DEV Community: Shishir Bhuiyan

Synchronous vs Asynchronous

Shishir Bhuiyan — Fri, 08 May 2026 10:03:18 +0000

Most people understand technical concepts better when they connect to real-life experiences. One of the simplest ways to explain synchronous vs asynchronous programming is through railway ticket booking in Bangladesh.

Imagine buying a long-distance train ticket at Kamalapur Railway Station. This is a classic synchronous process. You stand in a single queue and wait for your turn. When you finally reach the counter, the clerk checks seat availability, processes payment, and prints the ticket while everyone behind you waits. The system handles one passenger at a time. If the network becomes slow or someone takes extra time deciding, the entire line stops moving because every step depends on the previous one finishing first.

Now compare that to an online railway ticket booking system. Thousands of people can search routes, check seat availability, and make payments at the same time. When you click “Book Ticket,” your request is sent to the server and processed in the background. While your payment is being verified, the platform continues serving other users simultaneously. You are waiting for your own response, but you are not blocking the entire system.

That is essentially how asynchronous programming works. When a function is marked as "async," it tells the system that this task may involve waiting—perhaps for a database query, an API response, or a payment gateway confirmation. When we use await, that specific function pauses until the result arrives, but the rest of the application continues running other operations in parallel. Once the response is ready, execution resumes exactly where it stopped.

How WordPress Orchestrates Thousands of Plugins: The Magic of Hooks ?

Shishir Bhuiyan — Thu, 30 Apr 2026 18:38:38 +0000

WordPress's greatest strength is its plugin ecosystem. But have you ever wondered how it manages thousands of developers writing code in completely different styles—some using old-school procedural code, others using modern Object-Oriented Programming (OOP)—without the whole system crashing down?

The secret lies in the synergy between PHP Callables and the WordPress Hook System.

The Global 'Address Book': $wp_filter Think of WordPress as having a massive global spreadsheet or "Address Book" called $wp_filter. When you install a plugin, WordPress doesn't actively go out and "search" for the plugin's features. Instead, the plugin introduces itself.

By using functions like add_action() or add_filter(), a plugin writes its own name and "phone number" (the function name) into that specific row of the spreadsheet.

The Gatekeeper: is_callable()
When a specific event occurs—like publishing a post or loading a header—WordPress opens its address book to see who signed up for that event. Before it tries to run any code, it uses a PHP function called is_callable(). This acts as a security guard, checking if the "phone number" provided by the plugin actually leads to a working function that can be executed.
The Universal Adapter: call_user_func_array()
This is where the real magic happens. WordPress uses a PHP powerhouse called call_user_func_array(). Think of this as a Universal Remote Control that works on every brand of TV.

Whether a developer provides:

A simple function name (String)

A method inside a class (Array)

A modern Anonymous Function or Namespace

WordPress doesn't need to "translate" the code. It simply hands the registration over to the PHP engine and says, "You know how to run this; go ahead."

Decoupling: The "Radio Station" Logic The entire system operates like a radio station.

WordPress is the broadcaster, sending out signals on specific frequencies (Hooks).

Plugins are the radio sets tuned into those frequencies.

The broadcaster (WordPress) doesn't care who is listening or what device they are using. This Decoupling—where the core and the plugins don't depend on each other's internal structure—is why a plugin written years ago can still function perfectly with a modern theme today.

The Result: A Seamless Connection
WordPress provides the "Socket" (the Hook), and plugins provide the "Plug." Because they connect through this invisible interface rather than modifying each other's files, thousands of plugins can coexist, adding features and power without ever touching a single line of core WordPress code.

This elegant "handshake" is exactly what makes WordPress the most flexible CMS on the planet.

Docker vs. Kubernetes

Shishir Bhuiyan — Thu, 30 Apr 2026 18:35:44 +0000

In modern software engineering, Docker and Kubernetes (K8s) are often mentioned in the same breath. While they are different technologies, they aren't competitors—they are complementary tools that solve different parts of the containerization puzzle.

