Zendcon 2017 - Talks
"I don't care about technology I care about sales!"Slavey Karadzhov
This is a technical session in which the speaker will share his knowledge about migrating legacy PHP projects to PHP 7. This session is divided in two parts. The first part will explain the advantages that we have seen in real-life large PHP applications. The second part will describe the steps needed to get there and what you should be aware of in order to better plan your PHP 7 migration.
A Real Zend Expressive Application on IBM iClark Everetts
See practical examples, in the context of a working 5250 RPG application, of how to integrate RPG, SQL, and other IBM i platform assets, with PHP. Learn the most up-to-date approach for structuring and configuring a Zend Expressive application. Learn about Expressive, the open source PHP microframework from Zend, and PSR-7, HTTP Messages, and Middleware. How about a real Zend Expressive web application that starts with CRUD, but goes beyond? How should models invoke RPG, DB2 queries, stored procedures? Where are "the controllers?" How do we handle sessions, authentication, caching for performance, and access control with middleware? This is not the standard sample application; this one begins with a small, but complete 5250-based RPG Order Entry and customer tracking application, and leverages the resources to build a mobile/tablet/desktop-friendly web application.
An Analysis of the Quality of Libraries in the Packagist UniverseClark Everetts
How do you find a truly reliable, well-built, and tested package? Do you have concerns about the overall quality and security of third-party libraries and packages you rely upon as dependencies in your code? Does quality have anything to do with number of reported downloads? Come see the results of our analysis of the quality of components available through Packagist - some popular, some under-appreciated - using various PHP QA Tools. Then, see a code module "before-and-after" some refactoring to change the values of a few specific QA metrics, one at a time. Time to relate those abstract metrics to real code!
Apigility and IBM i: A Match Made in HeavenMassimiliano Cavicchioli
The IBM i platform is widely recognized as a supreme apparatus for complex elaborations. The modern, web-based workflows are forcing IBM i based corporations to expand the horizons of its deliveries. Is it truly necessary to denaturalize such a data driven, secure, mean machine? The session will explain how to guarantee the web consumption of the powerful business logic already existing in every IBM i platform, from any kind of device, in a secure and performant manner. The fulcrum enabling these workflows is Zend Apigility, a modern framework for building best-of-breed APIs in no time. The code examples will show typical HTTP-based interactions originating from all sorts of consumers (classic web pages, single page apps, handheld devices, etc.).
Architecting a PHP Application with Interfaces to IBM iChelsea Fenton
In this session we’ll walk through a case study of developing a PHP application using an API to interface with IBM i data. This is a great example of how IBM i developers can leverage their knowledge of business rules and authorization to help speed up the development of PHP applications.
You’ll learn how ZF3, RPG, and Bootstrap were used to develop an application that:
- Separates the front end coding from the backend
- Optimizes the skills of IBM i and web developers
- Works on both desktop and mobile devices
- Integrates with other systems
Becoming a Bug Exterminator!Joshua Copeland
Better Paranoid than Offline - OWASP Top Ten 2017Christian Wenz
The Open Web Application Security Project (OWASP) is most famously known for its list of the top ten security risks for websites. After a long wait, the 2017 edition of the list has been released. We'll have a look at all entries on that list, what's new, what has changed, and what security risks a modern web application will face. And since this is a PHP conference, we'll look how we can mitigate those risks with our favorite programming language.
Big Iron: PHP Lessons from Cold War SupercomputingEdward Barnard
The original CRAY-1 Supercomputer was a 5-ton monster with just 8 MB of main memory, yet programming it can be a fun way to explore subtleties of PHP coding. In this session we indulge in programming "big iron" on "bare metal." We’ll look at CRAY-1 hardware instructions with the aim of understanding logic operations, boolean algebra, and octal arithmetic. As a Cray Research veteran, Edward has carried CRAY-1 logic design to both MySQL table design and PHP coding. After this session, you will as well.
Bring RPG/COBOL Business Logic to the Web with the PHP ToolkitAlan Seiden
Don't reinvent the wheel when developing PHP applications. Instead, re-use your valuable business logic. Reduce risk, speed development, reduce costs when developing web and mobile applications by calling RPG and COBOL programs, system commands, accessing data areas, and more, with the open source PHP Toolkit for IBM i, co-developed by IBM and Alan Seiden. The toolkit is free, flexible, supported by Zend and uses IBM's XMLSERVICE toolkit on the backend. In this session you'll:
- Create a modern PHP-based graphical interface that uses RPG/COBOL/CL building blocks
- Know when to access DB2 directly, and when to call a program
- Optimize toolkit performance
Browser Serving Your Web Application SecurityPhilippe Gamache
Build your APIs with ApigilityChristian Varela
Immerse in the API world with Apigility. Learn how to take advantage of this tool to create APIs from scratch or to expose current functionality from an existent system. You'll learn the core API concepts, processes, functionality, logic, and in general how you can create good APIs, including documentation and all the considerations you must have.
Building a Culture of Respect: How to Find, Hire, and Retain DevelopersCal Evans
Them: We're Hiring! Me: Big deal, who isn't? There is a talent war going on in tech, everybody is hiring! These days’ developers have their pick of jobs, so why should they pick yours? If you say "because you pay more" then you've already lost. High salaries may get them in the door, but it won't keep them in the long run, and it won't capture their hearts and minds, only their wallets. You need a strategy that will engage your developers, something that will make them want to make your projects a success. You need to do more than hire developers and call them a team. You have to build a "Culture of Respect". This session is more than just a guide to help you find developers to hire. It’s more than just a guide on how to set up an effective method of interviewing developers. It teaches you the hard part, keeping them once you've hired them. It takes a lot of effort and money to find and hire developers these day, once you get them, you need to learn to hold on to them. "Culture of Respect" deals with why you want to invest the time and energy to build a team that developers want to be a part of. Once you understand why, you dive deep into how.
