Tools for your Arsenal

Note: Talks are subject to change.

Web Security and You

By: Oscar Merida
Track: Tools for your Arsenal
Discussion: Web Security and You
Keywords: Security, Web Security, PHP, XSS, CSRF

XSS, CSRF, Hijacking, Injection, ClickJacking... Come learn all the basics that you NEED to know to protect your software on the web.

This talk will focus on XSS, CSRF, Session Hijacking, SQL Injection, and other security vulnerabilities that need addressed in Website Development. This talk will cover a gambit of these issues, giving specific code examples showing what the vulnerabilities look like and how to identify them. It will then present solutions to close them down and protect yourself.

Composer: From Beginner to Expert

By: Jonathan Klein
Track: Tools for your Arsenal
Discussion: Composer: From Beginner to Expert
Keywords: Composer, Autoloading, Dependency Management

Learn how to use Composer to manage your PHP dependencies

Composer might be the biggest step forward in PHP dependency management that we have ever seen. It is easy to use, powerful, and versatile. In this talk you will learn how to set up a new project, find packages, create your own package, and how to use composer to autoload your own custom code.

PHP 5.NEW: The Best Bits

By: Davey Shafik
Track: Tools for your Arsenal
Discussion: PHP 5.NEW: The Best Bits
Keywords: PHP, Namespaces, Closures, Traits, Generators, Variadics, Splat, Composer, PSR-0, PSR-4, Autoloading

Get yourself up to speed with all the major new features in PHP since 5.3!

Are you still stuck on PHP 5.2? Looking to migrate from 5.3 to the latest and greatest?

This talk will cover all the best new features and tooling since PHP 5.3, all the way up to PHP 5.6 and beyond.

Namespaces, Closures, Traits, Generators, Variadics/Argument unpacking, Composer, PSR-0 & PSR-4 autoloading and more!

Intro to Laravel 4

By: Ben Edmunds
Track: Tools for your Arsenal
Discussion: Intro to Laravel 4
Keywords: PHP, Frameworks, Laravel

Introduction to the Laravel 4 framework. Learn why this new framework has been taking the PHP world by storm.

Are you ashamed to admit you're a PHP developer? Have you been using the same old, boring PHP framework for years? Tired of your PHP applications turning into enormous beasts? Maybe you've heard about Laravel but haven't made the effort to dive into it? In this presentation, we'll walk through what makes Laravel an elegant, fun, and exciting framework to make PHP applications that you'll be proud of.

Under the hood of the HHVM JIT Compiler

By: Ed Smith
Track: Tools for your Arsenal
Discussion: Under the hood of the HHVM JIT Compiler
Keywords: Hhvm, Hack, Hacklang, Llvm, Facebook

There are about as many compilation strategies as there are PHP engines. The just-in-time (JIT) compiler inside Hip Hop Virtual Machine (HHVM), an open-source virtual machine designed for executing programs written in PHP and Hack, has been evolving quickly in the last year or two. Come hear the latest on how it compiles your standard PHP to optimized X86-64 machine code. HHVM uses a three-stage approach including an interpreter, profiling mode, an optimized mode, and we're busy at work experimenting with LLVM.

Profiling Your PHP with XDebug and Cachegrind

By: Lincoln Maskey
Track: Tools for your Arsenal
Discussion: Profiling Your PHP with XDebug and Cachegrind
Keywords: Xdebug, Profiling, Cachegrind

In this basic primer, Lincoln will introduce you to the profiling features of XDebug. Following that, he will run through a small example program and begin to profile that code using a Cachegrind GUI as an example for finding optimizations. The goal is simply to understand the workflow of profiling your code and learn how to quickly find, understand and resolve possible bottlenecks.

Code Quality, By The Numbers

By: Anthony Ferrara
Track: Tools for your Arsenal
Discussion: Code Quality, By The Numbers
Keywords: PHP, Code Quality

Quite often we hear people talking about how to write better code, how to build systems better or how to leverage new technologies to produce better software. But how can we objectively quantify whether code is good or if it needs improving? How can we analyze an existing codebase to see what parts need improvement without spending weeks reading through the source code? The answer is provided by static analysis tools like pDepend and PHPLOC. But the results that they produce can be extremely cryptic and hard to understand. From acronyms like NPATH and CRAP to metrics like Cyclomatic Complexity and Fanout, there's a whole treasure trove of information just waiting to be descifered. In this talk, we'll explore some of the tools available for measuring software quality. We'll dive into some of the theory behind the metrics that they analyze while looking at some real world applications of those metrics. We'll also explore how to use these tools to gain valuable insight into legacy codebases. Finally, we'll look into methods to integrate those metrics into your development workflow to help improve the quality of the applications that you build.

Enforcing Coding Standards with PHPCodeSniffer

By: Bradley Jacobs
Track: Tools for your Arsenal
Discussion: Enforcing Coding Standards with PHPCodeSniffer
Keywords: PHP, Tools, Coding Standards

Coding standards make code consistent, readable and maintainable, but can be difficult to enforce across teams. Enter, PHPCodeSniffer.

Coding standards help make code consistent, readable and maintainable. It can be difficult to enforce those standards across teams, though. Enter, PHPCodeSniffer. We'll take a look at this command line tool, how to create 'sniffs', using a sublime-text extension and then use the sniffs on existing code.

Automated Web Testing with Jenkins and Selenium RC

By: Raymond Plante
Track: Tools for your Arsenal
Discussion: Automated Web Testing with Jenkins and Selenium RC
Keywords: Jenkins, Selenium, Testing, Continuous Integration

Automated running of Selenium tests inside of Jenkins CI

Automate your web testing! This talk will review Selenium / Selenium RC and then review how to set up, run, and report the Selenium tests via the Continuous Integration platform Jenkins using Selinum RC in headless mode on Linux. It will cover in detail all necessary Jenkins plugins and components.

API First: Design First, Prototype First with RAML

By: Mike Stowe
Track: Tools for your Arsenal
Discussion: API First: Design First, Prototype First with RAML
Keywords: Raml, API, REST, RESTful, Documentation, Design

API dev today is code first and design later. In this session we'll take a look at how to test your API before writing one line of code!

The greatest challenge in software development is designing for longevity, especially when your application is being used by thousands of other developers and needs to remain backwards compatible. In this session we'll take a look at building a solid REST API with a quick overview of what it means to be REST, best practices, and how to use RAML to build a prototype of your API that can be critically reviewed by your developers before ever writing one line of code. We'll wrap up showing how the same RAML you wrote for designing your API works to keep your documentation up to date and provides even more powerful tools to get developers using your API right away.