Excellent PHP writing, hand-picked.
No buzzwords. No ads. No nonsense. Curated by Stefan Priebsch and Sebastian Bergmann of thePHP.cc as a free service to the PHP community.

Latest Issue

View all issues →

Issue #10

The work that keeps PHP alive

05 May 2026

"Open source does not sustain itself, and PHP is no exception. This issue looks at the work behind the work: funding maintainers, simplifying licenses, and turning private experience into shared knowledge for the community."
— Stefan & Sebastian

skoop.dev

Sustainable open source

Open source software is not simply free code, but a community ecosystem that depends on active support from its users. Companies that profit from open source should deliberately contribute back to the projects they rely on, especially smaller libraries with few maintainers.

Picked by Stefan Priebsch – "This is PHP Reads social engineering at its best: after convincing Stefan to contribute to our online conference years ago, we were also able to persuade him to write this blog post."

ben.ramsey.dev

The PHP License, simplified

Ben Ramsey explains how a 2020 compliance question led to years of work replacing PHP’s aging custom PHP and Zend Engine licenses with plain BSD-3-Clause, eliminating ambiguity around OSI approval, GPL compatibility, distributor rights, and legacy Zend-specific terms.

Picked by Sebastian Bergmann – "We encouraged Ben to publicly tell the story behind PHP’s license simplification. He delivered exactly the kind of article we love, highlighting one of the less visible ways people contribute to PHP."

phpreads.com

From experience to shared knowledge

PHP Reads is not only about finding good PHP content, but also about helping more community knowledge become visible. We invite everybody to share worthwhile articles, encourage you to write, and offer our help in turning your experience into something the PHP community can learn from.

Written by Stefan Priebsch and Sebastian Bergmann.

Issue #9

Old lessons, new threats

28 April 2026

"Some lessons age remarkably well. This week, we revisit two classic PHP articles that helped us understand what happens under the hood of PHP. Then we look ahead to an uncomfortable future: AI finding vulnerabilities faster than humans can fix them."
— Stefan & Sebastian

blog.ulf-wendel.de

Prepared statements under the hood

A classic deep dive into how PDO and mysqlnd handle prepared statements. Although written in 2008, it remains a fundamental resource for understanding the nuances of database interactions in PHP and why certain configuration choices matter.

Picked by Stefan Priebsch – "Ulf Wendel was deeply familiar with the PHP database stack at the time. This shows in the level of detail with which he explains the performance impact of prepared statements."

schlueters.de

Do not use PHP references

Johannes Schlüter explains why PHP references are often misunderstood and misused. This post is a timeless reminder that references in PHP are not pointers and can often lead to unexpected behavior and performance issues.

Picked by Sebastian Bergmann – "Written by former PHP core contributor and release manager Johannes Schlüter, this article helps us understand how the language works under the hood."

blog.mozilla.org

When AI finds zero-days faster than humans can fix them

It seems that AI finds previously undiscovered security vulnerabilities so quickly that the only realistic response is to counter it with AI as well. If that is true, then a new arms race has just begun.

Picked by Stefan Priebsch and Sebastian Bergmann – "Open Source maintainers may struggle to keep up without burning out. We need to start talking about this now."

Issue #8

Below the surface

21 April 2026

"As Joel Spolsky famously observed, all good abstractions leak. This issue is a reminder that understanding the layers beneath the abstraction is still part of professional software development."
— Stefan & Sebastian

blog.packagist.com

Composer 2.9.6 fixes critical vulnerability

Composer 2.9.6 and Composer 2.2.27 LTS fix two command injection vulnerabilities in the Perforce VCS driver. The issue can affect users even if they do not actively use Perforce, so upgrading immediately is strongly recommended.

Picked by Sebastian Bergmann and Stefan Priebsch – "An important reminder that supply-chain tooling deserves the same security attention as application code."

dev.to/gabrieloliverio

Streams in PHP: What you really need to know

A practical deep dive into PHP streams: what they are, how resources and wrappers fit together, and how stream-related functions behave in real-world use. A good refresher on one of PHP’s most fundamental abstractions, quietly powering everyday code for years.

Picked by Sebastian Bergmann – "A well-written explanation of a fundamental PHP concept that many developers use every day without fully understanding it."

accesto.com

Web socket servers with PHP

The article explains how a single long-running process handles real-time event delivery, tenant-aware routing, graceful shutdown, and stable memory usage without polling or unnecessary complexity.

Picked by Stefan Priebsch – "A strong real-world example of how PHP can power long-running, event-driven systems in production when the architecture is thoughtfully designed."