Zendcon 2017 - Talks

"I don't care about technology I care about sales!"

Slavey Karadzhov Beginner

This is a technical session in which the speaker will share his knowledge about migrating legacy PHP projects to PHP 7. This session is divided in two parts. The first part will explain the advantages that we have seen in real-life large PHP applications. The second part will describe the steps needed to get there and what you should be aware of in order to better plan your PHP 7 migration.

A Real Zend Expressive Application on IBM i

Clark Everetts Intermediate

See practical examples, in the context of a working 5250 RPG application, of how to integrate RPG, SQL, and other IBM i platform assets, with PHP. Learn the most up-to-date approach for structuring and configuring a Zend Expressive application. Learn about Expressive, the open source PHP microframework from Zend, and PSR-7, HTTP Messages, and Middleware. How about a real Zend Expressive web application that starts with CRUD, but goes beyond? How should models invoke RPG, DB2 queries, stored procedures? Where are "the controllers?" How do we handle sessions, authentication, caching for performance, and access control with middleware? This is not the standard sample application; this one begins with a small, but complete 5250-based RPG Order Entry and customer tracking application, and leverages the resources to build a mobile/tablet/desktop-friendly web application.

An Analysis of the Quality of Libraries in the Packagist Universe

Clark Everetts Intermediate

How do you find a truly reliable, well-built, and tested package? Do you have concerns about the overall quality and security of third-party libraries and packages you rely upon as dependencies in your code? Does quality have anything to do with number of reported downloads? Come see the results of our analysis of the quality of components available through Packagist - some popular, some under-appreciated - using various PHP QA Tools. Then, see a code module "before-and-after" some refactoring to change the values of a few specific QA metrics, one at a time. Time to relate those abstract metrics to real code!

Apigility and IBM i: A Match Made in Heaven

Massimiliano Cavicchioli Advanced

The IBM i platform is widely recognized as a supreme apparatus for complex elaborations. The modern, web-based workflows are forcing IBM i based corporations to expand the horizons of its deliveries. Is it truly necessary to denaturalize such a data driven, secure, mean machine? The session will explain how to guarantee the web consumption of the powerful business logic already existing in every IBM i platform, from any kind of device, in a secure and performant manner. The fulcrum enabling these workflows is Zend Apigility, a modern framework for building best-of-breed APIs in no time. The code examples will show typical HTTP-based interactions originating from all sorts of consumers (classic web pages, single page apps, handheld devices, etc.).

Architecting a PHP Application with Interfaces to IBM i

Chelsea Fenton Beginner

In this session we’ll walk through a case study of developing a PHP application using an API to interface with IBM i data. This is a great example of how IBM i developers can leverage their knowledge of business rules and authorization to help speed up the development of PHP applications.

You’ll learn how ZF3, RPG, and Bootstrap were used to develop an application that:

  • Separates the front end coding from the backend
  • Optimizes the skills of IBM i and web developers
  • Works on both desktop and mobile devices
  • Integrates with other systems

Becoming a Bug Exterminator!

Joshua Copeland Beginner

Spotting bugs is a skill developed over time with practice, but this session will put you on the fast track to being a bug exterminator! One day, your production environment will break and you have to reproduce it on your local box. Worst yet, getting XDebug wired up to step through isn't very straight forward when using Docker, Vagrant, or remote machines. In this session we'll cover how to properly setup XDebug in various situations. We'll cover how to use PHPStorm to step through your PHP and JavaScript code, and other neat features. We'll also cover how to profile your code to find slow bottlenecks in your app. Joshua will also share war stories of battles he's endured and what caused these issues.

Better Paranoid than Offline - OWASP Top Ten 2017

Christian Wenz Beginner

The Open Web Application Security Project (OWASP) is most famously known for its list of the top ten security risks for websites. After a long wait, the 2017 edition of the list has been released. We'll have a look at all entries on that list, what's new, what has changed, and what security risks a modern web application will face. And since this is a PHP conference, we'll look how we can mitigate those risks with our favorite programming language. 

Big Iron: PHP Lessons from Cold War Supercomputing

Edward Barnard Beginner

The original CRAY-1 Supercomputer was a 5-ton monster with just 8 MB of main memory, yet programming it can be a fun way to explore subtleties of PHP coding. In this session we indulge in programming "big iron" on "bare metal."  We’ll look at CRAY-1 hardware instructions with the aim of understanding logic operations, boolean algebra, and octal arithmetic. As a Cray Research veteran, Edward has carried CRAY-1 logic design to both MySQL table design and PHP coding. After this session, you will as well.

Bring RPG/COBOL Business Logic to the Web with the PHP Toolkit

Alan Seiden Beginner

Don't reinvent the wheel when developing PHP applications. Instead, re-use your valuable business logic. Reduce risk, speed development, reduce costs when developing web and mobile applications by calling RPG and COBOL programs, system commands, accessing data areas, and more, with the open source PHP Toolkit for IBM i, co-developed by IBM and Alan Seiden. The toolkit is free, flexible, supported by Zend and uses IBM's XMLSERVICE toolkit on the backend. In this session you'll:

  • Create a modern PHP-based graphical interface that uses RPG/COBOL/CL building blocks
  • Know when to access DB2 directly, and when to call a program
  • Optimize toolkit performance

Browser Serving Your Web Application Security

Philippe Gamache Intermediate

One important concept in web application security is defense in depth. You protect your server, your network, your database, and your application, but what about the user browser? Can it be done?
Yes! Several new technologies and protocols to assist security has been added to the browsers. Several should be added, activated, and configured from your web server or webpage. In this session we'll explore these technologies and learn how to use them. You’ll learn about the Robots meta tags (for crawlers indexing), browsing compatibility, XSS and clickjaking protection, SSL/TLS Control, and content security policy.

Build your APIs with Apigility

Christian Varela Intermediate

Immerse in the API world with Apigility. Learn how to take advantage of this tool to create APIs from scratch or to expose current functionality from an existent system. You'll learn the core API concepts, processes, functionality, logic, and in general how you can create good APIs, including documentation and all the considerations you must have.