Building a Real API Using Command PatternAnderson Casimiro
It is. We'll start from a simple Symfony Microkernel application. Then change the Kernel to use Controllers as Commands and build classes to serve Data and Interaction to endpoints. Then we'll create tests for logic and behavior. Then we'll create more routes. Then we'll connect to a database. Then we'll improve it more. The intention is not to show "how to build an API from scratch" but evolve a Symfony Microkernel project as a Flexible Framework and explore more possibilities using Command pattern to split HTTP logic from business logic.
Building a Solid Cloud Architecture for Small to Medium BusinessesAhmed Dirie
When you're a business with an online presence, achieving a 99.999% uptime is critical. Yet with many small to medium businesses, this is usually either a prayer or a reliance on the in-house IT person to figure things out. In some cases, you rely on a service provider, such as a hosting company, or the managed team assigned to your virtual machine. All in all, it's never really an implementation decision. In this session we'll look at how we can use small to medium businesses can take advantage of the cloud, and use some of the open source tools available to build a solid cloud architecture.
Building Interactivity with WebsocketsWim Godden
The time of static or dynamically generated sites is long gone. Non-stop interaction with users is the new normal. However, polling with Ajax requests is processor intensive and cumbersome. Websockets allow you to interact with users in real time without increasing system load. We'll go through the basics and see all the different options, illustrated with live examples of how and when to use it, as well as when not to use it. Websockets are the new way of providing live interactivity with users, in many cases replacing the need for Ajax requests alltogether. This relatively new technology isn't always as straightforward as it may seem though, as will be demonstrated in several examples.
Building Robots with PHPChristopher Pitt
Are you the kind of person who's too busy working to build robots with PHP? Well, you're missing out! Over the last few years, Christopher has built all sorts of useful robots (Internet of Things machines); to connect to virtual environments, automate the surroundings, or generally make life easier. All of these could be built using little more than the familiar PHP code used 9-to-5 jobs. Join this session to see some of the cool things you can do, with an Arduino, some useful PHP libraries, and a lot of imagination.
Building the Holodeck, one open source brick at a timeJustin Reock
PHP is open source. But it’s only one part of the larger puzzle. Open source powers everything from droids to Mars landers. Justin Reock, who lives and breathes OSS, shares his vision on what open source truly is, what it can be, and how we all participate in this larger community. Mixing Ulysses, Stallman, and Heinlein with his own views, Justin examines the secret life of free software to answer: How do we power the cool things we want, build faster, better, and maintain free software? The Holodeck awaits.
Chatbots are Fun! So Let's Build One!Tessa Mero
Chatbots and conversational agents have become very popular in the recent years and there is a huge research effort to automate conversations in several applications. What are Chatbots? How can it benefit you? How do you write the code for it? These questions will be answered during the session with step by step directions so you can easily follow along. Come join us and build your first Chatbot in less than an hour!
CommonMark - Markdown Done RightColin O'Dell
Markdown is one of the most popular markup languages on the web. Unfortunately, with no standard specification, every implementation works differently, producing varying results across different platforms. The CommonMark specification fixes this by providing an unambiguous syntax specification and a comprehensive suite of tests. In this session you'll learn about this standard and how to integrate the league/commonmark parser into their PHP applications. We'll also cover how to customize the library to implement new features like custom Markdown syntax or advanced renderers.
Create Your Own Dependencies!Joshua Copeland
Do you have multiple PHP projects with the same or similar logic? Are you sick of your team copy pasting code from one project to another? Let's talk about pulling all that shared code into one (or more) libraries and how to implement them in your projects via Composer. We'll also be touching on related topics like Statis, Packagist, Toran proxy, Composer settings, code structure, autoloading, and strategies to use when refactoring classes into your new library. Quit duplicating code and come check out this session!
Cryptography for BeginnersAdam Englander
Cryptography is a complex and confusing subject. In this session we'll distill PHP encryption down to its essential drivers. You'll learn what makes cryptography weak and strong. You'll learn the important questions to ask when making decisions regarding modules and libraries. This session won’t make you a cryptography expert but it will give you the knowledge necessary to protect your software from attack. No prior knowledge of cryptography is required for this session.
Debugging ElePHPantsAdam Culp
Everybody knows how to install a debugger in PHP. Yet very few professional PHP developers have embraced step debugging, and instead do it the old-fashioned way. For many, this is because they simply don't know how to step-debug effectively. In this session we'll see how to debug common issues to speed problem resolution, and spend less time troubleshooting and more time coding. Attendees will walk away with the fundamentals to get up and running quickly, once they get a debugger installed.
Debugging Your Web ApplicationStephanie Rabbani
500 internal server error? Wait, now it's a 404 error. I think it's actually a syntax error. And now my program call isn't returning anything.