1. Docker: The Building Block
Docker revolutionized the industry in 2013 by introducing a way to package an application and all its dependencies into a single "Image." This ensures that if the code works on a developer's laptop, it will work exactly the same way on a production server.

Docker Image: Think of this as a "blueprint" or a snapshot of your app. It contains the code, runtime (Node.js, Python, etc.), libraries, and configuration files in a read-only format.

Container: When you run an image, it becomes a container—a living, breathing instance of your application.

The Workflow: You write a Dockerfile, run docker build to create the image, and use docker run to launch your application anywhere in the world.

2. Kubernetes: The Conductor
If Docker is about building and running an individual container, Kubernetes (released by Google in 2014) is about managing thousands of them. It acts as a highly skilled "Captain" or Orchestrator.

Kubernetes handles the complex operational tasks that would be impossible to do manually at scale:

Auto-scaling: If web traffic spikes, K8s automatically spins up more containers.

Self-healing: If a container crashes, K8s detects it and restarts it immediately.

Zero Downtime: It manages updates seamlessly, ensuring the app stays online while new versions are deployed.

The Bottom Line
Docker is the tool you use to create the "boxes" (containers) for your software.

Kubernetes is the system you use to manage an entire fleet of those boxes.

For a small startup or a side project, Docker alone is usually more than enough. But once your application grows into a massive platform (like Netflix or Spotify) requiring high reliability and scale, Kubernetes becomes essential.

🚀 VM vs Container

Shishir Bhuiyan — Thu, 30 Apr 2026 18:12:30 +0000

The fundamental difference between a Virtual Machine (VM) and a Container lies in their level of isolation and how they share resources.

Virtual Machine (VM): Hardware-Level Virtualization
A VM operates at the hardware level. Using a 'Hypervisor', a physical server is divided into slices, and a complete, separate Guest Operating System (OS) is installed on each slice.

Isolation: Each VM is highly secure and self-contained.

Resource Usage: Because each VM carries its own full OS, it consumes a significant amount of RAM and storage.

Speed: Due to the heavy OS overhead, VMs take a considerable amount of time to boot up.

Container: OS-Level Virtualization
A container operates at the Operating System level. Instead of carrying its own OS, it shares the 'Kernel' of the host machine.

Isolation: Application files are isolated in a way that they "think" they are on a separate system, while they are actually running lightly on the same host OS.

Efficiency: Because they share resources, you can run many more containers on the same hardware compared to VMs.

Speed: Containers are incredibly fast and can start up in just a few seconds.

Real-World Example: Physical Chess vs. Video Games
Virtual Machines (VM):
Imagine you have 10 physical chess sets. Each set requires its own wooden board, its own set of pieces, and its own physical space. This is heavy, bulky, and difficult to transport—much like how every VM requires its own full-scale OS.

Containers:
Think of a multiplayer video game. The game’s graphics engine, sound, and maps (the Kernel) are shared by everyone. However, every player has their own unique profile or character (the Container). Everyone shares the same game resources, but one player cannot see or access another player’s private inventory.

What is Containerization and Why is it Essential?

Shishir Bhuiyan — Thu, 30 Apr 2026 18:03:01 +0000

Containerization has revolutionized the way we develop, ship, and run applications. At its simplest, a container is a "box" where your application and all its necessary files are packed together, ensuring it works exactly the same on any machine.

What Exactly is Containerization?
It is an OS-level virtualization method used to bundle an application and all its requirements—such as code, runtime, system tools, libraries, and settings—into a single, lightweight package.

It is called a "container" because it mirrors the logic of shipping containers: it doesn't matter what is inside; it is designed to be easily moved and operated in any environment, whether it's a laptop, a data center, or the cloud.

Why is it Better than Virtual Machines (VMs)?
Resource Efficient: Unlike VMs, containers do not carry a separate Operating System. Instead, they share the host's OS kernel.

Fast Boot-up: Because they are lightweight, containers start up in seconds.

Low Overhead: They consume significantly less memory and CPU compared to traditional VMs.

Common Use Cases
Cloud Migration: Easily moving legacy applications to the cloud.