Building a Culture of Respect: How to Find, Hire, and Retain Developers

Cal Evans Intermediate

Them: We're Hiring! Me: Big deal, who isn't? There is a talent war going on in tech, everybody is hiring! These days’ developers have their pick of jobs, so why should they pick yours? If you say "because you pay more" then you've already lost. High salaries may get them in the door, but it won't keep them in the long run, and it won't capture their hearts and minds, only their wallets. You need a strategy that will engage your developers, something that will make them want to make your projects a success. You need to do more than hire developers and call them a team. You have to build a "Culture of Respect". This session is more than just a guide to help you find developers to hire. It’s more than just a guide on how to set up an effective method of interviewing developers. It teaches you the hard part, keeping them once you've hired them. It takes a lot of effort and money to find and hire developers these day, once you get them, you need to learn to hold on to them. "Culture of Respect" deals with why you want to invest the time and energy to build a team that developers want to be a part of. Once you understand why, you dive deep into how.

Building a Real API Using Command Pattern

Anderson Casimiro Intermediate

It is. We'll start from a simple Symfony Microkernel application. Then change the Kernel to use Controllers as Commands and build classes to serve Data and Interaction to endpoints. Then we'll create tests for logic and behavior. Then we'll create more routes. Then we'll connect to a database. Then we'll improve it more. The intention is not to show "how to build an API from scratch" but evolve a Symfony Microkernel project as a Flexible Framework and explore more possibilities using Command pattern to split HTTP logic from business logic.

Building a Solid Cloud Architecture for Small to Medium Businesses

Ahmed Dirie Intermediate

When you're a business with an online presence, achieving a 99.999% uptime is critical. Yet with many small to medium businesses, this is usually either a prayer or a reliance on the in-house IT person to figure things out. In some cases, you rely on a service provider, such as a hosting company, or the managed team assigned to your virtual machine. All in all, it's never really an implementation decision. In this session we'll look at how we can use small to medium businesses can take advantage of the cloud, and use some of the open source tools available to build a solid cloud architecture.

Building Interactivity with Websockets

Wim Godden Beginner

The time of static or dynamically generated sites is long gone. Non-stop interaction with users is the new normal. However, polling with Ajax requests is processor intensive and cumbersome. Websockets allow you to interact with users in real time without increasing system load. We'll go through the basics and see all the different options, illustrated with live examples of how and when to use it, as well as when not to use it. Websockets are the new way of providing live interactivity with users, in many cases replacing the need for Ajax requests alltogether. This relatively new technology isn't always as straightforward as it may seem though, as will be demonstrated in several examples.

Building Robots with PHP

Christopher Pitt Beginner

Are you the kind of person who's too busy working to build robots with PHP? Well, you're missing out! Over the last few years, Christopher has built all sorts of useful robots (Internet of Things machines); to connect to virtual environments, automate the surroundings, or generally make life easier. All of these could be built using little more than the familiar PHP code used 9-to-5 jobs. Join this session to see some of the cool things you can do, with an Arduino, some useful PHP libraries, and a lot of imagination.

Building the Holodeck, one open source brick at a time

Justin Reock

PHP is open source. But it’s only one part of the larger puzzle. Open source powers everything from droids to Mars landers. Justin Reock, who lives and breathes OSS, shares his vision on what open source truly is, what it can be, and how we all participate in this larger community. Mixing Ulysses, Stallman, and Heinlein with his own views, Justin examines the secret life of free software to answer: How do we power the cool things we want, build faster, better, and maintain free software? The Holodeck awaits.

Chatbots are Fun! So Let's Build One!

Tessa Mero Beginner

Chatbots and conversational agents have become very popular in the recent years and there is a huge research effort to automate conversations in several applications. What are Chatbots? How can it benefit you? How do you write the code for it? These questions will be answered during the session with step by step directions so you can easily follow along. Come join us and build your first Chatbot in less than an hour!

CommonMark - Markdown Done Right

Colin O'Dell Intermediate

Markdown is one of the most popular markup languages on the web. Unfortunately, with no standard specification, every implementation works differently, producing varying results across different platforms. The CommonMark specification fixes this by providing an unambiguous syntax specification and a comprehensive suite of tests. In this session you'll learn about this standard and how to integrate the league/commonmark parser into their PHP applications. We'll also cover how to customize the library to implement new features like custom Markdown syntax or advanced renderers.

Create Your Own Dependencies!

Joshua Copeland Beginner

Do you have multiple PHP projects with the same or similar logic? Are you sick of your team copy pasting code from one project to another? Let's talk about pulling all that shared code into one (or more) libraries and how to implement them in your projects via Composer. We'll also be touching on related topics like Statis, Packagist, Toran proxy, Composer settings, code structure, autoloading, and strategies to use when refactoring classes into your new library. Quit duplicating code and come check out this session!

Cryptography for Beginners

Adam Englander Beginner

Cryptography is a complex and confusing subject. In this session we'll distill PHP encryption down to its essential drivers. You'll learn what makes cryptography weak and strong. You'll learn the important questions to ask when making decisions regarding modules and libraries. This session won’t make you a cryptography expert but it will give you the knowledge necessary to protect your software from attack. No prior knowledge of cryptography is required for this session.

Debugging ElePHPants

Adam Culp Beginner

Everybody knows how to install a debugger in PHP. Yet very few professional PHP developers have embraced step debugging, and instead do it the old-fashioned way. For many, this is because they simply don't know how to step-debug effectively. In this session we'll see how to debug common issues to speed problem resolution, and spend less time troubleshooting and more time coding. Attendees will walk away with the fundamentals to get up and running quickly, once they get a debugger installed.

