On PHPMaster.com they've posted a new tutorial by Sean Hudgston that helps you understand HTTP digest authentication, a simple way to authenticate a user or script against your application.

Digest Access Authentication is one method that a client and server can use to exchange credentials over HTTP. This method uses a combination of the password and other bits of information to create an MD5 hash which is then sent to the server to authenticate. Sending a hash avoids the problems with sending a password in clear text, a shortfall of Basic Access Authentication.

He starts out by looking at the "basic authentication" mechanism that's built into most web servers and points out that it has a major flaw - sending the username/password in (pretty much) plain text. Digest, on the other hand, uses a MD5 hash created from a few pieces of information including username, realm and request method. The result is sent as a header back to the server that can then be parsed by PHP. He also talks about improving on the basic version of the digest method using the qop, nc, and cnonce optional parameters.

In the latest to his site Matthew Setter takes a look at easy routing with RouteMatch in Zend Framework 2 applications. The RouteMatch component gives you better control over your routing and lets you define "match paths" for URL to Controller mappings.

Today using Zend Framework 2 RouteMatch, Router and Request objects, I show you an easy way to dynamically update the current route. It's almost painlessly simple. [...] Well, like most things in web application development, what starts out simply in the beginner often grows more complex over time. So too is my once simple route.

His "simple" route started getting a bit out of control when he added in some pagination to the page (and query for the path match). He wanted to figure out how to re-render data with the same filters but show the next page of data. He shows how to use the RouteMatch component to achieve just this. He creates a custom module with a "listViewToolbar" helper that lets you read the router, request and handle the parameters sent via the URL. The "invoke" method is called to render the toolbar in the page, complete with the new settings.

NetTus.com has followed up their previous article covering some of the basics of the HTTP protocol with this new post, part 2 of the series. They suggest that HTTP, the messaging format of the web, is the one protocol that every web developer should know.

In my previous article, we covered some of HTTP's basics, such as the URL scheme, status codes and request/response headers. With that as our foundation, we will look at the finer aspects of HTTP, like connection handling, authentication and HTTP caching. These topics are fairly extensive, but we'll cover the most important bits.

In this article, they talk about things like the HTTPS secure version of HTTP, server-side connection handling, identification/authorization and working with caching and cache control headers.

The PHP Podcast (from Zend) has posted its second episode - Episode #2, an interview with Adam Culp who recently joined the team at Zend and is a organizer for the South Florida PHP User Group.

In this episode we talk to Adam Culp on his very first day as a Zend employee. We talk about PHP community and Adam's decision to move from the realm of independent consultant to Zender! Adam is the organizer of SunshinePHP, PHP Guru and joining the Zend Professional Services Team.

You can listen to this latest episode either through the in-page player or by downloading the mp3 directly. You can also subscribe to their feed of you want this and future episodes pulled automatically.

On 7PHP.com there's a new post that interviews a PHP community member, Eric Hogue, about his experience with the Zend Certified Engineer exam.

This is the 3rd set of Zend Certification Tips and Advice to help anyone taking either of the two Zend Exams powered by Zend Technologies: the Zend PHP Certification Exam and/or the Zend Framework Certification Exam. The aim being to help people who want to sit for those exams and inform them what it is all about & what to expect by hearing it from (pro) PHP Guys who have already been through it, that is => Hear It From Zend Certified Engineers!

He starts off with some general questions to Eric about the exam and its structure and how he prepared himself for it. He mentions some of the resources he used to study and what kind of topics to pay attention to. There's also a few quotes included at the end giving another perspective on the exam (specifically, some frustrations).

Gonzalo Ayuso has a new post today showing how he set up queuing with ZeroMQ and Symfony components and React.

Today I'd like to play with ZeroMQ. ZeroMQ is a great tool to work with sockets. I will show you the problem that I want to solve: One web application needs to execute background processes but I need to execute those processes in order. Two users cannot execute one process at the same time. OK, if we face to this problem we can use Gearman. I've written various posts about Gearman (here and here for example). But today I want to play with ZeroMQ.

He uses React and some ZeroMQ bindings and Symfony's Process component to make a simple client and server for working with the queue and processes. A screencast is included in the post showing them making the connection and adding the new process. The full code can be found on github (or installable via Composer)

On NetTuts.com there's a new tutorial about what they think is the one thing every web developer should understand - the HTTP protocol and how its used in web-based communications.

HTTP stands for Hypertext Transfer Protocol. It's a stateless, application-layer protocol for communicating between distributed systems, and is the foundation of the modern web. As a web developer, we all must have a strong understanding of this protocol. Let's review this powerful protocol through the lens of a web developer. We'll tackle the topic in two parts. In this first entry, we'll cover the basics and outline the various request and response headers.

They cover some of the basics of the protocol first including its statelessness, the concept of URLs and the HTTP "verbs" (like GET, POST and DELETE). They also briefly cover the HTTP response codes (ex. 200, 304) and the flow of the request and response to and from the web server. They also look at some of the basic HTTP headers and the actual low-level text formats of the requests/responses.

There's a section at the end of the post that links you to a few tools that you can use to view the HTTP messaging happening in your requests, some of which you might already have. They also briefly cover the use of HTTP in a few libraries - ExpressJS, Ruby on Rails and jQuery's Ajax handling.

The first episode of a new PHP-related podcast, the "PHP Podcast" produced by Zend, has been released. This first episode, hosted by Joe Stagner features a well-known PHPer, Cal Evans.

Cal Evans has been referred to as "The Ubiquitous Face of the PHP Community". That's made Cal an obvious choice for the first guest on the PHPPodcast. In this episode we chat about the evolving face of the PHP community.

You can listen to this latest episode either through the in-page player, by downloading the mp3 or by subscribing to their feed.

Jason Fox has a recent post to his site about using "Accept" headers in Zend Framework 2 apps to set the format of the return data from a request.

In this article I detail the process by which you can set up your controller actions in Zend Framework 2 to return either the default HTML, or JSON data depending on the "Accept Header" in the request. It incorporates changes related to a security update added since this very helpful article was written, and expands on some of the intricacies of making your web layer objects better "json providers."

His example uses a "ViewJsonStrategy" and the criteria to look for to determine which version to respond with (HTML or JSON) - the Accept header. It uses the JSON encoder/decoder instead of the built-in PHP one to he could use the included "toJson" method to customize the output of the JSON instead of just returning everything.

On his blog today Hari KT has an Aura Framework-related post about one of its components, the Aura.Http component, and its handling of HTTP requests and responses.

The Aura.Http package provide you the tool to build and send request and response. [...] Probably you may not have bothered too much on building the http response either the framework does it for you, or until you need to send the correct response.

The post shows you how to use the component to send and receive HTTP requests. Code is included showing how to make Response objects and set headers, content, cookies and HTTP response code. He also shows how to output the response and a more complete example of the entire flow. The post finishes up with an example of using Aura.Http to make a request to another site - in this case back to GitHub to get the users on a repository.