Attend this session to hear tips and tricks on how to debug your web application on IBM i, including:
- Analyzing Apache logs and Apache server issues
- Debugging your program calls and Toolkit issues
- Debugging DB2 and library list issues
Defensive Coding Crash CourseMark Niebergall
Ensuring software reliability, resiliency, and recoverability is best achieved by practicing effective defensive coding. Take a crash course in defensive coding with PHP and learn about attack surfaces, input validation, canonicalization, secure type checking, external library vetting, cryptographic agility, exception management, code reviews, and unit and behavioral testing. Learn some helpful tips and tricks from experienced professionals within the PHP community as we review the latest blogs and discussions on best practices to defend your project.
Deploying a PHP Application Across Multiple CloudsAhmed Dirie
- Load balancer
- Caching servers
- Database servers
- File servers
- Web servers
Design Security in PHP Using MiddlewareEnrico Zimuel
Design a secure web application is definitely not a simple task! There are many aspects to consider like how to sanitize the user input, how to provide authentication, how to manage the permissions, how to escape output, etc. Using middleware, we can simplify most of these aspects thanks to the pipeline nature of this architecture design. We'll demonstrate how to implement security by design using middleware and the PSR-7 standard.
Designing Responsive IBM i Web and Mobile ApplicationsChelsea Fenton
IBM i organizations benefit when users can access web applications from both desktops and mobile devices. But how do you accommodate all of the different device types without spending valuable time developing multiple versions of your applications?
Attend this session to learn:
- What responsive design is
- How Bootstrap makes it easier to create responsive web applications
- How to install Bootstrap on IBM i
- How you can use Bootstrap with PHP
Developing PHP Apps FasterAdam Culp
Enterprise PHP development teams, no matter the maturity level, focus on one thing, releasing stable apps that perform. They also want to avoid reinventing the wheel. Therefore, make the investment to listen to the top lessons we've learned from across industries to deliver PHP code faster without sacrificing quality, user experience, or existing workflows.
You will learn:
- How to dig deep into application behavior and performance at runtime
- How to maximize existing continuous delivery principles and tools
- When to take advantage of existing frameworks and extensions and when to do it yourself
- How to avoid reinventing the wheel each time you deploy, upgrade, or rollback
Domain-Driven DataBradley Holt
There are many types of databases and data analysis tools from which to choose today. Should you use a relational database? How about a key-value store? Maybe a document database? Or is a graph database the right fit for your project? What about polyglot persistence? Help! Applying principles from Domain-Driven Design such as strategic design and bounded contexts, this session will help you choose and apply the right data layer for your application's model or models. We'll explore traditional relational databases, graph databases, document databases, key/value stores, polyglot persistence, CQRS, event sourcing, and data layers for microservices.
Expect the Un-expected: How to Handle Errors GracefullyBastian Hofmann
Even though you tested your application perfectly, errors and bugs will still happen in production, especially if other services or databases go down or are under high load. Thus it is very important to see errors happening and to be able to react to them quickly. In this session we'll introduce you to efficient ways for monitoring and logging for errors and show how you can handle them if they happen, covering deployment strategies, using intelligent circuit breakers, and gracefully reducing functionality. The session will give examples and recommendations so that you can quickly get started with implementing these.
Get Started Using PHP Frameworks on IBM iStephanie Rabbani
Are you wondering whether PHP frameworks are worth using when developing your applications? In this session we’ll explore the concept of PHP frameworks, and compare three popular frameworks (ZF3, Expressive, and Laravel) and show you how to get started with all three on the IBM i.
Getting and Staying Fast - A Web Performance Round-upBastian Hofmann
Making and keeping web applications fast is hard work, but also very rewarding and pays off very quickly with higher user satisfaction, increased usage, and better conversions. In this session we'll talk about all the lessons learned by working on application performance at ResearchGate: Why it is actually important, how you can convince your managers to invest time and money in it and what you have to do to measure and improve performance server and client side. Keeping a site fast is hard work, this session will contain lots of techniques that can be used and implemented to actually measure the performance and make the your web page faster.
Gitting the Most Out of Your Version ControlDavid Hayes
Git is everyone's go to method of version control. Our goal is to cover what it is, why it's important, and a few of the superpowers it unlocks. Of course, we'll touch on the basics:
- git status
- git commit
- git pull
But we'll also take some time to understand more powerful commands and features like cherrypick, bisect, and using alternative differential browsers for those hairy merges.
Go Micro with MicroservicesMariusz Gil
Microservices… New architectural style oriented on splitting monolithic codebase into set of small and independent applications built around specific business needs. Microservices might be very useful in some situations, but they also can introduce a set of new problems to be solved, from designing to communication between microservices in production environment. During this session we'll introduce core concepts of microservices architecture, possible implementations using PHP, deployment strategies, and running applications in production environment. You'll also learn about patterns in microservices world; building blocks for your next complex projects. All topics will be presented in code, on real PHP 7 applications powered by microservices.
Going Bare - Writing the Web without a FrameworkSammy Kaye Powers
If you've only ever experienced web development through a web framework, you're missing out. Have you ever been tempted to rewrite a codebase in your favorite framework? That's a smell that you need to come to this session. Being comfortable developing without a framework is a crucial skill to have for refactoring legacy applications. In this session you'll see how to harness the power of going "frameworkless" so you'll feel empowered to make better decisions in your next web project. Be set free from your web-framework ball and chain.
