Please note that at the time of writing this, there is an important and naive security vulnerability in "Example #2 AES Authenticated Encryption example for PHP 5.6+".
You MUST include the IV when calculating the HMAC. Otherwise, somebody could alter the IV during transport, thereby changing the decrypted message while maintaining HMAC integrity. An absolute disaster.
To fix the example, the HMAC should be calculated like this:
<?php
$hmac = hash_hmac('sha256', $iv.$ciphertext_raw, $key, $as_binary=true);
?>
