- Security Theatre Thomas Shone
This is not your normal security talk. Sure we talk about secure communication and the importance of hashing and encrypting (and why rolling your own is never a solution). We might even get frisky and cover some more interesting topics like true randomness, timed attacks and social engineering. But what we're really interested in is understanding what that hacker is trying to do on your site, what the motivation is and, using this, understand where you need to be vigilant. We're also going to talk about the results from an ongoing 4 year project to see just how vulnerable the average consumer website is. Theodore Sturgeon famously said 90% of everything is crud, we'll get to see just how close we come to that number. So if you're ready to see how scary the dark depths of security can be and just how scary it is when you look up and see all the leaky boats above us is, this is for you.
- Step Into Debugging Gary Hockin
<?php die(var_dump($synopsis));string(406) "While var_dump driven development is great when you're starting, at some point every developer wants more. Step debugging is the answer.
In this session we'll cover the fundamentals of installing and configuring Xdebug, configuring PhpStorm to listen to Xdebug, and then actually step debugging some scripts to find our problems. Step debugging PHP is an incredibly easy and powerful tool when you know how!"
- All the cool kids... Matthias Noback
The PHP world is spinning quite fast these days. There’s a lot to keep up with. You can’t be an expert in all subjects, so you need a way to find out what’s relevant for you and your team. Which approaches to software development would be useful? Which programming paradigms could help you write better code? And which architectural styles will help your application to survive in this quickly changing world? In this talk I’ll help you answer these questions by taking a bird’s-eye view. I will quickly guide you along some of the most fascinating topics in modern PHP development: DDD, BDD, TDD, hexagonal architecture, CQRS, event sourcing and micro-services. We’ll see how these things are related to each other, and how understanding and applying them can help you improve your software projects in many ways.
- Dip Your Toes in the Sea of Security James Titcumb
Security is an enormous topic, and it’s really, really complicated. If you’re not careful, you’ll find yourself vulnerable to any number of attacks which you definitely don’t want to be on the receiving end of. This talk will give you just a taster of the vast array of things there is to know about security in modern web applications, such as writing secure PHP web applications and securing a Linux server. Whether you are writing anything beyond a basic brochure website, or even developing a complicated business web application, this talk will give you insights to some of the things you need to be aware of.
- Automation Automation Automation Michael Heap
A good rule of thumb to have as a developer is that if you have to do something three times or more, you should automate it. Imagine that a task takes you a minute to do, twice a day. Now imagine that you could write something that does it for you, but it would take an hour. Initially, you'll have lost an hour, but after the first month you'll be breaking even, as you've saved those two minutes per day. Then after the second month, you've essentially gained a free hour. Automation is a developer's best friend. Some things are easier to automate than others, but almost anything can be automated. In this talk, we'll take a look at what can be automated, what tools are available to help us and crucially, *if* we should automate it. Surprisingly, sometimes the answer to the question "should we?" is "no".