How I Learned to Stop Worrying and Love Regular ExpressionsJordi Boggiano
This session will cover Regular Expressions from the basics to the darkest corners of this arcane art. Regular Expressions, at the core, come in handy to achieve validation and text manipulation tasks. In the day-to-day life of a developer, becoming comfortable with them opens up many more use cases. As one of the tortured souls that actually enjoys writing - and reading - regexes, Jordi will share his passion so that you too can see there is no reason to worry.
How to Go From Developer to StakeholderAnn Gaffigan
Technology is everything these days, and your skills as a developer are in high demand. How can you leverage your unique skill set and understanding of technology to climb the ranks in your company beyond “just a developer?” Ann will tell her story of going from underpaid full-time developer, to broke freelancer, to entrepreneur, and finally to partner and CTO. More importantly, she’ll tell you what she learned along the way about the art of persuasion, transparency as a trojan horse, indispensability, confidence, standing your ground, and ultimately how to be treated and respected as a leader and not an employee. Disclaimer: I cannot confirm or deny that I have a problem with authority and a thirst for power.
HTTP/2 and Asynchronous APIsDavey Shafik
HTTP/2 (H2) is coming, and along with it a whole new way of communicating over the web. Connection re-use, prioritization, multiplexing, and server push are just some of the features in H2. In this session we'll look at the HTTP/2 protocol, and at how we can use asynchronous request now with HTTP/1.x. We'll also look at what asynchronous requests and H2 mean for your API and clients in the future.
IBM i Ask the ExpertsMike Pavlak
In this session various IBM i centric experts will assemble for a rapid-fire Q&A session including folks like Rod Flohr, Mike Pavlak, Alan Seiden, and many more. No topic is off limits as long as it pertains to the web enablement of IBM i.
Identifying and Managing the Risks of Open Source Software for PHP DevelopersDave McLoughlin
Do you really need to worry about using open source software in developing commercial applications? In this session we'll talk about the key risk areas, how to identify and quantify the risk, and what steps if any are needed to deal with the risks.
We've all heard about security risks and license compliance risks associated with OSS, but how do you identify these risks and how do you manage them? After this session, you'll have the information to better understand how to assess these risks. It will provide you with no nonsense steps to take to manage your OSS so you can rest easy and not worry if these issues will affect you or your business.
The session will include:
- Key risk areas and how to identify them
- Common use case scenarios
- Understanding and developing risk remediation strategies for OSS use
Implementing LanguagesChristopher Pitt
Programming is hard. Making compilers is harder. Or so people think. The truth is that making a compiler is just a series of small steps, using regular language constructs. It's so easy, we'll make one in this session. Many developers (especially those who are self-taught) believe the lie; that making compilers is too hard for them. That they lack the tools and knowledge to bring their ideas about programming languages to life. There's a lot of complex thinking that goes into mainstream compilers, but that's no reason not to try! We can make less efficient compilers and interpreters which enable the same amount of power and flexibility as mainstream compilers. We could use tools like Parser Expression Grammars or JISON, but this session will look at something even simpler. Let's build our own cross compilers using regular expressions and a stack. Let's implement our own programming languages, in real-time.
Industrial Workflows with the Expressive FrameworkMassimiliano Cavicchioli
- An API-based (REST, RPC) workflows manager (validation, analysis, propagation, etc.)
- Modular, independent, business logic units covering many common aspects related to industrial workflows
- An API-based (RPC) workflow implementer created by the manager on top of the business logic units
Install MariaDB on IBM i - Tips, Troubleshooting, and MoreRod Flohr
MariaDB is the new open source drop-in replacement for MySQL that has been adopted by IBM for use on Power Linux and IBM i. ZendDBi is the installer provided by Rogue Wave Software for installation of MariaDB on the IBM i. In this session we'll show how to use ZendDBi to install MariaDB and provide some important tips for post-installation. We'll also demonstrate troubleshooting some common installation issues. While most installations of MariaDB are trouble free, the troubleshooting procedures will give us a chance to understand a bit more about the operation of MariaDB on the IBM i. It'll also give us the opportunity to explore some concepts on IBM i that may not be familiar to some RPG programmers.
Kubernetes is your DevOps GuyBrent Shaffer
You're not the DevOps guy, and you hate bash scripts. You want to deploy a scalable and secure PHP application, but you spend most your time in application code. This session shows you just how easy it can be to achieve security and scalability in the PHP ecosystem using Docker containers. By the end of the session, you'll be able to deploy an autoscaling Kubernetes cluster of PHP frameworks and microservices.
LAB - Basic PHP to Access Your Data on IBM iJohn Valance
In this session you'll learn about and practice basic PHP syntax, as well as how to access DB2 data to populate HTML documents. You'll learn about how to read input from the browser and dynamically build an HTML document using a combination of HTML, PHP, and SQL. We'll review the HTML tags for tables, forms, and input fields in order to create prompt screens and database inquiries. This session is geared toward the RPG programmer with limited or no experience developing PHP web applications.
This will be a self-guided lab – i.e., you will follow clear instructions from a printed lab guide, sometimes writing code from scratch, and sometimes using templates with key pieces missing, in order to maximize your time.
Rather than focus on language syntax directly, these exercises will teach you syntax through the applications you are building. In the process, you will also get exposure to some of the most important HTML tags that you need to create useful business applications with PHP. You’ll also get some experience using Zend Studio, the premier IDE for PHP development on IBM i.
