I am trying to install "Krumo"
It says there are two ways to install, I tried the first one (download the PHP file and include it into my project) and it worked fine.
Now I am trying the second way (using composer).
Bunch of questions emerge at the second I see it.
Where to run this command?
Is it equivalent to downloading the "class.krumo.php" file and other skin files to the current folder?
Do I still need to include the file in my PHP?
Or, maybe through running this command, krumo becomes a built-in function of PHP on my machine (so I can use it "out-of-box" on any PHP file)?
I managed to find that this install command doesn't actually work (probably outdated), and found out that I had to run composer require kktsvetkov/krumo. I did so and got this:
It seems to me it is finally installed. Under the folder there are only two files added "composer.lock" and "composer.json", the class.krumo.php file is nowhere to be found, and of course calling krumo() in a test PHP file throws the error call to undefined function krumo.
I need a big picture of how composer packages work.
First, you need to understand what composer is. It's a "dependency manager". So it manages your application dependencies, basically the libraries your application needs to work.
It does so recursively. So if your application requires NiceDependency to work, and NiceDependency in turn requires AnotherNicePackage, it installs both. It deals also with conflict resolution (when one of your dependencies requires something that's not compatible with something that another of your dependencies require).
The file where your dependencies are declared is composer.json.
So when you run composer require [some-vendor/some-package], a few things happen behind the curtain. Simplifying things a lot:
If your composer.json file doesn't exist, it will create it.
It will try to find your dependency in the central repository (packagist.org)
If found, it will download the package and store it in the vendor directory.
It will update your composer.json it to add your dependency to the require key.
In the process, it will resolve all the nested dependencies and do the same for those.
When it's done, it will also create a composer.lock file.
This "lock" file stores a frozen snapshot of all the references to all the packages that were actually installed. This is necessary because when you declare your dependencies you can define a range of versions (e.g "anything greater or equal than version 2.2; but lower than version 2.3"). Your composer.lock would store the specific version that's actuall installed (e.g. "version 2.2.4").
Later, if someone got your project files and executed composer install, the lock file would be read so they installed exactly the same files as you did.
(require adds a dependency to your project's composer.json file; install reads your composer.json and composer.lock files and sets up a project from there; there is also a update command that would read only composer.json, download the latest available packages respecting to the version restrictions in each dependency, and update `composer.lock accordingly)
Additionally, composer helps with autoloading, to make the process of actually using the installed libraries easier and faster for developers.
Autoloading is very convenient. Not only you no longer have to add a require someclass.php; statement for each class you want to use, but you also gain the advantage of not having to read these files until they are actually needed.
So not only it simplifies using these new classes, it helps making your application perform better.
For this, inside the vendor directory a file named autoload.php is created. Typically, you need to require this file as the first thing you do on your application entry point.
For example, assuming you have a structure like this:
- project root/
--- composer.json
--- composer.lock
--- vendor/
--- public/
----- index.php
Your index.php file should read:
// public/index.php
<?php
require('../vendor/autoload.php');
This would allow you to use any installed library normally. In the case of the tool you want to install:
// public/index.php
<?php
require('../vendor/autoload.php');
$a = [
'foo' => 'bar',
'baz' => [1, 2, 3],
'xxx' = false
];
krumo($a);
As a side note, that library seems to be quite old. I'd try to get something a bit newer. I'd recommend Symfony's VarDump component.
And no, it is not a particularly friendly "newbie" tool. It helps dealing with a lot of things, but it's mostly aimed to slightly more advanced users, since it helps solving issues that aren't so significant in starter/very simple projects.
Related
I'm trying to install the Coinbase PHP API but it requires Composer:
https://github.com/coinbase/coinbase-php
I'm looking for a universal PHP solution (perhaps a function) to let me install composer packages directly onto my server, without having to use Composer.
I think the developers of Composer believe they are helping people, but actually there are thousands of beginner developers that are being locked out of learning web development by the 'Composer barrier'.
It would really help if there was a flexible solution or some approach where we could install without Composer? How can I do this?