Microservices: Building complex systems where each service runs in its own container.

IoT Updates: Delivering seamless updates to Internet of Things devices.

Popular Tools in the Ecosystem
Docker: The industry standard for creating and running containers.

Kubernetes: A powerful platform to automatically manage and scale thousands of containers.

Linux Containers (LXC): Ideal for large-scale data applications.

Did you know PHP started as a personal project? 🤯

Shishir Bhuiyan — Thu, 30 Apr 2026 17:56:47 +0000

Back in 1993, #RasmusLerdorf wrote a few CGI scripts in C just to maintain his personal homepage. He extended them to handle HTML forms and databases, calling it "Personal Home Page/Forms Interpreter" (PHP/FI). That humble side project eventually became the language powering ~80% of the web today. The name later evolved into the recursive acronym we know: Hypertext Preprocessor (PHP).
🚀 Now here's what actually happens under the hood every time PHP runs:
⚡ SAPI Layer
Nginx/Apache receives your request and hands it off to PHP via FastCGI. Headers parsed, access checked — the boring stuff that matters.

🧠 OPcache Check
PHP asks: "Have I seen this before?"
YES → Load compiled OpCodes from memory. Done. Fast.
NO → Time to compile...

🔧 Compilation Pipeline
Lexer breaks your code into tokens
Parser builds an Abstract Syntax Tree (AST)
Compiler converts AST → OpCodes

⚙️ Zend Engine Execution
The heart of PHP. Executes OpCodes, runs your logic, queries your DB, builds the response.

📤 Output & Cleanup
Response gets Gzip compressed → sent to browser → PHP cleans up memory. Ready for the next request.

💡PHP 8+ Bonus:
JIT compilation converts hot OpCodes directly into machine code. Even faster.

PHP #WebDev #Backend #Performance #ZendEngine #PHP8 #SoftwareEngineering #RasmusLerdorf

How Social Media Sharing Actually Works ?

Shishir Bhuiyan — Thu, 30 Apr 2026 17:55:46 +0000

When you paste a URL on Facebook, Twitter, or LinkedIn, here's what happens behind the scenes:
1️⃣ The Crawl - Platform sends a bot to your URL
2️⃣ HTML Parsing - Scans your page for meta tags
3️⃣ Content Extraction - Pulls title, description, image
4️⃣ Preview Generation - Creates the rich preview card
5️⃣ Caching - Stores the data for future shares

🖼️ Image Requirements (Critical!):
• Size: Minimum 1200x630px (Facebook), 1024x512px (Twitter)
• Format: JPG, PNG, WebP
• File Size: Under 8MB
• Accessibility: Must be publicly accessible via HTTPS
• Alt Text: Include og:image:alt for accessibility

📝 Content Best Practices:
• Title: 60-90 characters (gets truncated after)
• Description: 150-160 characters for optimal display
• Image: High contrast, readable text, brand consistent
• URL: Clean, descriptive URLs perform better

⚡ Pro Developer Tips:
Test Before Launch:
• Meta Tags Toolkit: https://metatags.io/
• Facebook Debugger: developers.facebook.com/tools/debug/
• Twitter Card Validator: cards-dev.twitter.com/validator
• LinkedIn Post Inspector: linkedin.com/post-inspector/
Common Pitfalls to Avoid:
• Images hosted on localhost (won't work!)
• Missing HTTPS on image URLs
• Forgetting to update meta tags after content changes
• Not clearing social media cache after updates

🏷️Advanced Techniques:
• Dynamic meta tags based on content
• Different images for different platforms
• A/B testing social preview images
• Implementing structured data (JSON-LD)

💡 What's your experience with social media sharing optimization? Any tools or tricks?

WebDevelopment #SocialMediaSharing #OpenGraph #TwitterCards #SEO #MetaTags #Frontend #Developer #SocialMedia #WebOptimization #TechTips

Roxnor Git বিভ্রাটের গল্প !

Shishir Bhuiyan — Thu, 30 Apr 2026 17:54:14 +0000

Roxnor Git বিভ্রাটের গল্প !