IMPORTANT!! – LAPTOP REQUIREMENTS: This is a hands-on lab. To participate in this workshop, you will need to bring your own laptop, with the Zend Studio IDE installed, before arriving. You can download this from http://www.zend.com/en/products/studio/downloads. Choose the OS that runs on your laptop (Windows/Mac/Linux) and click the Download button. If you already have an older version of Zend Studio installed on your laptop, it should be fine, but I recommend version 10 or higher. Please see the release notes for the version of Zend Studio you are using for specific system requirements. If you have trouble getting Zend Studio installed, you can contact the instructor for assistance: firstname.lastname@example.org. The server used is an IBMi server running DB2 and Zend Server, and this will be provided for you via remote access.
Learn Unit Testing with KatasDavid Hayes
In this session we'll introduce the core concepts of unit testing and TDD — what it is, how it's done, why it matters — and then jump into doing it with one of the most time-tested techniques to comfortably start to get comfortable with the idea: code katas. Code katas are a systematic practice where you solve a specific code problem for about 25 minutes. After that, you throw the code away! This means they're the ideal safe places to learn new things and stretch our boundaries. We'll do one live front-to-back so you'll be comfortable taking the idea and doing it on your own.
Lessons Learned Building the Composer InternalsJordi Boggiano
This session will dive into Composer's guts to see which choices we made worked and which ones did not. After six years and a few hundred thousand users, the Composer code has been through many iterations, problems, and successes. Let's have a retrospective to see what we can learn from it.
Let the Architecture EmergeJason McCreary
We often have the tendency to over engineer our software. We want to use the latest packages, integrate with the hip services, and adopt those shiny patterns. Jason's here to say, “you aren’t gonna need it”. In this session we’ll take a look at how to practice YAGNI and what that means when writing code and making design decisions.
Leveraging Composer In Existing ProjectsMark Niebergall
Keeping external libraries current and organized can be a tedious and risky task. Converting those libraries from embedded inside a codebase to being included via Composer is a clean and efficient solution. Learn how to migrate and autoload those libraries, use the composer.json and composer.lock files, find new libraries, and run Composer commands. Use what you learn to clean and organize your codebase to make it easier to maintain, and more lean and better to work with.
Machine Learning for the RescueMariusz Gil
Gathering the data is not a problem today. The bigger challenge is how to understand this information and draw some conclusions. Fortunately, we can use some techniques like machine learning to teach computers how to learn from our data. Fast artificial neural networks, random forests, SVMs, classification, clustering - just to name a few concepts. We'll apply all these solutions to PHP applications to deliver automatic insights/predictions and create a real business value for a client. By the end of this session you'll be familiar with machine learning ideas and prepared to solve unsolvable problems in PHP.
Make your Application ExpressiveChristian Varela
Learn the concepts of PSR-7 middleware with Zend Expressive and how your application could be developed from scratch adapting those concepts with a new mindset. You'll see the different approaches, advantages and disadvantages, and the contrast of this paradigm and other more conventional paradigms.
Make Your IBM i Sizzle with WordPressAlan Seiden
WordPress lets you create a website by choosing a theme and adding your own graphics without touching a line of code. This popular open source application also has thousands of plugins to add features to your site. Best of all, it runs on IBM i, and can leverage your own DB2 data and RPG programs. Learn why WordPress on the IBM i can be the most powerful WordPress anywhere. Since WordPress is based on PHP and MySQL, you'll get a taste of those technologies as well.
In this session you'll:
- See what your IBM i can do with WordPress, how you can quickly create a website that will wow the business people in your company
- Get a taste of how open source technology runs the web
- See your IBM i data and RPG output on a WordPress site on IBM i
Meet Johnny the Deployer: A LAMP Stack Professional's Journey to Artificial IntelligenceGeorgiana Gligor
- “What tickets are ready for QA?”
- “Prepare a release candidate and deploy it to QA”
- “When did we last install the API in staging?”
- “How did the traffic look for the last 36 hours?”
- “How many sales are there today compared with last week?”
- “What version of the API is installed in production?”
- “How many servers are we using now in the integration environment?”
- “What is the medium load across the cluster in the last three days.”
- “List the last three deployments in the way environment.”
- “Who ordered the update on release candidate?”
Multi-factor AuthenticationPhilippe Gamache
MySQL JSON Data Use GuideDave Stokes
MySQL 5.7 provides a JSON data type. Previously you could store JSON formatted data in some sort of text field but then you would have to use REGEX which would reduce the quality of your work life, make your grumpy, and would be frustrated when you had to maintain it. Now you have over two dozen functions, can create materialized columns from JSON data that can be indexed for fast searchers, and can output data in JSON. This is a quick introduction for PHP developers to learn to incorporate this new data type with plenty of programming examples.
MySQL 8Dave Stokes
MySQL 5.7 was the most popular version of the open source database. But several legacy problems needed to be solved, performance increased, and new features added. The biggest change is a true data dictionary which removes all those odd little files with meta-data (.frm, myi, myd, etc) and provides transactional ALTER TABLEs. Plus you see Invisible Indexes, roles, CTEs/Windowing functions, UTF8MB4 support, and learn what happened to MySQL 6 and MySQL 7.
Nom Nom: Consuming REST APIsTessa Mero
Feeling hungry? You’ve came to the right place! As APIs have become increasingly more important and popular in usage in the past few years in web development, it is important to understand the basics of what they are and why to use them. We'll be going over the basics: The What’s, Why’s, Where’s, and When’s. You'll learn the basics of REST APIs and we'll show you how you can use POSTMAN to test making REST API calls. By the end of this session, you’ll be able to go home and make REST calls on any API.