Debugging Your Web Application

Stephanie Rabbani Beginner

500 internal server error? Wait, now it's a 404 error. I think it's actually a syntax error. And now my program call isn't returning anything.
Attend this session to hear tips and tricks on how to debug your web application on IBM i, including:

  • Analyzing Apache logs and Apache server issues
  • Debugging your program calls and Toolkit issues
  • Debugging DB2 and library list issues
  • Debugging Javascript and CSS

Defensive Coding Crash Course

Mark Niebergall Beginner

Ensuring software reliability, resiliency, and recoverability is best achieved by practicing effective defensive coding. Take a crash course in defensive coding with PHP and learn about attack surfaces, input validation, canonicalization, secure type checking, external library vetting, cryptographic agility, exception management, code reviews, and unit and behavioral testing. Learn some helpful tips and tricks from experienced professionals within the PHP community as we review the latest blogs and discussions on best practices to defend your project.

Deploying a PHP Application Across Multiple Clouds

Ahmed Dirie Intermediate

With some of the recent issues that occurred with cloud platform providers, many businesses are wondering whether they can leverage multiple cloud platforms for their solutions. In this intense session we'll do exactly that and set up cloud architecture over multiple cloud platforms that include:
  • Load balancer
  • Caching servers
  • Database servers
  • File servers
  • Web servers
 
Once we've set up our environment, we'll deploy a PHP application and test out performance and redundancy.

Design Security in PHP Using Middleware

Enrico Zimuel Beginner

Design a secure web application is definitely not a simple task! There are many aspects to consider like how to sanitize the user input, how to provide authentication, how to manage the permissions, how to escape output, etc. Using middleware, we can simplify most of these aspects thanks to the pipeline nature of this architecture design. We'll demonstrate how to implement security by design using middleware and the PSR-7 standard.

Designing Responsive IBM i Web and Mobile Applications

Chelsea Fenton Beginner

IBM i organizations benefit when users can access web applications from both desktops and mobile devices. But how do you accommodate all of the different device types without spending valuable time developing multiple versions of your applications?

Attend this session to learn:

  • What responsive design is
  • How Bootstrap makes it easier to create responsive web applications
  • How to install Bootstrap on IBM i
  • How you can use Bootstrap with PHP

Developing PHP Apps Faster

Adam Culp Intermediate

Enterprise PHP development teams, no matter the maturity level, focus on one thing, releasing stable apps that perform. They also want to avoid reinventing the wheel. Therefore, make the investment to listen to the top lessons we've learned from across industries to deliver PHP code faster without sacrificing quality, user experience, or existing workflows.

You will learn:

  • How to dig deep into application behavior and performance at runtime
  • How to maximize existing continuous delivery principles and tools
  • When to take advantage of existing frameworks and extensions and when to do it yourself
  • How to avoid reinventing the wheel each time you deploy, upgrade, or rollback

Domain-Driven Data

Bradley Holt Advanced

There are many types of databases and data analysis tools from which to choose today. Should you use a relational database? How about a key-value store? Maybe a document database? Or is a graph database the right fit for your project? What about polyglot persistence? Help! Applying principles from Domain-Driven Design such as strategic design and bounded contexts, this session will help you choose and apply the right data layer for your application's model or models. We'll explore traditional relational databases, graph databases, document databases, key/value stores, polyglot persistence, CQRS, event sourcing, and data layers for microservices.

Expect the Un-expected: How to Handle Errors Gracefully

Bastian Hofmann Intermediate

Even though you tested your application perfectly, errors and bugs will still happen in production, especially if other services or databases go down or are under high load. Thus it is very important to see errors happening and to be able to react to them quickly. In this session we'll introduce you to efficient ways for monitoring and logging for errors and show how you can handle them if they happen, covering deployment strategies, using intelligent circuit breakers, and gracefully reducing functionality. The session will give examples and recommendations so that you can quickly get started with implementing these.

Get Started Using PHP Frameworks on IBM i

Stephanie Rabbani Beginner

Are you wondering whether PHP frameworks are worth using when developing your applications? In this session we’ll explore the concept of PHP frameworks, and compare three popular frameworks (ZF3, Expressive, and Laravel) and show you how to get started with all three on the IBM i.

Getting and Staying Fast - A Web Performance Round-up

Bastian Hofmann Beginner

Making and keeping web applications fast is hard work, but also very rewarding and pays off very quickly with higher user satisfaction, increased usage, and better conversions. In this session we'll talk about all the lessons learned by working on application performance at ResearchGate: Why it is actually important, how you can convince your managers to invest time and money in it and what you have to do to measure and improve performance server and client side. Keeping a site fast is hard work, this session will contain lots of techniques that can be used and implemented to actually measure the performance and make the your web page faster.

Gitting the Most Out of Your Version Control

David Hayes Beginner

Git is everyone's go to method of version control. Our goal is to cover what it is, why it's important, and a few of the superpowers it unlocks. Of course, we'll touch on the basics:

  • git status
  • git commit
  • git pull

But we'll also take some time to understand more powerful commands and features like cherrypick, bisect, and using alternative differential browsers for those hairy merges.

Go Micro with Microservices

Mariusz Gil Intermediate

Microservices… New architectural style oriented on splitting monolithic codebase into set of small and independent applications built around specific business needs. Microservices might be very useful in some situations, but they also can introduce a set of new problems to be solved, from designing to communication between microservices in production environment. During this session we'll introduce core concepts of microservices architecture, possible implementations using PHP, deployment strategies, and running applications in production environment. You'll also learn about patterns in microservices world; building blocks for your next complex projects. All topics will be presented in code, on real PHP 7 applications powered by microservices.

Going Bare - Writing the Web without a Framework

Sammy Kaye Powers Beginner

If you've only ever experienced web development through a web framework, you're missing out. Have you ever been tempted to rewrite a codebase in your favorite framework? That's a smell that you need to come to this session. Being comfortable developing without a framework is a crucial skill to have for refactoring legacy applications. In this session you'll see how to harness the power of going "frameworkless" so you'll feel empowered to make better decisions in your next web project. Be set free from your web-framework ball and chain.

How I Learned to Stop Worrying and Love Regular Expressions

Jordi Boggiano Intermediate

This session will cover Regular Expressions from the basics to the darkest corners of this arcane art. Regular Expressions, at the core, come in handy to achieve validation and text manipulation tasks. In the day-to-day life of a developer, becoming comfortable with them opens up many more use cases. As one of the tortured souls that actually enjoys writing - and reading - regexes, Jordi will share his passion so that you too can see there is no reason to worry.