যখন Git Reset আর Refspec এর চক্করে মাথা কাজ করছিল না 😅
📌 আমি একটি প্লাগইনের Role Based Access Control নিয়ে কাজ করছিলাম। লাস্ট কমিট পুশ করে, একটু আরাম করে বসলাম। হঠাৎ টিম লিড ভাইয়ের আগমন, লাস্ট কমিটটা আলাদা পুল রিকুয়েস্ট দিতে হবে। কারন লাস্ট কমিটের ফাইলগুলি ছিল এক্সিটিং এপিআই গুলোতে রুল পার্মিশন টা চেক দেওয়া। তাই চেন্জড ফাইল অনেক গুলি দেখাচ্ছিল। আমি ভাবলাম, git reset --mixed HEAD~1 দিয়ে একটু রিভার্ট করি। এখন একসাথে প্রায় 40টার মতো ফাইল Unstaged অবস্থায় চলে আসলো। কিন্তু এই অবস্থায় ফোর্স পুশ দেওয়াটা রিস্কি হতে পারে। তাই ভাবলাম,আমার ফাইলের পরিবর্তন গুলি নিরাপদে রেখে,সব ক্লিন করে তারপর একটা PR দিব ৷ তাই -

১. প্রথমেই git stash কমান্ড দিয়ে সব আন স্টেজড ফাইলগুলোকে নিরাপদ জায়গায় সরিয়ে নিলাম।

২. git push origin shishir-xs --force চালালাম।
তখনই আসলো error: src refspec shishir-xs does not match any.
git branch কমান্ড দিয়ে কনফার্ম হলাম আমি ভুল করে সোর্স ব্রাঞ্চ হিসেবে shishir-xs দিচ্ছিলাম, অথচ আমার বর্তমান ব্রাঞ্চ ছিল role-based-access-control 😵‍💫।
এবার শেষমেশ সঠিক ব্রাঞ্চ দিয়ে git push origin role-based-access-control --force দিতেই রিমোট রিপোজিটরি আমার লোকাল স্টেটের সাথে পার্ফেক্টলি সিঙ্কড হয়ে গেল।

৩. এবার git stash pop করে ফাইলগুলো ফেরত আনলাম এবং development branch এর উপর নতুন branch তৈরি করে,পরিবর্তন গুলি কমিট করে , Pull Request দিয়ে ল্যাপটপ বন্ধ করলাম।

SoftwareDevelopment #Git #GitHub #CodingLife #wordpressplugins #DevHumor #RoxNor

Elementskit 🎉

Shishir Bhuiyan — Thu, 30 Apr 2026 17:52:33 +0000

🎉 𝟮 𝗠𝗶𝗹𝗹𝗶𝗼𝗻 𝗔𝗰𝘁𝗶𝘃𝗲 𝗜𝗻𝘀𝘁𝗮𝗹𝗹𝘀!
A huge milestone for ElementsKit, now powering 2 million+ websites worldwide!
This achievement belongs to our amazing community of 𝘤𝘳𝘦𝘢𝘵𝘰𝘳𝘴, 𝘥𝘦𝘷𝘦𝘭𝘰𝘱𝘦𝘳𝘴, 𝘢𝘯𝘥 𝘢𝘨𝘦𝘯𝘤𝘪𝘦𝘴 who trust ElementsKit to build better websites with Elementor.
Thank you for being part of this journey. More exciting things are coming! 💙

TableKit

Shishir Bhuiyan — Sun, 26 Apr 2026 18:48:34 +0000

After supporting 3M+ WordPress users, we kept hearing the same frustration: "Why is building data tables in Gutenberg so limiting?"
So we built TableKit.
It's a native Gutenberg table builder that actually works the way you'd expect: drop any block into a cell, merge layouts however you want, and style everything down to the pixel.

But here's where it gets interesting:
Live data sync → Pull from Google Sheets, CSVs, JSON, or REST APIs
WordPress integration → Auto-structure your Posts, Pages, and CPTs
WooCommerce ready → Build product catalogs with native add-to-cart functionality.