Please don't respond with some sarcastic comment. There are people that don't want to use Composer and I don't see why we should be herded into a specific third-party software in order to do web development.
You can try https://php-download.com/ which can help you download all dependency most of the time along with vendor folder. It promises composer not required.
Tried it myself. It finds and creates all required folders and zips it for download. Works perfectly !!
The composer.json file lists the dependencies. In your example:
"require": {
"php": ">=5.5.0",
"guzzlehttp/guzzle": "^6.0",
"psr/http-message": "^1.0",
"psr/log": "^1.0"
},
You must then find the corresponding packages in the packagist site. Repeat the same process for each dependency: find additional dependencies in their corresponding composer.json files and search again.
When you finally have a complete list of the required packages, you only need to install them all one by one. For the most part, it's just a matter of dropping the files somewhere in your project directory. But you must also ensure that PHP can find the needed classes. Since you aren't using Composer's auto-loader, you need to add them to your own custom autoloader. You can figure out the information from the respective composer.json files, e.g.:
"autoload": {
"psr-4": { "Coinbase\\Wallet\\": "src/" }
},
If you don't use a class auto-loader you'll need to figure out the individual require_once statements. You'll probably need a lot of trial and error because most library authors won't care documenting that.
Also, and just in case there's confusion about this:
Composer has an official GUI installer for Windows and a copy and paste command-line installation procedure for all platforms.
Composer can be run locally and its output just uploaded elsewhere. You don't need SSH in your shared hosting.
The command needed to install a library can be copied and pasted from the package web site—even if the package maintainer didn't care to document it, packagist.org generates it by default.
Composer is not perfect and it doesn't suit all use cases but, when it comes to installing a library that relies on it, it's undoubtedly the best alternative and it's a fairly decent one.
I've checked other answers that came after mine. They mostly fall in two categories:
Install a library and write a custom download script with it
Use an online web based interface for Composer
Unless I'm missing something, none of them address the complaints expressed by the OP:
Learning curve
Use of third-party software
Possibility to develop right on the server (using SSH, I presume)
Potentially deep dependency tree
I'm using shared hosting for a website and can't execute commands there. Aside from running composer via php script request that I request via browser, I usually use this workflow:
Make sure you have php installed locally.
Make directory on desktop.
download composer.phar from https://getcomposer.org/download/ (under header *Manual Download) and place it in the directory.
make a file composer.json paste in it the following contents
{
"require": {
"coinbase/coinbase": "~2.0"
}
}
Browse to the directory with the shell of your choice(bash, git-bash, cmd, windows bash)
type php composer.phar update
Upload the vendor directory to your webserver via ftp or whatever mechanic you use.
include in your php project where you load your libraries(modify path to where you uploaded the vendor dir so it will include that autoload file)
require_once('vendor/autoload.php');
This way you get the benefit of dependency management and you don't have to include manually all the gazillion of files and download all the dependencies manually, and updating them is just as easy as typing php composer.phar update and then replacing the vendor dir on your server with the new one.
An alternative solution that worked for me (since php-download was down) can be done by making your own little local composer downloader.
Download and install XAMPP locally: https://www.apachefriends.org/index.html
Download and install composer locally: https://getcomposer.org/download/
Open commandprompt, navigate to say c:\temp and and simply type the composer dependancy, for example: composer require league/oauth2-client
Copy the files from your c:\temp folder to your web host using an FTP program
Add this to the top of your php: require("vendor/autoload.php");
This is not the ultimate solution but for me it was a big help for most of the cases:
https://github.com/Wilkins/composer-file-loader
Allow you to load composer.json file just as composer would do it.
This allow you to load composer.json file without composer (so
theorically PHP 5.2 is enough)
I know the question is old but I hope it will help someone.
I had to do this for an FTP server I didn't have SSH access to. The site listed in here worked, then I realized you can just do a composer install on your own server (using your target's PHP version), then copy all the files over.
Analizing the problem
The problem in installing the dependencies without Composer is the autoloading system.
Composer use a homemade autoloader based on an array map, this is a de-facto standard.