Offline Sync for Progressive Web AppsBradley Holt
Open Source Applied - Real World Use CasesJustin Reock
For enterprises, it's rarely a single function causing your OSS problem, it's a combination of architecture, packages, or networks. Spend an hour examining real-world use cases and learn:
- Typical architectures (OSS, commercial, and more)
- Top issues we see in the field
- Top packages and why they're chosen
Particulum Mobile: Zend Expressive Microservices in Docker SwarmJan Burkl
What's the benefit of microservices? They are easy to maintain, easy to link and easy to scale. Theoretically. The tiny sample app "Particulum Mobile" gives us an introduction into the power, flexibility and simplicity of Zend Expressive as the basis for microservices. Let's talk in this session about a straightforward process to deploy the Zend Expressive part - and a HTML/JS frontend - to a Docker Swarm and see how it scales!
PHP 7.NEXT: The New BitsDavey Shafik
PHP 7.0 is old news, PHP 7.1 is the new hotness. As the first point release in the 7.x series, 7.1 will set the tone for future releases of the highly successful PHP 7. PHP 7.1 is shaping up to be an even more feature-filled release than 7.0, join me and walk through what's coming up in the most exciting release yet.
PHP Installed on IBM i - The Guided TourRod Flohr
Everyone knows installing PHP on IBM i is easy. Just download the save file and run the RSTLICPGM command. But not everyone knows what that RSTLICPGM does. What is it putting on the machine? Where is it putting it? How does it all work together? In this session we'll take a look at the IFS directories added by the Zend Server installer to see what's in them. We'll see where PHP and PHP extensions, Apache and FastCGI configurations, log files, and more are kept. We'll also talk about how these new file objects interact with existing prerequisite software on the IBM i to present dynamic pages to the web. This session is for PHP developers and administrators interested in learning how PHP fits in with the unique operating environment of IBM i.
PHP Prepared Statements and MySQL Table DesignEdward Barnard
When using a PHP framework, standard practice is to use an Object-Relational Model (ORM) for database access. However, with high-volume logging and statistics-gathering, it pays to go "old school" with PHP prepared statements. Meanwhile, when MySQL tables quickly grow by millions of rows, table storage space becomes an issue. Our table design must focus on keeping these tables more compact and efficient. Here too, prepared statements simplify both coding and table design. This session will use CakePHP 3's excellent support for PHP prepared statements, but all concepts are native to PHP and apply to any project striking this use case.
Playing with the New Toys in PHP 7.0, 7.1, and 7.2Cal Evans
Things change fast in the PHP world. If you don't stop every once in a while and look around, PHP will pass you by. With regular point releases coming out, it's tough sometimes to keep up with all the new features that the core developers are constantly giving us. Join this session as we walk through the changes that came with PHP 7.1. We'll take a look at the important changes and how you can use them in your projects. Along the way, we'll say a fond farewell to some features that have served their purpose and are now just a fond memory...or nightmare.
Practical PHP Deployment with JenkinsAdam Culp
Developers would love to "automate all the things", but where do we start? What tools exist for automating? And what can actually be automated? If we don't have unit tests, can we still benefit from deployment automation? This session will show how a PHP application pulled from Git, complete with unit tests, Composer dependency management, and package creation, can be deployed flawlessly using Jenkins. Then see how "Dev" and "Ops" are supported by a system if the application breaks through automated rollbacks.
Refactoring Done RightBrandon Savage
Everybody talks about refactoring, but what's the best way to actually refactor a part of your application? Come watch a live session where we'll refactor a piece of code and come away with a well-designed solution. Along the way we'll learn how to spot candidates for refactoring, and pitfalls to avoid.
Review Unknown Code with Static AnalysisDamien Seguy
Code quality is not just for Christmas, it is a daily part of the job. So, what do you do when you're handed with a five feet long pole a million lines of code that must be vetted? You call static analysis to the rescue. During one hour, we'll be reviewing totally unknown code: no name, no usage, not a clue. We'll apply a wide range of tools, reaching for anything that helps us understand the code and form an opinion on it. Can we break this mystery and learn how everyone else is looking at our code?
Rise of the Machines: PHP and IoTColin O'Dell
The Internet of Things (IoT) is fundamentally changing how we interact with the digital world. In this session we’ll explore the implementation of real examples which bridge the gap between the physical and digital world using PHP: asking Alexa for information within a PHP application; displaying API data on an Arduino-powered display; using PHP to control LEDs on a Raspberry Pi to monitor application uptime; and connecting IR sensors to Slack to see whether a conference room is in use.
Silo-Based Architectures for High Availability ApplicationsGeorgiana Gligor
Data redundancy, computing clusters, load balancing, fail-over mechanisms, each of these individually addresses one potential issue, but none treats systems in your organisation holistically for maximising business revenue. You'll learn how to stop hating your existing infrastructure, prepare it for the leap to high availability using simple and intuitive changes that your DevOps team will love. Silos are a clever method of grouping servers in such a way that they can be scaled both horizontally and vertically, depending on the actual application needs. Most importantly, it frees you from over-optimizing the architecture upfront, by allowing fine adjustments easy to integrate in your Agile workflow. And they offer real A/B testing for your infrastructure and backend code. Then we'll look together at the awesome new things that you can do with your new silo superpowers. You'll be able to impress not only your fellow tekkies, but also marketing with helpful new tricks.