How to Go From Developer to Stakeholder

Ann Gaffigan Intermediate

Technology is everything these days, and your skills as a developer are in high demand. How can you leverage your unique skill set and understanding of technology to climb the ranks in your company beyond “just a developer?” Ann will tell her story of going from underpaid full-time developer, to broke freelancer, to entrepreneur, and finally to partner and CTO. More importantly, she’ll tell you what she learned along the way about the art of persuasion, transparency as a trojan horse, indispensability, confidence, standing your ground, and ultimately how to be treated and respected as a leader and not an employee. Disclaimer: I cannot confirm or deny that I have a problem with authority and a thirst for power.

HTTP/2 and Asynchronous APIs

Davey Shafik Intermediate

HTTP/2 (H2) is coming, and along with it a whole new way of communicating over the web. Connection re-use, prioritization, multiplexing, and server push are just some of the features in H2. In this session we'll look at the HTTP/2 protocol, and at how we can use asynchronous request now with HTTP/1.x. We'll also look at what asynchronous requests and H2 mean for your API and clients in the future.

IBM i Ask the Experts

Mike Pavlak Beginner

In this session various IBM i centric experts will assemble for a rapid-fire Q&A session including folks like Rod Flohr, Mike Pavlak, Alan Seiden, and many more. No topic is off limits as long as it pertains to the web enablement of IBM i. 

Identifying and Managing the Risks of Open Source Software for PHP Developers

Dave McLoughlin Beginner

Do you really need to worry about using open source software in developing commercial applications? In this session we'll talk about the key risk areas, how to identify and quantify the risk, and what steps if any are needed to deal with the risks.

We've all heard about security risks and license compliance risks associated with OSS, but how do you identify these risks and how do you manage them? After this session, you'll have the information to better understand how to assess these risks. It will provide you with no nonsense steps to take to manage your OSS so you can rest easy and not worry if these issues will affect you or your business.

The session will include:

  • Key risk areas and how to identify them
  • Common use case scenarios
  • Understanding and developing risk remediation strategies for OSS use

Implementing Languages

Christopher Pitt Beginner

Programming is hard. Making compilers is harder. Or so people think. The truth is that making a compiler is just a series of small steps, using regular language constructs. It's so easy, we'll make one in this session. Many developers (especially those who are self-taught) believe the lie; that making compilers is too hard for them. That they lack the tools and knowledge to bring their ideas about programming languages to life. There's a lot of complex thinking that goes into mainstream compilers, but that's no reason not to try! We can make less efficient compilers and interpreters which enable the same amount of power and flexibility as mainstream compilers. We could use tools like Parser Expression Grammars or JISON, but this session will look at something even simpler. Let's build our own cross compilers using regular expressions and a stack. Let's implement our own programming languages, in real-time.

Industrial Workflows with the Expressive Framework

Massimiliano Cavicchioli Beginner

The session will explain how to create a flexible and modular architecture for managing complex industrial workflows.
 
The workflows will be defined in pure textual syntax, feeding a microservice based infrastructure comprising of the following elements:
  • An API-based (REST, RPC) workflows manager (validation, analysis, propagation, etc.)   
  • Modular, independent, business logic units covering many common aspects related to industrial workflows     
  • An API-based (RPC) workflow implementer created by the manager on top of the business logic units 

Install MariaDB on IBM i - Tips, Troubleshooting, and More

Rod Flohr Intermediate

MariaDB is the new open source drop-in replacement for MySQL that has been adopted by IBM for use on Power Linux and IBM i. ZendDBi is the installer provided by Rogue Wave Software for installation of MariaDB on the IBM i. In this session we'll show how to use ZendDBi to install MariaDB and provide some important tips for post-installation. We'll also demonstrate troubleshooting some common installation issues. While most installations of MariaDB are trouble free, the troubleshooting procedures will give us a chance to understand a bit more about the operation of MariaDB on the IBM i. It'll also give us the opportunity to explore some concepts on IBM i that may not be familiar to some RPG programmers.

Kubernetes is your DevOps Guy

Brent Shaffer Intermediate

You're not the DevOps guy, and you hate bash scripts. You want to deploy a scalable and secure PHP application, but you spend most your time in application code. This session shows you just how easy it can be to achieve security and scalability in the PHP ecosystem using Docker containers. By the end of the session, you'll be able to deploy an autoscaling Kubernetes cluster of PHP frameworks and microservices.

LAB - Basic PHP to Access Your Data on IBM i

John Valance Beginner

In this session you'll learn about and practice basic PHP syntax, as well as how to access DB2 data to populate HTML documents. You'll learn about how to read input from the browser and dynamically build an HTML document using a combination of HTML, PHP, and SQL. We'll review the HTML tags for tables, forms, and input fields in order to create prompt screens and database inquiries. This session is geared toward the RPG programmer with limited or no experience developing PHP web applications.

This will be a self-guided lab – i.e., you will follow clear instructions from a printed lab guide, sometimes writing code from scratch, and sometimes using templates with key pieces missing, in order to maximize your time.

Rather than focus on language syntax directly, these exercises will teach you syntax through the applications you are building. In the process, you will also get exposure to some of the most important HTML tags that you need to create useful business applications with PHP. You’ll also get some experience using Zend Studio, the premier IDE for PHP development on IBM i.

IMPORTANT!! – LAPTOP REQUIREMENTS: This is a hands-on lab. To participate in this workshop, you will need to bring your own laptop, with the Zend Studio IDE installed, before arriving. You can download this from http://www.zend.com/en/products/studio/downloads. Choose the OS that runs on your laptop (Windows/Mac/Linux) and click the Download button. If you already have an older version of Zend Studio installed on your laptop, it should be fine, but I recommend version 10 or higher. Please see the release notes for the version of Zend Studio you are using for specific system requirements. If you have trouble getting Zend Studio installed, you can contact the instructor for assistance: johnv@div1sys.com. The server used is an IBMi server running DB2 and Zend Server, and this will be provided for you via remote access.