But this autoloading system, "fortunally" in this case, is not PSR-4 compliant.
PSR-4 is the de-iure standard for autoload a class in PHP, so you can't escape from autoloading. You must use one of them.
Solution Proposal
In this case, this brilliant PSR-4 autoloader is capable to be manually configured to autoload a VendorClass in a VendorNamespace anywhere in your code, as long as you require the custom autoload.php file early in your source code.
Real life example
Let's look at this example:
I have a legacy project who can't and won't use Composer never and never even if God allow this with a miracle. This project can be speed up in development with this fantastic package for command line scripts.
This is my project directory structure:
- src
- tests
- vendor (not the Composer's one)
This package has this directory structure:
- examples
- src
- Commando
- tests
The only thing I need is the src folder. Placing this folder in my vendor folder would be fine. So my custom autoloader would be like this:
// Constants
$base_path = "path\to\my\project";
$autoloader_class = '\vendor\MarcoConsiglio-Wichee\PSR-4-Autoloading\Psr4AutoloaderClass.php';
define("BASE_PATH", str_replace("\\", DIRECTORY_SEPARATOR, $base_path));
// Autoloader
require_once BASE_PATH.'\vendor\MarcoConsiglio-Wichee\PSR-4-Autoloading\Psr4AutoloaderClass.php';
// Init the autoloader.
$package = [
"nategood\commando" => [
"namespace" => "Commando",
"path" => str_replace("\\", DIRECTORY_SEPARATOR, '\vendor\nategood\commando\src\Commando')
],
"kevinlebrun\colors.php" => [
"namespace" => "Colors",
"path" => str_replace("\\", DIRECTORY_SEPARATOR, '\vendor\kevinlebrun\colors.php\src\Colors')
]
];
// Register namespaces.
$loader = new \PSR4\Psr4AutoloaderClass;
$loader->register();
// Namespace // Path to source
$loader->addNamespace($package["nategood\commando"]["namespace"], BASE_PATH.$package["nategood\commando"]["path"]);
$loader->addNamespace($package["nategood\commando"]["namespace"], BASE_PATH.$package["nategood\commando"]["path"]."\Util");
$loader->addNamespace($package["kevinlebrun\colors.php"]["namespace"], BASE_PATH.$package["kevinlebrun\colors.php"]["path"]);
Now I can use the command package anywhere in my project!
Pros & Cons
This solution allow you to:
Easely and manually build your own custom autoloader (you only need to specify the VendorNamespace and the folder(s) where search for VendorClasses in the VendorNamespace.
Freely organize your composer dependency anywhere in your project folder (and why not, outside it)
Import a composer package as is in your project (either downloading locally with Composer or cloning the package repository) or a relevant part of it (i.e removing composer.json file or files that require the composer autoloader).
Cons:
Manually build your custom autoloader means to work on every required dependency of your project (i hope not a lot).
Mistakes in package source paths can be tedious and frustrating.
Works only with PSR-4 compliant file names (i.e. can't use a A.class.php file name)
I'm trying to install the Coinbase PHP API but it requires Composer:
https://github.com/coinbase/coinbase-php
I'm looking for a universal PHP solution (perhaps a function) to let me install composer packages directly onto my server, without having to use Composer.
I think the developers of Composer believe they are helping people, but actually there are thousands of beginner developers that are being locked out of learning web development by the 'Composer barrier'.
It would really help if there was a flexible solution or some approach where we could install without Composer? How can I do this?
Please don't respond with some sarcastic comment. There are people that don't want to use Composer and I don't see why we should be herded into a specific third-party software in order to do web development.
You can try https://php-download.com/ which can help you download all dependency most of the time along with vendor folder. It promises composer not required.
Tried it myself. It finds and creates all required folders and zips it for download. Works perfectly !!
The composer.json file lists the dependencies. In your example:
"require": {
"php": ">=5.5.0",
"guzzlehttp/guzzle": "^6.0",
"psr/http-message": "^1.0",
"psr/log": "^1.0"
},
You must then find the corresponding packages in the packagist site. Repeat the same process for each dependency: find additional dependencies in their corresponding composer.json files and search again.