Static Analysis Saved my Code TonightDamien Seguy
Static analysis tools checks PHP code without running them. Fully automated, they bring expertise to review the code, enforce good practices when programming, keep code ready for the next PHP version. PHP 7 has developed tremendously our capacity to audit code. Thanks to AST and return types, it is possible to go deeper and prevent more bugs. During this session, we'll review the current state of static analysis tools, learn what they can find for us, and how to integrate it in the development cycle: security bugs, migration incompatibilities, and directives recommendations. Simply said, better PHP coding.
Symfony 4 - Developer eXperienceAnderson Casimiro
By the end of year we'll receive a brand new Symfony version on which we'll get an easier to use more flexible framework on our hands. Symfony team plans some deep changes on framework while it's still have a solid base. Say goodbye to old style bundled improvements and welcome auto-configuration. Symfony 4 will support only PHP 7 so there will be some deprecations from 3.4 version. The main purpose is to bring an improved developer experience to Symfony users as basis of the framework keeps strong as always. This presentation will cover all news from a developer sight.
Tackling the Beast: How to Gradually Upgrade a Legacy Code Base to PHP 7Ann Gaffigan
Hypothetically speaking, what if you wanted to change all of the lightbulbs in your house to use LED bulbs, but your current wiring didn’t support LED bulbs? You would need to re-wire your house, which would take a long time. In the meantime, you wouldn’t have any working electricity. Is there a better way? What if there was an adapter that could transition LED to work with old wiring if necessary, or if the wiring was new, just work as usual? That’s a metaphor for how I figured out how to gradually upgrade a legacy (LAMP) code base to be compliant with PHP 7.0. Since PHP deprecated the MySQL extension functions as of PHP 5.5.0 and removed in 7.0, we needed to transition a LOT of code in a legacy system to use the modern MySQLi extension functions. In trying to figure out how to upgrade the code base without ceasing new development on the system, we decided to use an adapter database class to allow us to transition gradually. In this session, we'll explain how the adapter class works and also the rules we put in place to ensure there was an end to the transition tunnel.
Test Driving Test Driven DevelopmentJason McCreary
We've all been to the sessions about the tools for test driven development (TDD). But TDD is not just about writing tests, it's about driving development through testing. There's a very specific process of TDD with red, green, and blue phases. There's also different patterns, like outside-in or inside-out. In this session we'll focus on these practices by TDDing a common data structure from start to finish. You will gain experience and leave with tips to help them practice TDD in the real world.
The Middleware ExpressMatthew Weier O'Phinney
Has enterprise PHP got you down? Does juggling dependency management, SOLID principles, and spiraling complexity make you yearn for the simpler days of one-off scripts?
What if we could once again embrace that simplicity, while retaining the ability to execute complex requirements? What if we could reduce the amount of code in our apps in a real way? The solution exists already: middleware!
Discover how middleware can help your organization, from developing one-off prototypes to full-featured, complex enterprise applications, transforming your application development lifecycle.
The Most Exciting Features of PHP 7.1Enrico Zimuel
Many frameworks and applications are bumping their minimum PHP requirement to 7.1; do you find yourself wondering why? PHP 7.1 contains new exciting features and improvements that can facilitate the life of many PHP developers. During this session we'll cover some of these new features like nullable types, catching of multiple exception, void return types, class constant visibility, authenticated encryption in OpenSSL, and more.
The Possibility of PHP – The Weird and Wonderful Stories of the Web and Where We’re HeadedZeev Suraski
The web revolves around PHP, and PHP evolves with it. In his keynote, Zeev will explore how PHP has impacted and continues to impact people's lives, and will share less commonly known and downright unusual PHP stories. Looking to the future of PHP and the web, he'll provide a glimpse of PHP’s upcoming technological advancement.
The Promise of Asynchronous PHPWim Godden
From ReactPHP to Facebook Hack's Async implementation and many more, asynchronous programming has been a hot topic lately. But how well does async programming support work in PHP and what can you actually use it for in your projects? Let's look at some real-world use cases and how they leverage the power of async to do things you didn't know PHP could do.
The Red Team is Coming!Adam Englander
The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this session we'll put a human face on the users of our software. It will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join us in the fight. The Red Team is coming!
The World of Open Source on IBM iKevin Adler
There's a whole world of open source software available on IBM i, whether that software comes from IBM, another software vendor, or even something you found on GitHub. Learn about some of the available software packages available to you from all of these sources.
There's a Middleware for That!Matthew Weier O'Phinney
Ever need to add authentication to an application? Or log HTTP messages? Maybe you wanted to trim trailing slashes from URIs. Or add security features such as CORS, Content-Security-Policy, or other headers. How do you easily enable the features, or enable them only for certain contexts within your application? The PSR-7 HTTP Messages specification created an ecosystem of PHP middleware that provide solutions to these problems! We'll cover creating an Expressive application that composes middleware from a variety of ecosystems in order to demonstrate that, in the end, there's a middleware solving every problem.
Transforming WordPress Search and Query Performance with ElasticsearchTaylor Lovett
WordPress traditionally uses MySQL. MySQL is a powerful relational database but falls short on complex multi-dimensional queries and search. At 10up, the largest WordPress-centric agency in the world, we use Elasticsearch and ElasticPress, our open source solution for integrating Elasticsearch with WordPress, to transform search and query performance on some of the biggest, most high-traffic WordPress installations in the world. This session will dive into optimizing Elasticsearch and WordPress for highly relevant search results and high performance.