Learn Unit Testing with Katas

David Hayes Beginner

In this session we'll introduce the core concepts of unit testing and TDD — what it is, how it's done, why it matters — and then jump into doing it with one of the most time-tested techniques to comfortably start to get comfortable with the idea: code katas. Code katas are a systematic practice where you solve a specific code problem for about 25 minutes. After that, you throw the code away! This means they're the ideal safe places to learn new things and stretch our boundaries. We'll do one live front-to-back so you'll be comfortable taking the idea and doing it on your own.

Lessons Learned Building the Composer Internals

Jordi Boggiano Beginner

This session will dive into Composer's guts to see which choices we made worked and which ones did not. After six years and a few hundred thousand users, the Composer code has been through many iterations, problems, and successes. Let's have a retrospective to see what we can learn from it.

Let the Architecture Emerge

Jason McCreary Intermediate

We often have the tendency to over engineer our software. We want to use the latest packages, integrate with the hip services, and adopt those shiny patterns. Jason's here to say, “you aren’t gonna need it”. In this session we’ll take a look at how to practice YAGNI and what that means when writing code and making design decisions.

Leveraging Composer In Existing Projects

Mark Niebergall Beginner

Keeping external libraries current and organized can be a tedious and risky task. Converting those libraries from embedded inside a codebase to being included via Composer is a clean and efficient solution. Learn how to migrate and autoload those libraries, use the composer.json and composer.lock files, find new libraries, and run Composer commands. Use what you learn to clean and organize your codebase to make it easier to maintain, and more lean and better to work with.

Machine Learning for the Rescue

Mariusz Gil Intermediate

Gathering the data is not a problem today. The bigger challenge is how to understand this information and draw some conclusions. Fortunately, we can use some techniques like machine learning to teach computers how to learn from our data. Fast artificial neural networks, random forests, SVMs, classification, clustering - just to name a few concepts. We'll apply all these solutions to PHP applications to deliver automatic insights/predictions and create a real business value for a client. By the end of this session you'll be familiar with machine learning ideas and prepared to solve unsolvable problems in PHP.

Make your Application Expressive

Christian Varela Intermediate

Learn the concepts of PSR-7 middleware with Zend Expressive and how your application could be developed from scratch adapting those concepts with a new mindset. You'll see the different approaches, advantages and disadvantages, and the contrast of this paradigm and other more conventional paradigms.

Make Your IBM i Sizzle with WordPress

Alan Seiden Beginner

WordPress lets you create a website by choosing a theme and adding your own graphics without touching a line of code. This popular open source application also has thousands of plugins to add features to your site. Best of all, it runs on IBM i, and can leverage your own DB2 data and RPG programs. Learn why WordPress on the IBM i can be the most powerful WordPress anywhere. Since WordPress is based on PHP and MySQL, you'll get a taste of those technologies as well.
In this session you'll:

  • See what your IBM i can do with WordPress, how you can quickly create a website that will wow the business people in your company
  • Get a taste of how open source technology runs the web
  • See your IBM i data and RPG output on a WordPress site on IBM i

Meet Johnny the Deployer: A LAMP Stack Professional's Journey to Artificial Intelligence

Georgiana Gligor Beginner

Artificial intelligence products are all the rage these days. How do we, as LAMP stack professionals, ensure we embark this wonderful journey?
 
After working on AI-powered applications for a while now, we'll show you how we built, with PHP, a devops chatbot that enables the release manager skip the confusing discussions with the tekkies and master the release process.
 
Here are some questions you may ask Johnny:
  • “What tickets are ready for QA?”
  • “Prepare a release candidate and deploy it to QA”
  • “When did we last install the API in staging?”
  • “How did the traffic look for the last 36 hours?”
  • “How many sales are there today compared with last week?”
  • “What version of the API is installed in production?”
  • “How many servers are we using now in the integration environment?”
  • “What is the medium load across the cluster in the last three days.”
  • “List the last three deployments in the way environment.”
  • “Who ordered the update on release candidate?”
 
AI is not scary, and there are a lot of awesome things you can do with it right from PHP. Johnny is our devops friend that we created, and we'll show you how helpful he is in our day-to-day tasks.

Multi-factor Authentication

Philippe Gamache Beginner

The password is currently the most commonly used way to identify a user. It does not, however, have the level of security required to protect sensitive information.
The addition of new identification factor allows to solve this problem. But what, where, when do you have them? In this session we'll see the concepts of strong authentication, the introduction of alternative free or low cost second-factor identification. 

MySQL JSON Data Use Guide

Dave Stokes Intermediate

MySQL 5.7 provides a JSON data type. Previously you could store JSON formatted data in some sort of text field but then you would have to use REGEX which would reduce the quality of your work life, make your grumpy, and would be frustrated when you had to maintain it. Now you have over two dozen functions, can create materialized columns from JSON data that can be indexed for fast searchers, and can output data in JSON. This is a quick introduction for PHP developers to learn to incorporate this new data type with plenty of programming examples.

MySQL 8

Dave Stokes Beginner

MySQL 5.7 was the most popular version of the open source database. But several legacy problems needed to be solved, performance increased, and new features added. The biggest change is a true data dictionary which removes all those odd little files with meta-data (.frm, myi, myd, etc) and provides transactional ALTER TABLEs. Plus you see Invisible Indexes, roles, CTEs/Windowing functions, UTF8MB4 support, and learn what happened to MySQL 6 and MySQL 7.

Nom Nom: Consuming REST APIs

Tessa Mero Beginner

Feeling hungry? You’ve came to the right place! As APIs have become increasingly more important and popular in usage in the past few years in web development, it is important to understand the basics of what they are and why to use them. We'll be going over the basics: The What’s, Why’s, Where’s, and When’s. You'll learn the basics of REST APIs and we'll show you how you can use POSTMAN to test making REST API calls. By the end of this session, you’ll be able to go home and make REST calls on any API.

