Nyholm PSR-7 VS PHP Dotenv

As the documentation states, this package only performs the conversion, so we would need a PSR-7 and a PSR-17 implementation to convert the objects to and from PSR-7. We can use the library the documentation recommends, nyholm/psr7, but there are others.

The following example shows how to create configuration for the HTTP factories, using the nyholm/psr7 package:

Since the library is designed to be easily integrated with different frameworks, it relies on the usage of PSR-7 compliant HTTP messages. To fulfill this requirement, I'll be using the nyholm/psr7 package.

If you go strict PSR-7, as you see in nyholm/psr7, Tobias uses traits to add the functionality of the extended RequestInterface and MessageInterface:

The Symfony folks thought of this, however, and provided a bridge that converts HttpFoundation objects to PSR-7 ones. The bridge simply needs a PSR-7 and PSR-17 factory, for which they suggest to use Tobias Nyholm's PSR-7 implementation.

“In theory, theory and practice are the same. In practice, they are not.” (Dr. Albert Einstein). I believe same goes for packages, too. A good example is the [comparison](https://github.com/Nyholm/psr7) of some PSR-7 implementations.

The point is why would I pull in code in the first place that is not needed? If it is optional, then why is it not a separate package? Same with all of the bloated HTTP requests and response objects that frameworks and other libs usually use. I really like https://github.com/Nyholm/psr7 for that reason, it has a table in it's readme.md that is pretty much enough to know why I like it. If something specific is needed it can be decorated or extended on project level.

After successfully setting up our project, you'll observe that certain packages come pre-installed. One of these packages is vlucas/phpdotenv. This package serves the purpose of facilitating the loading of .env variables within your projects. These variables, stored in a file named '.env', allow for the configuration of various settings without hardcoding them directly into your code. Instead, you can define environment-specific variables such as database credentials, API keys, or any other sensitive information in the .env file, providing a more flexible and secure approach to configuration management.

Recently, I jumped to reading on the documentation of the function putenv() and define() and the array $_ENV to understand the different between all. Also, I looked at the library phpdotenv and how it handles environment variables since its the standard approach to go with when dealing with environment variables in PHP.

So to get down to it, what are some of the best practices here? First off, things that you would normally do, like utilize some sort of secrets manager, that won't be available to you. You also can't utilize environment variables with apache. So you're going to have to have some sort of local secret (password/passphrase) to perform the encryption/decryption. With that said, mysql does provide AES encryption with their AES_ENCRYPT/AES_DECRYPT calls, so in that manner, yes you can safely store PII or other values in a shared MySQL. You can use a php library like https://github.com/vlucas/phpdotenv The decryption password(s) should be in the .ENV file Nothing prevents you from utilizing some scheme perhaps to provide multiple passwords if you want to, perhaps a separate one for each individual column you plan to encrypt.

DotEnv - a popular library that allows us to use environment variables in our project.

[PHP dotenv.](https://github.com/vlucas/phpdotenv) Loads environment variables from `.env` to `getenv(), $_ENV` and `$_SERVER`

PHP dotenv. Loads environment variables from .env to getenv(), $_ENV and $_SERVER automagically.

Use this library https://github.com/vlucas/phpdotenv. Hopefully you are using composer. If not, please consider using it.

First, we need to have PHP installed as well as Composer (A dependency manager for PHP). Using Composer, we need to install dotenv which will allow us to read .env files.

Here, I'm using the vlucas/phpdotenv library to process .env files.