When you finally have a complete list of the required packages, you only need to install them all one by one. For the most part, it's just a matter of dropping the files somewhere in your project directory. But you must also ensure that PHP can find the needed classes. Since you aren't using Composer's auto-loader, you need to add them to your own custom autoloader. You can figure out the information from the respective composer.json files, e.g.:
"autoload": {
"psr-4": { "Coinbase\\Wallet\\": "src/" }
},
If you don't use a class auto-loader you'll need to figure out the individual require_once statements. You'll probably need a lot of trial and error because most library authors won't care documenting that.
Also, and just in case there's confusion about this:
Composer has an official GUI installer for Windows and a copy and paste command-line installation procedure for all platforms.
Composer can be run locally and its output just uploaded elsewhere. You don't need SSH in your shared hosting.
The command needed to install a library can be copied and pasted from the package web site—even if the package maintainer didn't care to document it, packagist.org generates it by default.
Composer is not perfect and it doesn't suit all use cases but, when it comes to installing a library that relies on it, it's undoubtedly the best alternative and it's a fairly decent one.
I've checked other answers that came after mine. They mostly fall in two categories:
Install a library and write a custom download script with it
Use an online web based interface for Composer
Unless I'm missing something, none of them address the complaints expressed by the OP:
Learning curve
Use of third-party software
Possibility to develop right on the server (using SSH, I presume)
Potentially deep dependency tree
I'm using shared hosting for a website and can't execute commands there. Aside from running composer via php script request that I request via browser, I usually use this workflow:
Make sure you have php installed locally.
Make directory on desktop.
download composer.phar from https://getcomposer.org/download/ (under header *Manual Download) and place it in the directory.
make a file composer.json paste in it the following contents
{
"require": {
"coinbase/coinbase": "~2.0"
}
}
Browse to the directory with the shell of your choice(bash, git-bash, cmd, windows bash)
type php composer.phar update
Upload the vendor directory to your webserver via ftp or whatever mechanic you use.
include in your php project where you load your libraries(modify path to where you uploaded the vendor dir so it will include that autoload file)
require_once('vendor/autoload.php');
This way you get the benefit of dependency management and you don't have to include manually all the gazillion of files and download all the dependencies manually, and updating them is just as easy as typing php composer.phar update and then replacing the vendor dir on your server with the new one.
An alternative solution that worked for me (since php-download was down) can be done by making your own little local composer downloader.
Download and install XAMPP locally: https://www.apachefriends.org/index.html
Download and install composer locally: https://getcomposer.org/download/
Open commandprompt, navigate to say c:\temp and and simply type the composer dependancy, for example: composer require league/oauth2-client
Copy the files from your c:\temp folder to your web host using an FTP program
Add this to the top of your php: require("vendor/autoload.php");
This is not the ultimate solution but for me it was a big help for most of the cases:
https://github.com/Wilkins/composer-file-loader
Allow you to load composer.json file just as composer would do it.
This allow you to load composer.json file without composer (so
theorically PHP 5.2 is enough)
I know the question is old but I hope it will help someone.
I had to do this for an FTP server I didn't have SSH access to. The site listed in here worked, then I realized you can just do a composer install on your own server (using your target's PHP version), then copy all the files over.
Analizing the problem
The problem in installing the dependencies without Composer is the autoloading system.
Composer use a homemade autoloader based on an array map, this is a de-facto standard.
But this autoloading system, "fortunally" in this case, is not PSR-4 compliant.
PSR-4 is the de-iure standard for autoload a class in PHP, so you can't escape from autoloading. You must use one of them.
Solution Proposal
In this case, this brilliant PSR-4 autoloader is capable to be manually configured to autoload a VendorClass in a VendorNamespace anywhere in your code, as long as you require the custom autoload.php file early in your source code.
Real life example
Let's look at this example:
I have a legacy project who can't and won't use Composer never and never even if God allow this with a miracle. This project can be speed up in development with this fantastic package for command line scripts.