Offline Sync for Progressive Web Apps

Bradley Holt Intermediate

With the introduction of Progressive Web Apps and web platform APIs such as persistent storage, payments, geolocation, and push notifications, the web platform is taking on native apps. One important aspect of Progressive Web Apps is the concept of building your app to be Offline First. With an Offline First approach, you design your app for the most resource-constrained environment first. This approach provides a consistent user experience whether the user's device has no connectivity, limited connectivity, or great connectivity. One of the biggest benefits of Offline First apps is that they can be very fast, as they provide zero-latency access to content and data stored directly on the device.
 
The Service Worker API can do most of the heavy lifting when it comes to storing content and assets for Offline First Progressive Web Apps. A bigger challenge can be storing and sync'ing your app's data. One of the best answers today for offline sync for Progressive Web Apps is a combination of Apache CouchDB (an open source document database), Hoodie (an open source Node.js backend for Offline First apps), and PouchDB (an open source JavaScript database that syncs). This stack can provide you with the starting point for your own Progressive Web App mobile backend and frontend, and it's entirely open source!

Open Source Applied - Real World Use Cases

Justin Reock Beginner

For enterprises, it's rarely a single function causing your OSS problem, it's a combination of architecture, packages, or networks. Spend an hour examining real-world use cases and learn:

  • Typical architectures (OSS, commercial, and more)
  • Top issues we see in the field
  • Top packages and why they're chosen

Particulum Mobile: Zend Expressive Microservices in Docker Swarm

Jan Burkl Intermediate

What's the benefit of microservices? They are easy to maintain, easy to link and easy to scale. Theoretically. The tiny sample app "Particulum Mobile" gives us an introduction into the power, flexibility and simplicity of Zend Expressive as the basis for microservices. Let's talk in this session about a straightforward process to deploy the Zend Expressive part - and a HTML/JS frontend - to a Docker Swarm and see how it scales!

PHP 7.NEXT: The New Bits

Davey Shafik Intermediate

PHP 7.0 is old news, PHP 7.1 is the new hotness. As the first point release in the 7.x series, 7.1 will set the tone for future releases of the highly successful PHP 7. PHP 7.1 is shaping up to be an even more feature-filled release than 7.0, join me and walk through what's coming up in the most exciting release yet.

PHP Installed on IBM i - The Guided Tour

Rod Flohr Intermediate

Everyone knows installing PHP on IBM i is easy. Just download the save file and run the RSTLICPGM command. But not everyone knows what that RSTLICPGM does. What is it putting on the machine? Where is it putting it? How does it all work together? In this session we'll take a look at the IFS directories added by the Zend Server installer to see what's in them. We'll see where PHP and PHP extensions, Apache and FastCGI configurations, log files, and more are kept. We'll also talk about how these new file objects interact with existing prerequisite software on the IBM i to present dynamic pages to the web. This session is for PHP developers and administrators interested in learning how PHP fits in with the unique operating environment of IBM i.

PHP Prepared Statements and MySQL Table Design

Edward Barnard Beginner

When using a PHP framework, standard practice is to use an Object-Relational Model (ORM) for database access. However, with high-volume logging and statistics-gathering, it pays to go "old school" with PHP prepared statements. Meanwhile, when MySQL tables quickly grow by millions of rows, table storage space becomes an issue. Our table design must focus on keeping these tables more compact and efficient. Here too, prepared statements simplify both coding and table design. This session will use CakePHP 3's excellent support for PHP prepared statements, but all concepts are native to PHP and apply to any project striking this use case.

Playing with the New Toys in PHP 7.0, 7.1, and 7.2

Cal Evans Beginner

Things change fast in the PHP world. If you don't stop every once in a while and look around, PHP will pass you by. With regular point releases coming out, it's tough sometimes to keep up with all the new features that the core developers are constantly giving us. Join this session as we walk through the changes that came with PHP 7.1. We'll take a look at the important changes and how you can use them in your projects. Along the way, we'll say a fond farewell to some features that have served their purpose and are now just a fond memory...or nightmare.

Practical PHP Deployment with Jenkins

Adam Culp Beginner

Developers would love to "automate all the things", but where do we start? What tools exist for automating? And what can actually be automated? If we don't have unit tests, can we still benefit from deployment automation? This session will show how a PHP application pulled from Git, complete with unit tests, Composer dependency management, and package creation, can be deployed flawlessly using Jenkins. Then see how "Dev" and "Ops" are supported by a system if the application breaks through automated rollbacks.

Refactoring Done Right

Brandon Savage Beginner

Everybody talks about refactoring, but what's the best way to actually refactor a part of your application? Come watch a live session where we'll refactor a piece of code and come away with a well-designed solution. Along the way we'll learn how to spot candidates for refactoring, and pitfalls to avoid.

Review Unknown Code with Static Analysis

Damien Seguy Advanced

Code quality is not just for Christmas, it is a daily part of the job. So, what do you do when you're handed with a five feet long pole a million lines of code that must be vetted? You call static analysis to the rescue. During one hour, we'll be reviewing totally unknown code: no name, no usage, not a clue. We'll apply a wide range of tools, reaching for anything that helps us understand the code and form an opinion on it. Can we break this mystery and learn how everyone else is looking at our code?

Rise of the Machines: PHP and IoT

Colin O'Dell Beginner

The Internet of Things (IoT) is fundamentally changing how we interact with the digital world. In this session we’ll explore the implementation of real examples which bridge the gap between the physical and digital world using PHP: asking Alexa for information within a PHP application; displaying API data on an Arduino-powered display; using PHP to control LEDs on a Raspberry Pi to monitor application uptime; and connecting IR sensors to Slack to see whether a conference room is in use.

Silo-Based Architectures for High Availability Applications

Georgiana Gligor Intermediate

Data redundancy, computing clusters, load balancing, fail-over mechanisms, each of these individually addresses one potential issue, but none treats systems in your organisation holistically for maximising business revenue. You'll learn how to stop hating your existing infrastructure, prepare it for the leap to high availability using simple and intuitive changes that your DevOps team will love. Silos are a clever method of grouping servers in such a way that they can be scaled both horizontally and vertically, depending on the actual application needs. Most importantly, it frees you from over-optimizing the architecture upfront, by allowing fine adjustments easy to integrate in your Agile workflow. And they offer real A/B testing for your infrastructure and backend code. Then we'll look together at the awesome new things that you can do with your new silo superpowers. You'll be able to impress not only your fellow tekkies, but also marketing with helpful new tricks.

