Development Group

Software Development

Back to Blog

Developing modern web application on PHP. Composer

April 23, 2018

It’s not a secret that a lot of commercial projects on the market are written in PHP. Although PHP is not suitable for certain problems faced by complex projects, when PHP can be implemented - it is a perfect solution.

Fortunately, this perfection comes with a caveat- PHP is one of the simplest languages out there. Certainly, this is wonderful news for developers.

This article opens a series dedicated to shedding a light on PHP for developers, willing to try the language and for the businesses interested in evaluating the effort of starting the project with it. We will show how easy and almost effortless for the developer it is to build an application, capable to respond to the challenges of today's businesses in an efficient way.

Let’s say, we would like to build an application that exposes the REST (REpresentational State Transfer) service for client applications. In order to do that in a modern way, we are going to use PHP (of course) and the Symphony web framework.

But wait, let’s talk about Symfony and actual development next time. There is a rudimental topic that we have to discuss - the dependency management.

Long gone are those days when all PHP developers had to go through the hell accounting for the difference between the development version and the production environment. We no longer have to worry about downloading and including libraries in the projects manually. The question of version management has been automatized.

Composer ( is the first one of our modern toolset and let’s concentrate on it in our article.

Composer is the perfect tool for dependency management in PHP. The tool is similar to npm for JS developers, and Maven - for Java developers. Composer is a ‘must have’ tool in your development toolset.

Let’s try it.

There are several ways of installing Composer. But, let’s assume we would like to install it to the project’s directory, in order to do that it’s required to go to the directory and run the command:

$ curl -sS | php

the output to the console we get the next one:

All settings correct for using Composer


Composer (version 1.6.3) successfully installed to: /home/www/project/composer.phar

Use it: php composer.phar

That means that composer is successfully installed.

Usually, though we have multiple PHP projects on our development machine, it makes sense to install composer system-wide rather than to every project folder separately:

$ mv composer.phar /usr/local/bin/composer
$ chmod +x /usr/local/bin/composer

After we run the code above, we are able to call composer at any location of our development machine. Let’s check it:

$ composer -V

Composer version 1.6.2 2018-01-05 15:28:41

Also, it is worth to mention the following resource That is the repository with all the official composer’s packages. If the package can be found using that resource, then we can use it in our project.

Let’s try to find our symfony framework using ‘symfony’ word.

The very first line is the framework itself. By diving into the details, we can inspect information, such as interdependencies, versions, references to github, homepages, etc. Above, there is a line for the composer.

Let’s run it and we should get the dependency being added to the project.

$ composer require symfony/symfony

the result of the command being run in a project folder is the dependency added. And we should be able to see 2 composer related files and the folder to be added to the project folder:


The following is the content of composer.json:

 "require": {
 "symfony/symfony": "^4.0"

that is the declaration of symfony as the project dependency and the specific version we would like to have.

If we try to inspect composer.lock file, we will see the exact version of the installed dependency and the interdependencies. Thus, composer.lock is the precise snapshot of project dependencies. It’s critical to store that file under the version control system, so other developers can pull exactly the same dependencies and avoid complex, non-evident issues, which relate to the different versions of the project dependencies.

One day that file will help us reconstruct the production environment.

To complete the picture drawn in our article, let’s take a look at two important commands: install and update.

install is meant to adjust the project according to the composer.lock file, all the dependencies are replaced by what is declared in composer.lock

$ composer install

update - updates all the dependencies according to what is declared in composer.json. The command has the impact to the composer.lock file, as it is changed during the command run.

$ composer update

Let’s stress one more feature that is handled by Composer - that is autoloading. If we take a look at the content of the vendor/ folder, we’ll find the autoload.php file. That is the only file that is required to be included into our project, but that only inclusion will give us an access to all the dependencies.

It is important to note, that autoloading loads the dependency only when it is required, not earlier.

That is all this time, we hope you’ve grasped the idea and the beauty of Composer usage and how critical it is to be used as a tool while building modern PHP projects. Stay tuned, next time we’ll dive into the code and try to build the REST service using the Symfony web framework.