On PHPMaster.com they've posted a new tutorial by Sean Hudgston that helps you understand HTTP digest authentication, a simple way to authenticate a user or script against your application.

Digest Access Authentication is one method that a client and server can use to exchange credentials over HTTP. This method uses a combination of the password and other bits of information to create an MD5 hash which is then sent to the server to authenticate. Sending a hash avoids the problems with sending a password in clear text, a shortfall of Basic Access Authentication.

He starts out by looking at the "basic authentication" mechanism that's built into most web servers and points out that it has a major flaw - sending the username/password in (pretty much) plain text. Digest, on the other hand, uses a MD5 hash created from a few pieces of information including username, realm and request method. The result is sent as a header back to the server that can then be parsed by PHP. He also talks about improving on the basic version of the digest method using the qop, nc, and cnonce optional parameters.

On NetTuts.com today there's a new tutorial posted showing you how to create a theme for PyroCMS, an open source, PHP-based content management system with a large user base and community.

Like most content management systems, PyroCMS uses front-end themes. Though PyroCMS themes are built a bit differently than what you might be used to from other systems, they're still quite easy to create. They're so easy, in fact, that very little PHP experience is required to assemble them!

He walks through things like the folder structure of the templates directory and how to get started on a custom "Foo" theme of your own. He covers how to lay out the HTML markup for the theme and how you can use partials for the sections of the site. He briefly touches on using multiple layout files and how to use different layouts shown only to mobile devices.

Gonzalo Ayuso has a new post to his site today showing how to use the recently released PHP support for the Google App Engine along with Silex to create a login provider.

Last week Google announced the PHP support for Google App Engine (GAE). PHPStorm, the great IDE for PHP development, also announced support for Google App Engine PHP. Because of that now is time to hack a little bit with this new toy. [...] To build a simple Silex application over Google App Engine is pretty straightforward (more info here). Because of that we're going to go a little further. We are going to use the log-in framework provided by GAE to log-in with our Goggle account within our Silex application. In fact we can use the standard OAuth authentication process but Google provides a simple way to use our gmail account.

He includes the code showing what the end result will look like as well as what's needed for the "LoginProvider" class. He also creates an "Auth" class where most of the work is done - creating the login URL, redirecting the user and checking to see if the user is logged in. He's made a screencast of the full process so you can see the authentication flow as its happening.

If you weren't able to make it to this year's php|tek conference in Chicago, Michaelangelo van Dam has posted a great wrapup of the event and some of the things that happened during the week.

If you were last week in Chicago, you've might felt the city was buzzing PHP all over the place. php[tek] 2013 was taking place at the Sheraton Gateway Suites Chicago O'Hare in Rosemont, just outside of Chicago city. This year it was also the first time Musketeers.me, a php consulting team from the East Coast, was running the show, putting their own signature onto the event. And with great success I might add. A well deserved applause to Eli White, Kevin Bruce, Sandy Smith, Oscar Merida and of course the Beth Tucker Long for their unlocked achievement running a great conference.

He talks about running the unconference for this year's event and one talk that resonated with a lot of people at the conference, Ed Finkler's "Open Sourcing Mental Illness". He also goes through some of the other regular sessions talks he found interesting covering things like security, refactoring, and dealing with distractions during work. He also mentions the hackathon and some of the good work that was done there.

In my experience the best php[tek] ever, and I'm really looking forward to the 2014 edition. If you don't believe me, have a look at the pictures taken at php[tek] 2013. They will tell the story.

• heydon/uarray (v1.0.0-beta1) Allow manipulation of PICK Dynamic Arrays in PHP for use with RockSoftware's U2 products
  
  
• mjohnson/transit (1.1.1) A file uploader, validator, importer and transformer library.
  
  
• bitgandtter/google-bundle (0.2.1, 2.0) Integrate the Google Platform into your Symfony2 application.
  
  
• trsteel/ckeditor-bundle (v1.1) Symfony2 bundle for easy integration of the CKEditor WYSIWYG
  
  
• torohill/php-template (1.2.0, 1.1.0) A very basic template class that uses PHP as the templating language.
  
  
• aequasi/memcached-bundle (1.3.6, 1.3.5, 1.3.4, 1.3.3, 1.3.2) Memcached Bundle
  
  
• thrace/datagrid-bundle (v1.0.0) This bundle provides easy creating of jqGrid datagrids
  
  
• thrace/component-bundle (v1.0.0) Components used by thrace-project bundles
  
  
• segmentio/analytics-php (0.4.5) Segmentio Analytics PHP Library
  
  
• phundament/app (0.20.4) Yii Application Boilerplate, with packages from composer repository http://packages.phundament.com
  
  
• beatnode/tumblr (1.0.0) Wrapper for the offical Tumblr SDK to provide authentication
  
  
• phundament/p3admin (0.12.3) Yii application info and skeleton
  
  
• zircote/rhubarb (0.1.4) A PHP Celery Client Implementation
  
  
• jenwachter/html-form (0.2) A PHP library designed to make creating, validating, and maintaining forms easier.
  