Static Analysis Saved my Code Tonight

Damien Seguy Intermediate

Static analysis tools checks PHP code without running them. Fully automated, they bring expertise to review the code, enforce good practices when programming, keep code ready for the next PHP version. PHP 7 has developed tremendously our capacity to audit code. Thanks to AST and return types, it is possible to go deeper and prevent more bugs. During this session, we'll review the current state of static analysis tools, learn what they can find for us, and how to integrate it in the development cycle: security bugs, migration incompatibilities, and directives recommendations. Simply said, better PHP coding.

Symfony 4 - Developer eXperience

Anderson Casimiro Intermediate

By the end of year we'll receive a brand new Symfony version on which we'll get an easier to use more flexible framework on our hands. Symfony team plans some deep changes on framework while it's still have a solid base. Say goodbye to old style bundled improvements and welcome auto-configuration. Symfony 4 will support only PHP 7 so there will be some deprecations from 3.4 version. The main purpose is to bring an improved developer experience to Symfony users as basis of the framework keeps strong as always. This presentation will cover all news from a developer sight.

Tackling the Beast: How to Gradually Upgrade a Legacy Code Base to PHP 7

Ann Gaffigan Intermediate

Hypothetically speaking, what if you wanted to change all of the lightbulbs in your house to use LED bulbs, but your current wiring didn’t support LED bulbs? You would need to re-wire your house, which would take a long time. In the meantime, you wouldn’t have any working electricity. Is there a better way? What if there was an adapter that could transition LED to work with old wiring if necessary, or if the wiring was new, just work as usual? That’s a metaphor for how I figured out how to gradually upgrade a legacy (LAMP) code base to be compliant with PHP 7.0. Since PHP deprecated the MySQL extension functions as of PHP 5.5.0 and removed in 7.0, we needed to transition a LOT of code in a legacy system to use the modern MySQLi extension functions. In trying to figure out how to upgrade the code base without ceasing new development on the system, we decided to use an adapter database class to allow us to transition gradually. In this session, we'll explain how the adapter class works and also the rules we put in place to ensure there was an end to the transition tunnel.

Test Driving Test Driven Development

Jason McCreary Intermediate

We've all been to the sessions about the tools for test driven development (TDD). But TDD is not just about writing tests, it's about driving development through testing. There's a very specific process of TDD with red, green, and blue phases. There's also different patterns, like outside-in or inside-out. In this session we'll focus on these practices by TDDing a common data structure from start to finish. You will gain experience and leave with tips to help them practice TDD in the real world.

The Middleware Express

Matthew Weier O'Phinney

Has enterprise PHP got you down? Does juggling dependency management, SOLID principles, and spiraling complexity make you yearn for the simpler days of one-off scripts?

What if we could once again embrace that simplicity, while retaining the ability to execute complex requirements? What if we could reduce the amount of code in our apps in a real way? The solution exists already: middleware!

Discover how middleware can help your organization, from developing one-off prototypes to full-featured, complex enterprise applications, transforming your application development lifecycle.

The Most Exciting Features of PHP 7.1

Enrico Zimuel Beginner

Many frameworks and applications are bumping their minimum PHP requirement to 7.1; do you find yourself wondering why? PHP 7.1 contains new exciting features and improvements that can facilitate the life of many PHP developers. During this session we'll cover some of these new features like nullable types, catching of multiple exception, void return types, class constant visibility, authenticated encryption in OpenSSL, and more.

The Possibility of PHP – The Weird and Wonderful Stories of the Web and Where We’re Headed

Zeev Suraski

The web revolves around PHP, and PHP evolves with it. In his keynote, Zeev will explore how PHP has impacted and continues to impact people's lives, and will share less commonly known and downright unusual PHP stories. Looking to the future of PHP and the web, he'll provide a glimpse of PHP’s upcoming technological advancement.

The Promise of Asynchronous PHP

Wim Godden Beginner

From ReactPHP to Facebook Hack's Async implementation and many more, asynchronous programming has been a hot topic lately. But how well does async programming support work in PHP and what can you actually use it for in your projects? Let's look at some real-world use cases and how they leverage the power of async to do things you didn't know PHP could do.

The Red Team is Coming!

Adam Englander Beginner

The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this session we'll put a human face on the users of our software. It will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join us in the fight. The Red Team is coming!

The World of Open Source on IBM i

Kevin Adler

There's a whole world of open source software available on IBM i, whether that software comes from IBM, another software vendor, or even something you found on GitHub. Learn about some of the available software packages available to you from all of these sources.

There's a Middleware for That!

Matthew Weier O'Phinney Intermediate

Ever need to add authentication to an application? Or log HTTP messages? Maybe you wanted to trim trailing slashes from URIs. Or add security features such as CORS, Content-Security-Policy, or other headers. How do you easily enable the features, or enable them only for certain contexts within your application? The PSR-7 HTTP Messages specification created an ecosystem of PHP middleware that provide solutions to these problems! We'll cover creating an Expressive application that composes middleware from a variety of ecosystems in order to demonstrate that, in the end, there's a middleware solving every problem.

Transforming WordPress Search and Query Performance with Elasticsearch

Taylor Lovett Beginner

WordPress traditionally uses MySQL. MySQL is a powerful relational database but falls short on complex multi-dimensional queries and search. At 10up, the largest WordPress-centric agency in the world, we use Elasticsearch and ElasticPress, our open source solution for integrating Elasticsearch with WordPress, to transform search and query performance on some of the biggest, most high-traffic WordPress installations in the world. This session will dive into optimizing Elasticsearch and WordPress for highly relevant search results and high performance.

Understanding Open Source Licenses

Dave McLoughlin Beginner

There are hundreds of open source licenses. Most developers don't take the time to read or understand them, but can you continue to ignore them? We have seen a rise in litigation around open source license over the last 10 years. And, in the last 12 months we have seen the first examples of OSS copyright trolls that are taking developers to court in an attempt to monetize GPL violations. 
 
