What feeds do the super star PHP/ JavaScript web developers subscribe to? What are the essential PHP/ JavaScript/ Web Development feeds? I have shared my fledgling list below. Many of these feeds were recommended by my friends at PHPWomen, others I somehow stumbled across myself and some I picked up from articles tweeted with the #linktuesday hashtag, which are aggregated here.

So far, the links include php|architect, Planet-PHP.net, the YUI blog, Matt Gemmell's blog and Evan Goer's blog. If you have others to share, be sure to leave them in the comments!

These days, security is paramount to any server installation, large or small. Most modern operating systems have embraced the concept of the separation of file rights via a user/group ownership paradigm, which, when properly configured, offers a wonderfully convenient and powerful means for securing data. In this section, you'll learn how to use PHP's built-in functionality to review and manage these permissions.

They introduce functions like:

• chown
• chgrp
• fileperms
• isexecutable
• umask

Sample code is also included to show how to open and close a file.

For our most recent After Work Hacking my co-workers and me decided to write unit tests for the open source project Assetic. That turned out to be a better decision than our last one, yet we still ran into an interesting challenge.

In testing the HttpAsset class from the tool, they came across the problem - a call to a remote/file resource that could not be tested because of a file_get_contents call that depends on an external source. They came up with a few options to try to test this example, some better than others:

• Give it a real URL to test with
• Wrap the file_get_contents inside of a new class (ex. a "ContentFetcher")
• Use vfsStream to mock out the file system in the unit test

In their case, vfsStream couldn't be used due to how the fetch call was made, but the tool can be very handy if you need to mock out an external file system resource.

I started to work on/figuring out the security part in Symfony2 and one part where the docs fail so far is to explain how to import security settings from a bundle. Once I put some thinking into it, it's pretty easy actually. Simply import the needed security file in your main config file.

His trick is to use the "imports" key in his YAML config file to define the resource to pull from in his config.xml. More information on the format of the security file can be found here in the Symfony documentation. It helps you define authentication mechanisms, authorization models and working with access control and roles.

We've taken a library that's outside the framework and want to find an elegant solution that takes advantage of the configuration tools that are already available in the Zend Framework.

He takes the previously hard-coded settings for the HTMLPurifier and moves them into a method where they can be set in a configuration file. You can watch the video via the in-page player.

sing 2007 article Create turbocharged storage using tmpfs, we can defeat some of this over-engineering and take a simpler approach to speeding up sessions in PHP. We'll store them decentralized in memory by mounting RAM onto the existing /var/lib/php5 session directories throughout your application servers, which I will call nodes from now on.

He includes the commands you'll need to make a directory live in the RAM of your machine and how to migrate the existing sessions to this new data store. He covers some of the advantages of this approach (including that there's "less tech" involved so it's easier to manage). There is one point of failure he points out - that it wouldn't be a solution you could use for websites that might need to bridge sessions across machines.

I'd gone through all the handshaking steps, got the acces token and was ready to start talking to the service itself. However when I tried to call OAuth::fetch, I got an error message: Fatal error: Uncaught exception 'OAuthException' with message 'Invalid protected resource url, unable to generate signature base string'

As it turns out, the issue was obscure - the address she was connecting to was missing a training slash (http://api.localhost versus http://api.localhost/) and it was causing the OAuth fetch to fail (apparently undocumented). If you're interested in some of the other things that have come up in her work with OAuth on the project, see here.

His talk introduces you to bootstrapping, shows how to get started with Zend_Tool and shares code and configuration details for using resources in your controllers.

You can listen to this latest episode either through the in-page player, by downloading the mp3 or by subscribing to one of their feeds. The slides are also on Slideshare if you'd like to follow along.

Let's say that you want to use your own view object within your Zend Framework application. Creating the view object is easy enough in library/App/View.php along with adding the App_ namespace to the the autoloader in application.ini. All we need to now is get Zend_Application to bootstrap with our new view class. There are two ways of doing this: within Bootstrap.php or using a custom resource.

He includes the code to make it happen both ways - by adding an _initView method in the application's Bootstrap.php file or by creating a new class called App_Resource_View that overrides the getView() method that grabs the custom object.

every once in a while I hear some plea for the great PHP community that makes me a bit nauseous. "Sharing code, knowledge, elePHPants, it's all so fun to share and be part of this great club of lovely people! I share my project with you and you share your project with me. And then we hug! Weeeee!!!" Well f*ck that. [...] So besides the hippy arguments, the PHP community also has some great, more down-to-earth things to offer for companies, developers and everybody else involved.

He's made a list of four things (of the many) that the PHP community offers like being able to contribute to open source projects, being able to open source your own projects, attending the many conferences and user groups to "learn and be inspired" by others and, of course, the great online community in the form of tutorial, IRC channels, mailing lists, etc.