  
• shark/formlogger-bundle (v2.3.1, v2.3) Log Symfony Forms
  
  
• thadafinser/zfc-datagrid (0.3.1, 0.3.0) Zend Framework 2 Module that provides a datagrid for different datasources and output formats
  
  
• wowo/wowo-newsletter-bundle (v1.2.7, v1.2.6, v1.2.5, v1.2.4) Newsletter Bundle for Symfony2 (with messages queuing in beanstalkd)
  
  
• wowo/wowo-queue-bundle (v1.3.1) The WowoQueueBundle provides unified method for use queue systems, like Beanstalkd, RabbitMQ, flat files, database driven queues etc.
  
  
• paypal/sdk-core-php (v2.4.0) PayPal Core SDK for PHP
  
  
• paypal/adaptiveaccounts-sdk-php (v3.4.102) PayPal adaptiveaccounts SDK for PHP
  
  
• merk/dough (v1.1.4) This library provides an immutable money library, including currency conversion support.
  
  
• slevomat/sglogistics-api (1.13) SG Logistics client API Library
  
  
• opichon/autotabs (2.0.8, 2.0.7, 2.0.6, 2.0.5) JQuery plugin to generate tabs from page markup
  
  
• rah/rah_autoload (0.2.1, 0.2.0) Loads Composer generated autoload files in Textpattern CMS
  
  
• studiobonito/silverstripe-publishable (1.0.3) Publishable is a module for Silverstripe that provides a number of extensions that make enabling and managing versioning for DataObjects much simpler.
  
  
• simplon/db (1.2.2) Simplon DB Libraries
  
  
• ze-pequeno/pequeno-spotify-module (1.0.2) Zend Framework 2 Module for Spotify Web API
  
  
• n98/magerun (1.68.1) Tools for managing Magento projects and installations
  
  

• xhprof 0.9.3 -- Just updating the pecl package to https://github.com/facebook/xhprof/commit/254eb24dcfa763c76c57b472093ebc4b81af2b7d -- Request #16544: Mac port for XHProf (svilen spasov) -- fix #16574: require/require_once not special cased like include/include_once (kannan) -- add a sanity test for sampling mode in xhprof (kannan) -- add support to ignore functions (such as call_user_func) during profiling (mike paleczny) -- fix #16098: suppress notices due to use of FILE_BINARY (kannan) -- add a sanity test for timer (kannan) -- fix for compile error on debian linux (russ)
  
  
• fribidi 1.1 Requires GNU FriBidi version 0.19.1 or later.
  
  
• pq 0.4.0 * Added pqConverterInterface and pqConnection::setConverter() * Added pqResult::desc() and fixed pqStatement::descAsync() * Added serializer for input array params
  
  

On the Symfony blog today Fabien Potencier talks about some small things that matter - some of the smaller updates that have been made to the Symfony 2 framework recently that have helped to make it better and more flexible.

Every new Symfony release tries to brings some small but useful improvements. Let's dive into some of them for Symfony 2.3 (in no particular order).

Things in his list include:

• A text-based output of the exception handling stack trace
• A default configuration for the Serializer component
• The ability to run the framework in a production environment in development
• An update to make debugging configuration parameters easier
• Conversion process of short controller names
• Overload generated code in the bundle bootstrapping code

Check out the post for the rest of the changes on his list and check out the RC1 of Symfony 2.3.0 to see some of them in action.

The PHP Town Hall podcast has posted a new episode - Episode #7: "Web Sockets Are Fast".

Chris Boden joins us to talk about a Ratchet and React. The conversation is basically Ben and Phil asking a bunch of questions about how Ratchet works, pretending we know what is going on while Chris uses lots of words like "concurrency" and "non-blocking". We decide that PHP is web-scale, event-driven programming is not just for NodeJS hipsters, we all take the "Are You a Brogrammer" test and Michael Wales crashes the show half way through like a ninja.

You can listen to this latest episode either through the in-page player or by downloading the episode directly. You can also subscribe to their feed if you'd like the latest shows as they're released.

On 7PHP.com today Khayrattee Wasseem has posted another community interview, this time with Craig Willis the organizer of the Leeds PHP user group in the UK (West Yorkshire).

This is the #1st set of 'Know Thy PHP Usergroup' in an attempt to create more awareness of: what is $this PHP UG about + get to know the leaders/Founders/Community behind it, what is a PHP User Group in general and to personally know all the PHP user goups Around The World - that excites me and I hope you too! This concept is also a good opportunity for new #elePHPants to know about PHP UGs.

They talk some about the group itself as well as some of Craig's thoughts about about leading the group. They talk some about the goals of the group, the usual activities of it and how the meetups are planned. There's also a bit about finding sponsors for the group and how it compares to other groups of the same type.

Andrew Podner has posted the first part of a new series to his site today. He'll be looking at using functional testing to improve quality of the resulting code and full application.

For this week, I wanted to focus on some different types of automated testing other than unit testing that can help developers build more robust applications and improve both the speed and effectiveness of quality assurance. Specifically, this post is going to focus on functional testing. Functional testing is composed of the tests that you write which are from the user's point of view. A functional test is used to perform quality assurance on all or part of an application utilizing the user interface as a pathway to the application.

He gives some examples of functional tests like clicking on buttons, trying a login, checking that the contents of the page are correct. He talks some about the purpose of functional testing and how it differs from unit testing. He suggests the metaphor of a race car - the pit crew would be the "unit testers" and the driver would be the "functional tester", saying whether or not all of the parts of the car are working together as they should for the race. In the next part of the series, he'll talk some about the actual software to automate this process.