This session will covers:
  • How OSS licenses are enforced
  • What are the main types of OSS licenses
  • How to identify them
  • What steps you need to take to ensure you are complying
 
We cover use case scenarios and do a "deep dive" on the most used licenses today and how to understand them.

Watch the Hacker Hack

Michael Hess Intermediate

This interactive session will outline a range of common vulnerabilities in websites. You'll watch Security Team members try to hack these sites and share their thought process as they go. You'll learn how to think like an attacker so you can better understand common vulnerabilities and we'll cover best practices for configuring and protecting your sites. Finally, we’ll share how the Drupal Security team oversees security across this global open source community.

Web Security: Website Hacks and Heists, Be a Detective and Find out `Whodunnit`

Michael Hess Beginner

Become a web security detective and join us as we look at some cases of compromised websites drawn from real-life events. We'll cover four tales of hacked sites, from uncovering the hack, to tracking down the root cause, to mitigating the problem. You'll learn techniques for trouble-shooting hacked sites and increase your awareness of common attacks. We aim to make web security more engaging by inviting session participants to use their creative problem-solving abilities to learn how to track down the causes of common website hacks. We'll also cover security issues unique to the Drupal content management system. While web security can be intimidating to beginners — including early-career web developers — it's not difficult to maintain a secure Drupal website. We'll share best practices and recommendations as to how to approach security for your site.

What You Need to Know Before You Deploy Your Next MongoDB Implementation

Bill Crowell Intermediate

You're days away from rolling out a MongoDB application to production. Your code and data model is set. Integration testing is successful, and the business has given its blessing after thorough testing. Performance testing commences revealing a critical issue on a common use case in your application. Any changes to your code will require a new QA cycle delaying your production rollout. What can you do? 

NoSQL databases promise quicker iterations allowing you to deliver more functionality for your business, but there may be obscure signs of trouble you are overlooking.

This session will show you how to uncover performance problems before deploying to production, and empower you with knowledge of tools that assist developers and administrators to achieve high read and write throughput. Discover how to attain maximum performance in environments with redundancy and high availability with ease. 

Who's Doing What with PHP on IBM i

Mike Pavlak Beginner

In this session we'll review three customer account stories where the combined PHP and IBM i solution is really changing the game for the company. We'll also talk about the latest and greatest product features and get the inside scoop on what's coming up soon. 

Why Did My Project Fail?

Brandon Savage Intermediate

Failed projects are a reality of our business, with more than half of projects failing to come in on budget and on time. Yet despite the consistent failures and the platitudes for avoiding them, projects still fail with stunning regularity. Come learn why projects fail, and how you can break the cycle.

Why You're Not Secure: Apache, OpenSSL, and PHP

Andrew Carr Intermediate

PHP 7 has been released and your production environment needs to be upgraded.  Apache 2.4 came out 5 years ago, yet you are running Apache 2.2.  OpenSSL 1.1.0f is the current GA version, your servers use OpenSSL 0.9.8.  A lot of companies have outdated software running in live environments, making them vulnerable to commonly exploitable weaknesses.  Based on information gathered working with dozens of companies, it's commonplace to see servers running open source software that is 5, 10, or even 15 years old.  A simple Google search for vulnerabilities on these older versions produces exploits and kits that any person can use to wreck your company’s share prices, data, and reputation.  Learn how to protect yourself, your team, and your company from threats by these methods. 

We'll use some common techniques to upgrade and harden our servers, concentrating on PHP, Apache, and OpenSSL. Hardening the operating system needs to happen as well, but this session focuses on the software.  Bringing your coworkers, employers, and colleagues on board with your migration plan will allow you to more easily move from the old to the new. We'll also cover the skills you need to learn, the resources available to assist you, and the methods to accomplish a migration that will result in a secure and robust production environment.

Writing Tests for PHP Source

Sammy Kaye Powers Beginner

As you might have already heard from a grumpy individual, adding more tests to your codebase is crucial to its stability over time. This session isn't about adding tests to your PHP codebase, but adding tests to the PHP language itself. And the best part is, all the tests are written in PHP so you don't even have to dust off that old C book from college. In this session you'll see how to find untested parts of the PHP source code, how to write a test for the untested feature, and how to submit your tests to PHP internals. Not only will you be making PHP more stable and reliable, but there's a good chance the tests you write will give you a deeper understanding of PHP; knowledge you can use to improve your own codebases. Not to mention you'll be able to call yourself an internals contributor. Come on in! The water's fine!

You Got JavaScript in My PHP

Taylor Lovett Beginner

PHP is a powerful language. However, when building applications on the web, JavaScript can’t be ignored. Browsers run JavaScript client side. Many powerful frameworks and tools are built on Node.js. Additionally, isomorphic web applications have become increasingly popular. Good news: We can use JavaScript within PHP. Using the PHP extension V8Js and Google V8, we can execute Node.js code within PHP. This session will run through the why and how of V8Js and executing JavaScript in PHP.

Zend Server in Docker Swarm: Deployment and More

Jan Burkl Intermediate

Cluster management, decentralized design, scaling, load balancing, and rolling updates. These are some of the beneficial features of Docker Swarm. But how can you utilize them in conjunction with an enterprise PHP stack? Is Zend Server the right choice? What has to be considered from a DevOps point of view? In this session see how to provision and deploy a Zend Server Service, update a PHP app container, use a clustered session handling, and experience how networking is handled in a Docker Swarm setup.

Zend Studio Tips and Techniques

John Valance Beginner

If you're new to using Zend Studio, or if you haven't yet had training in using this tool, you may not be aware of many of its features, some of which can save you a lot of time and frustration. Zend Studio is the PHP editor provided free to IBM i customers with a full year of free support and upgrades. Using a live version of Zend Studio, we'll cover some basic concepts of the IDE and demonstrate some popular features and techniques. We'll discuss perspectives and contrast the Remote System Explorer with the PHP Perspective, and demonstrate some of the advantages of the PHP perspective for developing larger projects. We'll also cover editing shortcut keys, creating templates, using filters, and more.