This is my project directory structure:
- src
- tests
- vendor (not the Composer's one)
This package has this directory structure:
- examples
- src
- Commando
- tests
The only thing I need is the src folder. Placing this folder in my vendor folder would be fine. So my custom autoloader would be like this:
// Constants
$base_path = "path\to\my\project";
$autoloader_class = '\vendor\MarcoConsiglio-Wichee\PSR-4-Autoloading\Psr4AutoloaderClass.php';
define("BASE_PATH", str_replace("\\", DIRECTORY_SEPARATOR, $base_path));
// Autoloader
require_once BASE_PATH.'\vendor\MarcoConsiglio-Wichee\PSR-4-Autoloading\Psr4AutoloaderClass.php';
// Init the autoloader.
$package = [
"nategood\commando" => [
"namespace" => "Commando",
"path" => str_replace("\\", DIRECTORY_SEPARATOR, '\vendor\nategood\commando\src\Commando')
],
"kevinlebrun\colors.php" => [
"namespace" => "Colors",
"path" => str_replace("\\", DIRECTORY_SEPARATOR, '\vendor\kevinlebrun\colors.php\src\Colors')
]
];
// Register namespaces.
$loader = new \PSR4\Psr4AutoloaderClass;
$loader->register();
// Namespace // Path to source
$loader->addNamespace($package["nategood\commando"]["namespace"], BASE_PATH.$package["nategood\commando"]["path"]);
$loader->addNamespace($package["nategood\commando"]["namespace"], BASE_PATH.$package["nategood\commando"]["path"]."\Util");
$loader->addNamespace($package["kevinlebrun\colors.php"]["namespace"], BASE_PATH.$package["kevinlebrun\colors.php"]["path"]);
Now I can use the command package anywhere in my project!
Pros & Cons
This solution allow you to:
Easely and manually build your own custom autoloader (you only need to specify the VendorNamespace and the folder(s) where search for VendorClasses in the VendorNamespace.
Freely organize your composer dependency anywhere in your project folder (and why not, outside it)
Import a composer package as is in your project (either downloading locally with Composer or cloning the package repository) or a relevant part of it (i.e removing composer.json file or files that require the composer autoloader).
Cons:
Manually build your custom autoloader means to work on every required dependency of your project (i hope not a lot).
Mistakes in package source paths can be tedious and frustrating.
Works only with PSR-4 compliant file names (i.e. can't use a A.class.php file name)
I followed instructions from an answer of a similar topic(https://stackoverflow.com/a/17531897/4388482). Well, my app is getting deployed on Heroku but it doesn't work good. I'm getting the following warning
Your project only contains an 'index.php', no 'composer.json'.
Using 'index.php' to declare app type as PHP is deprecated and may lead to unexpected behavior.
Do I need to install something maybe?
UPDATE
Project structure was initially this:
I did the following:
Installed PHP 5 and composer.
I renamed package.json to composer.json and removed package-lock.json.
Typed "composer update" command. I got "nothing to install or update" message.
Added vendor to gitignore. Pushed changes to heroku.
I got the following warnings
Your 'composer.lock' is out of date!
Composer vendor dir found in project!
The complaint that Heroku has is regarding this folder.
For the record, the contents of this folder presently are:
bootstrap
fontawesome-free
jquery-easing
jquery
What has happened here is that someone has committed dependencies to your version control, which is not good practice. It will work as is, but it is not very easy to do upgrades, especially since you cannot easily see what versions you currently do have.
There are three ways to go about this.
Decide if these are PHP dependencies, by searching Packagist. There is a Composer dependency for Bootstrap, but you would need to see if the version you are using is available (or whether you can upgrade to one that is available).
Decide if these are JavaScript dependencies, by searching NPM. I wonder if it is worth examining the contents of your package.json in case these are already covered. For what it is worth, I would generally consider these candidates for JavaScript libraries rather than PHP, but do what works for you.
Choose to leave these dependencies committed in the existing vendor folder. It will work, but it is not ideal for the reasons already stated.