Plus all the power features you actually need: frozen headers, conditional formatting, search, filters, pagination, and instant exports.
We engineered TableKit to eliminate everyday design bottlenecks, backed by our experience supporting over 3 million users worldwide.
Early access is live now with up to 70% off for early adopters.
Full walkthrough in the comments 👇

Laravel Authentication

Shishir Bhuiyan — Sat, 24 Feb 2024 17:37:20 +0000

*Main Source : *https://laravel.com/docs/9.x/authentication#authenticating-users

Laravel offers several packages related to authentication. Before continuing, we'll review the general authentication ecosystem in Laravel and discuss each package's intended purpose.

First, consider how authentication works. When using a web browser, a user will provide their username and password via a login form. If these credentials are correct, the application will store information about the authenticated user in the user's session. A cookie issued to the browser contains the session ID so that subsequent requests to the application can associate the user with the correct session. After the session cookie is received, the application will retrieve the session data based on the session ID, note that the authentication information has been stored in the session, and will consider the user as "authenticated".

When a remote service needs to authenticate to access an API, cookies are not typically used for authentication because there is no web browser. Instead, the remote service sends an API token to the API on each request. The application may validate the incoming token against a table of valid API tokens and "authenticate" the request as being performed by the user associated with that API token.

Laravel includes built-in authentication and session services which are typically accessed via the Auth and Session facades. These features provide cookie-based authentication for requests that are initiated from web browsers. They provide methods that allow you to verify a user's credentials and authenticate the user. In addition, these services will automatically store the proper authentication data in the user's session and issue the user's session cookie.
The attempt method accepts an array of key / value pairs as its first argument. The values in the array will be used to find the user in your database table. So, in the example above, the user will be retrieved by the value of the email column. If the user is found, the hashed password stored in the database will be compared with the password value passed to the method via the array. You should not hash the incoming request's password value, since the framework will automatically hash the value before comparing it to the hashed password in the database. An authenticated session will be started for the user if the two hashed passwords match.

Remember, Laravel's authentication services will retrieve users from your database based on your authentication guard's "provider" configuration. In the default config/auth.php configuration file, the Eloquent user provider is specified and it is instructed to use the App\Models\User model when retrieving users. You may change these values within your configuration file based on the needs of your application.

The attempt method will return true if authentication was successful. Otherwise, false will be returned.

The intended method provided by Laravel's redirector will redirect the user to the URL they were attempting to access before being intercepted by the authentication middleware. A fallback URI may be given to this method in case the intended destination is not available.
Link : https://laravel.com/docs/9.x/authentication#authenticating-users

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    /**
     * Handle an authentication attempt.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\Response
     */
    public function authenticate(Request $request)
    {
        $credentials = $request->validate([
            'email' => ['required', 'email'],
            'password' => ['required'],
        ]);

        if (Auth::attempt($credentials)) {
            $request->session()->regenerate();

            return redirect()->intended('dashboard');
        }

        return back()->withErrors([
            'email' => 'The provided credentials do not match our records.',
        ])->onlyInput('email');
    }
}

Accessing Specific Guard Instances

https://laravel.com/docs/9.x/authentication#accessing-specific-guard-instances

Authenticate A User Once

https://laravel.com/docs/9.x/authentication#authenticate-a-user-once

Invalidating Sessions On Other Devices

https://laravel.com/docs/9.x/authentication#invalidating-sessions-on-other-devices

Font Awesome 5 use social/brand icons in React

Shishir Bhuiyan — Mon, 12 Feb 2024 07:59:56 +0000

npm i --save @fortawesome/fontawesome-svg-core npm install --save @fortawesome/free-solid-svg-icons npm i --save @fortawesome/free-brands-svg-icons npm install --save @fortawesome/react-fontawesome

import { FontAwesomeIcon } from '@fortawesome/react-fontawesome';
import {  faFacebookF , } from '@fortawesome/free-brands-svg-icons';

<FontAwesomeIcon icon={faFacebookF} />