Understanding Open Source LicensesDave McLoughlin
- How OSS licenses are enforced
- What are the main types of OSS licenses
- How to identify them
- What steps you need to take to ensure you are complying
Watch the Hacker HackMichael Hess
This interactive session will outline a range of common vulnerabilities in websites. You'll watch Security Team members try to hack these sites and share their thought process as they go. You'll learn how to think like an attacker so you can better understand common vulnerabilities and we'll cover best practices for configuring and protecting your sites. Finally, we’ll share how the Drupal Security team oversees security across this global open source community.
Web Security: Website Hacks and Heists, Be a Detective and Find out `Whodunnit`Michael Hess
Become a web security detective and join us as we look at some cases of compromised websites drawn from real-life events. We'll cover four tales of hacked sites, from uncovering the hack, to tracking down the root cause, to mitigating the problem. You'll learn techniques for trouble-shooting hacked sites and increase your awareness of common attacks. We aim to make web security more engaging by inviting session participants to use their creative problem-solving abilities to learn how to track down the causes of common website hacks. We'll also cover security issues unique to the Drupal content management system. While web security can be intimidating to beginners — including early-career web developers — it's not difficult to maintain a secure Drupal website. We'll share best practices and recommendations as to how to approach security for your site.
What You Need to Know Before You Deploy Your Next MongoDB ImplementationBill Crowell
You're days away from rolling out a MongoDB application to production. Your code and data model is set. Integration testing is successful, and the business has given its blessing after thorough testing. Performance testing commences revealing a critical issue on a common use case in your application. Any changes to your code will require a new QA cycle delaying your production rollout. What can you do?
NoSQL databases promise quicker iterations allowing you to deliver more functionality for your business, but there may be obscure signs of trouble you are overlooking.
This session will show you how to uncover performance problems before deploying to production, and empower you with knowledge of tools that assist developers and administrators to achieve high read and write throughput. Discover how to attain maximum performance in environments with redundancy and high availability with ease.
Who's Doing What with PHP on IBM iMike Pavlak
In this session we'll review three customer account stories where the combined PHP and IBM i solution is really changing the game for the company. We'll also talk about the latest and greatest product features and get the inside scoop on what's coming up soon.
Why Did My Project Fail?Brandon Savage
Failed projects are a reality of our business, with more than half of projects failing to come in on budget and on time. Yet despite the consistent failures and the platitudes for avoiding them, projects still fail with stunning regularity. Come learn why projects fail, and how you can break the cycle.
Why You're Not Secure: Apache, OpenSSL, and PHPAndrew Carr
PHP 7 has been released and your production environment needs to be upgraded. Apache 2.4 came out 5 years ago, yet you are running Apache 2.2. OpenSSL 1.1.0f is the current GA version, your servers use OpenSSL 0.9.8. A lot of companies have outdated software running in live environments, making them vulnerable to commonly exploitable weaknesses. Based on information gathered working with dozens of companies, it's commonplace to see servers running open source software that is 5, 10, or even 15 years old. A simple Google search for vulnerabilities on these older versions produces exploits and kits that any person can use to wreck your company’s share prices, data, and reputation. Learn how to protect yourself, your team, and your company from threats by these methods.
We'll use some common techniques to upgrade and harden our servers, concentrating on PHP, Apache, and OpenSSL. Hardening the operating system needs to happen as well, but this session focuses on the software. Bringing your coworkers, employers, and colleagues on board with your migration plan will allow you to more easily move from the old to the new. We'll also cover the skills you need to learn, the resources available to assist you, and the methods to accomplish a migration that will result in a secure and robust production environment.
Writing Tests for PHP SourceSammy Kaye Powers
As you might have already heard from a grumpy individual, adding more tests to your codebase is crucial to its stability over time. This session isn't about adding tests to your PHP codebase, but adding tests to the PHP language itself. And the best part is, all the tests are written in PHP so you don't even have to dust off that old C book from college. In this session you'll see how to find untested parts of the PHP source code, how to write a test for the untested feature, and how to submit your tests to PHP internals. Not only will you be making PHP more stable and reliable, but there's a good chance the tests you write will give you a deeper understanding of PHP; knowledge you can use to improve your own codebases. Not to mention you'll be able to call yourself an internals contributor. Come on in! The water's fine!
Zend Server in Docker Swarm: Deployment and MoreJan Burkl
Cluster management, decentralized design, scaling, load balancing, and rolling updates. These are some of the beneficial features of Docker Swarm. But how can you utilize them in conjunction with an enterprise PHP stack? Is Zend Server the right choice? What has to be considered from a DevOps point of view? In this session see how to provision and deploy a Zend Server Service, update a PHP app container, use a clustered session handling, and experience how networking is handled in a Docker Swarm setup.
Zend Studio Tips and TechniquesJohn Valance
If you're new to using Zend Studio, or if you haven't yet had training in using this tool, you may not be aware of many of its features, some of which can save you a lot of time and frustration. Zend Studio is the PHP editor provided free to IBM i customers with a full year of free support and upgrades. Using a live version of Zend Studio, we'll cover some basic concepts of the IDE and demonstrate some popular features and techniques. We'll discuss perspectives and contrast the Remote System Explorer with the PHP Perspective, and demonstrate some of the advantages of the PHP perspective for developing larger projects. We'll also cover editing shortcut keys, creating templates, using filters, and more.