In my previous article, we covered some of HTTP's basics, such as the URL scheme, status codes and request/response headers. With that as our foundation, we will look at the finer aspects of HTTP, like connection handling, authentication and HTTP caching. These topics are fairly extensive, but we'll cover the most important bits.

In this article, they talk about things like the HTTPS secure version of HTTP, server-side connection handling, identification/authorization and working with caching and cache control headers.

To evangelize is to effectively transfer information regarding one set of beliefs to another, with the final goal of converting each individual to the original belief. Isn't that what we do when we spread the word of PHP?! The idea behind being a PHP Evangelist is for an individual to speak passionately about PHP and be able to have strong and durable arguments for PHP, if questioned about his "faith" in the technology.

He talks some about the skills and things you'd need to become an evangelist - an advanced knowledge of the language, thinking "out of the box" about problems and how you can stand out from the other people in the community as a leader. He also recommends being technically adept as well and contributing to projects, either through support or actual development.

PHP evangelists are born to lead, to form opinions, influence the opinions of others and to have followers - and haters as well. Even if you think you were not born to be a leader or just don't want to be one, you will have to get used to public speaking if you wish to become a PHP evangelist.

The original question from was a 16 year old who's been doing some basic CRUD apps, but is getting bored and wanted to move on to 'real' development. There were some good replies, but few went in to the depth of detail that I think beginners are even aware of. Granted, this might scare off some, but for others it might give them some ideas about what's possible and what's involved in professional web development. I know I'm going to leave off some topics, so feel free to add on!

He touches on topics ranging from version control to performance and even a mention of mobile development. Each section includes a brief summary of the topic and some have specific topics to check out to help narrow things down to the important parts.

Most programmers treat security as an afterthought and engage in zero self-directed education about security in general. The most common response is actually shock, followed by denial, followed by excited elation at the idea of fixing stuff, followed by the sobering realisation that someone somewhere is an evil fucker for making their lives harder by not telling them all this sooner. Some graduate further into taking security seriously, seriously. This is actually PHP's current failing: Knowledge.

He talks about some of the mislead beliefs that many PHP developers share about the "One True Way" to secure their applications from common things like XSS and CSRF. He also shares his thoughts on how to solve this knowledge problem...and it's not by reading the same things we have been for years now. New knowledge needs to be shared, new questions need to be asked and new methods need to be shared for effective security precautions.

Knowledge is the essential ingredient to improving PHP Security. What you don't know can bite you; what you do know can be hunted down and shot.

Once you start to dig around PHP Security in earnest, you begin to notice trends and patterns in how programmers behave and accumulate knowledge. The most obvious feature of PHP culture is that we do not have an active "leadership" in security. There is no appeal to authority in PHP security debates, only personal opinions informed by a nebulous entity called "They". There are individuals that I have learned to trust and that's about as far as we can go. [...] In the PHP community, the Authorative Knowedge for PHP Security is derived from a concensus. A concensus based on published articles, the practices of libraries and frameworks, printed books, and the vague meandering thoughts of whoever you follow on Twitter. In other words, our current Authorative Knowledge is you.

He notes that this "everyman security expert" hasn't proven to be the best method for increasing the overall security awareness of PHP developers, so he's proposing something different: the "PHP Security Technical Group (SECTG)".

It's a group of members who share a common interest in sharing information, performing research, publishing articles/newsletters, and generally taking advantage of resource pooling without giving up their individual interests - all towards accomplishing some common goal, i.e. creating or emphasising new Authorative Knowledge. The phrase "Unofficial" is implicit in the group name - this is not an official PHP entity.

If you're interesting in joining in on the cause, you can sign up for the mailing list and get more information as it comes.

We've all come across code that's written so craftily that it takes us some time to figure out what's actually going on in that block of code. We've never written things like that ourselves of course....seriously though, if you're collaborating, not doing things in the simplest terms will create an issue when other people start to look at your code. There is something about us; when we have an opportunity to show off how smart we are; we really try to go for it. The point is that it's not helping anyone and crafty code !== good code.

He makes a few recommendations about how to keep things simple in the various aspects of your development:

• Know your tools
• Know what you're doing
• Check your smells
• Ask "what value does this add?"

By simplifying things, you give others a chance to look at what you are doing and help you understand what you did right and what you can do to improve that section.

I started a daily PHP tip blog a couple of weeks ago, figuring the daily writing will keep me curious about programming. [...[ I've found that I learn things better when I have to absorb them well enough to explain them to someone else, so this site (and a couple others I'm starting up) are my attempt to just solidify my knowledge and push my skills. The goal of writing five brief tutorials about various functions, methods, or solutions each week is meant to force me to keep expanding my knowledge and to help me burn it into my brain. I hope others might find it useful.

So far he has posts about things like:

• Getting the raw POST contents on a request
• A series on creating a "meme" site (like the Cheezburger ones): Part 1, Part 2, Part 3 & Part 4
• REST and Ajax
• Timing (benchmarking) your code
• Validating email addresses

There's lots of good content here, especially if you're a beginning developer and want to discover these helpful hints along with him.

PHP development is hot right now, but there are also lots of people in PHP development. If you want to make it as an independent PHP developer you've got to know more than just PHP. Here are six other essential skills you need to succeed as a PHP developer.

Her list of six is made up of:

• JavaScript, HTML, and CSS
• Knowing What You Don't Know
• Business Communication
• Business Finance
• Project Management
• Networking

Really, independent or not, these types of skills/knowledge can help any developer out there to see the bigger picture outside of just their code, out to what the business is doing.

If the job description does not mention "Framework X," you should probably avoid answering that you use "Framework X" to solve the problem presented to you by the interviewer. If I ask you to perform a simple task, such as parsing a string in a well-known format, saying "Framework X does that for me" is likely to be seen as a negative. You should be able to do the simple things in PHP itself (e.g. parsing strings).

He points out that, as someone currently in the interview process, he is frustrated by the fact that some developers rely so heavily on the functionality that frameworks give them that they don't know how to do some of the most basic tasks outside of them.

Saying that you use a feature of "Framework X" for simple things is a negative. It sounds like you're dependent on that framework for basic tasks. That means we (the employers) will need to train you how to do it without that framework, and that's a hassle for us.

I was looking at job description for a web developer, and one of the big responsibilities was database maintenance. [...] And along those lines, what other skills would be useful for a PHP developer to have that aren't directly PHP-based?

Suggestions so far include things like:

• Linux command-line skills
• some Python
• Virtualization (making and administering VMs)
• Version control systems (svn or git)
• Database architecture
• HTML/CSS/Javascript