In the last two cases, you could probably get away with a composer.json file thus, which you should commit to the repo:
{
"require": {
}
}
You could try a composer install after this, to see if it will generate a .lock file on an empty dependency list. If this does generate, then you should commit this also.
I am sorry if this has been asked before but after searching for a while I couldn't really find answers to my dilemma.
I am part of team that is working on a PHP project and we use github for our version control. We would like to implement a PSR-4 autoloader and every single guide uses Composer so we would as well. Now, while searching I learned that the vendor folder should not be included into github, but only the composer.json and that every developer needs to install composer onto their own computer.
Does that require the autoloader to be created again on every developers computer.
And finally, when the project is done, we would like to upload it onto our website, but the only way we can do that is through FTP.
Which files should be uploaded to the live website and what would happen to th autoloader?
You need to commit the composer.lock file as well. That's super-important - it means that whenever someone else checks out the code they get the same set of dependencies (including their exact versions) installed to their /vendor directory.
That's why you don't need the /vendor directory to be committed - the lock file takes care of ensuring the dependencies are fixed.
The composer.json defines numerous potential versions of your dependencies that meet your requirements. Running composer update essentially checks to see if a more recent version is available that meets those requirements. That's the difference between install and update - install goes off the lock file and knows exactly what to look for - update goes off the json file and could return different results at different points in time.
In your composer.json you can define the autoloader by telling it where your root namespace lives.
"autoload": {
"psr-4": {
"RootNamespace\\": "library/src"
}
},
When your colleagues have run composer install it will create the autoloader for them in a consistent path.
You have options for deployment:
You can either upload the composer.lock file and run a composer install on production, or do it ahead of time and upload your vendor directory as part of the build.
I do the latter as I would prefer if there was an issue at this point to know about it before any files are changed on the production server. The alternative could leave a botched upgrade on production with missing dependencies. Safer to install those dependencies first and transfer everything in one go.
As an aside, I also like to install a fresh release to a separate folder on production named after the git commit and then symlink it as part of the deployment step. This ensures you don't have a half-updated application whilst you wait for the rest of the files to be uploaded. This approach would also eliminate the issue mentioned before, meaning you could do your composer install from production.
I am going to rewrite this question to be more clear. I have the following application structure:
applications/
api/
public/
composer.json
frontend/
public/
composer.json
backend/
public/
composer.json
common/
vendor/
... composer libraries here
How can I make that every single application's composer install gets installed into common/vendor, so that way I can have the most up to date version of the library in wherever is used with just one composer update; while at the same time only load the libraries that are in the composer.json file of each application. So, when I include vendor/autoload.php, only the needed libraries are loaded.
EDIT: Edited the whole question. Please reread
You have to create one bigger meta project that requires the API package, the frontend and the backend. You can define which directory should be used for placing dependencies for this meta project, and should be able to define for the special packages API, frontend and backend that they should go into their respective directories and not the common folder.
Updating that meta package will have to check more dependencies, but it is guaranteed that you either get the newest possible versions that conform to your version constraints (which may NOT install the newest version available if one of your packages requires a lower version). That way you would avoid installing dependencies that are not allowed for one of the projects, and you would be immediately notified if you attempt to install conflicting versions.
Note that I wouldn't recommend this at all. I would write a script, placing it at applications/updatecomposer.sh and add all the commands necessary to update each project individually. You gain all the flexibility that Composer is about, because essentially you want to have the central library installation of PEAR back. This central installation and the resulting inability to update any of the PEAR packages without risking to break something is one of the reasons that PEAR is considered dead.
Or think about any pre-Composer originating framework like Zend Framework 1. Having this installed in a central point that every application is using will effectively prevent you from ever updating it, if you are not prepared to also deal with incompatibilities in ALL your applications at the same time. Just an example: Updating from any ZF 1.11 to ZF 1.12 (the currently maintained up to date version) is a potentially backwards-incompatible change, because at least one abstract class (dealing with REST interfaces) got new abstract methods that have to be implemented.