take a library that talks to a database. Should that library make a choice on how to connect to the datatabase? If it does, that's a huge set of things to support and more… Continue reading Inversion of Control is About Choice
What happens when an INSERT ... ON DUPLICATE KEY statement is followed by LAST_INSERT_ID() when an update is made? Does LAST_INSERT_ID() return the ID of the row updated? MySQL's documentation on INSERT ... ON DUPLICATE KEY states that... If a table contains an AUTO_INCREMENT column and INSERT ... ON DUPLICATE KEY UPDATE inserts or updates… Continue reading How do MySQL’s LAST_INSERT_ID() and INSERT … ON DUPLICATE KEY Work Together