SunshinePHP Conference - February 8th-10th, 2018

It's warm and sunny in Florida. Take a break from the cold to enjoy some sunshine, and talk about PHP!

REGISTER!

Below is a full listing of 50 minute talks to be presented at SunshinePHP. Our selection committee did a wonderful job of selecting a nice variety of talk topics by some of the best speakers. We hope there is something for everyone developing with PHP.

NOTE: Attending these 50 minute talks on Friday and Saturday February 9th and 10th requires the purchase of a normal conference ticket on the Registration page.


10 Things I Hate About Your API

Amanda Folson
Session
 
Beg
 
API


You’ve built an API, launched it, and people aren’t excited about it. Why might that be? Many people release APIs for public consumption without any regard for developer experience. This creates a developer ecosystem that invites failure or worse -- it can encourage people to seek alternatives. This talk will cover common API pitfalls (spoiler, not all of them are code-related!) and how to create an environment around your API that will make developers happy.

#

A Review of Code Reviews

Chris Russell
Session
 
Beg
 
Development


Code reviews are great! They make sure that fix takes just a little bit longer to merge. And you get to correct everybody else’s mistakes instead of writing your own code. And you get to hear EVERYBODY’s opinion on whitespace, AGAIN! Wait... why do we do this again? Take it from somebody who has been doing it since before it was cool -- it’s all worth it. Join me to discover the secrets to getting the most out of code reviews within your professional team. We’ll talk about tangible benefits, common challenges, and practical strategies for a smooth and effective review process.


Advanced PHP Simplified

Mark Niebergall
Session
 
Int
 
Development


Increase your PHP skills and improve your architecture as you learn why, when, and how to use advanced PHP features. Abstracts, interfaces, traits, namespaces, and dependency injection will each be discussed with code examples to help make using them simple. All these features will then be brought together to demonstrate clean coding. This will be a perfect presentation to help you sharpen your skill-set to include these tools to make your code even more clean, structured, and awesome!


Containers are a pile of lies!

Larry Garfield
Session
 
Int
 
DevOps


Containers are all the rage these days. They’re fast, they make deployment easy, they handle dependencies, they slice, they dice, they make julienne fries! But... what are they? What exactly is a container and how does it work? Just how does a container differ from the “old” silver bullet, virtual machines?

Here’s a hint: It has nothing to do with boats, or whales, or shipping. That’s all marketing fluff.

Containers are simply a shorthand name for leveraging newer features of operating system kernels that let the OS lie to programs about how they’re running. In fact, all of modern software is built on lies. That’s what’s useful about it!

To understand how that works, why it’s so useful, and where it’s not, let’s dive into how software actually works on a modern Linux system to see how those kernel features fit into the big picture, building up to “containers” along the way. Pull back the veil of lies and see how your computer really works.


Converting Your DEV Environment to a Docker Stack

Dana Luther
Session
 
Beg
 
DevOps


Heard a lot about docker but not sure where to start? In this presentation we will go over the simplest ways to convert your development environment over to a docker stack, including support for full acceptance testing with Selenium. We’ll then go over how to modify the stack to mimic your production/pre-production environment(s) as closely as possible, and demystify working with the containers in the stack.


Crescent Wrenches and Debuggers: Building Your Own Toolkit For Rational Inquiry

Kerri Miller
Session
 
Beg
 
SoftSkills


Software exists in a constant state of failure, facing pressure on many fronts - malicious intruders, hapless users, accidental features, and our own limits of imagination all conspire to bring our system to a screeching halt. Untangle even the most tangled of Gordian Knots by building your own toolkit for inquiry, by relying on the simplest technique of all: asking “why?”


Cryptography For Beginners

Adam Englander
Session
 
Beg
 
Security


Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography . This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.


Deploy Scalable and Secure PHP Applications with Kubernetes

Brent Shaffer
Session
 
Int
 
DevOps


You're not the DevOps guy, and you hate bash scripts. You want to deploy a scalable and secure PHP application, but you spend most your time in application code. This talk will show you just how easy it can be to achieve security and scalability in the PHP ecosystem using Docker containers. By the end of the talk, you'll be able to deploy an autoscaling Kubernetes cluster of PHP frameworks and microservices.


Domain-Driven Data

Bradley Holt
Session
 
Adv
 
Database


There are many types of databases and data analysis tools from which to choose today. Should you use a relational database? How about a key-value store? Maybe a document database? Or is a graph database the right fit for your project? What about polyglot persistence? Help! Applying principles from Domain-Driven Design such as strategic design and bounded contexts, this session will help you choose and apply the right data layer for your application's model or models. We'll explore traditional relational databases, graph databases, document databases, key/value stores, polyglot persistence, CQRS, event sourcing, and data layers for microservices.


Essential AWS for PHP Applications

Michael Moussa
Session
 
Beg
 
DevOps


Have you ever thought "I'd like to use AWS for my PHP application, but it's so complicated!"? With over 70 distinct services available, how can you possibly learn them all or even decide which ones you need in the first place? Join me in this session as we grow a simple LAMP server into a scalable, fault-tolerant, highly-available, secure application stack on AWS. Whether you've already got some experience with AWS, or all you know so far is how to spell it, you'll walk away from this talk armed with the essentials for running PHP workloads on AWS!


Functional programming for the Advanced Beginner

Luis Atencio
Session
 
Int
 
Javascript


Functional programming is in the mind of everyone. Each day there are more and more blog posts and articles are written on the subject. Topics such as "How to improve your PHP code using functional techniques," "Break problems down with composition," and many others dominate the scene. However, 90% of those articles include these mysterious terms such as monoids, monads, currying, referential transparency, composition, morphisms, and many others. In this talk, I will break down the terms that developers encounter daily when trying to learn FP. Whether you'd like to use it JavaScript, PHP, Hack, or Scala, understanding what these terms mean will allow you to reach the next level. By combining FP with your already mastered OO skills you can write unparallel code that, oddly enough, parallelizes extremely well! By the way, all of the code shown during this talk will use "modern" JavaScript, so you can also get to learn some ES6/ES7 while you're add it.


How PHP Ticks

Sara Golemon
Session
 
Adv
 
Core


A look into the internals of PHP; How it came to be, how it works, and how PHP 7 leapt far out in front of its predecessor on performance and memory consumption with some thoughts on what's next for PHP 8.


How to beat memory bloat with generators

Korvin Szanto
Session
 
Adv
 
Development


Memory usage is something that we as developers have to be aware of. Ever debugging a memory issue and find that your once small dataset has ballooned out of proportion? And instead of dealing with the issue, you opt for upping the memory limit?
Iterators can be the answer but they require a lot of code and can be very difficult to understand at a glance. Thankfully since PHP 5.5 Generators help us create and manage what would be complex iterators with simple syntax sugar.
In this talk I will go over some of the ways you can implement generators and cure your memory bloat.


Is the future of computing deviceless?

Ibis Fonte
Session
 
Beg
 
UI/UX


Did you know that the computer of the future does not have a keyboard or a mouse, and not even a monitor?

As the world takes steps towards this new world of computing, many different products are hitting the market to show how touch, motion sensors, and human biosensory inputs are becoming a reality. Learn which products you can start to integrate into your applications to be at the bleeding edge of innovation. Find out what the market is doing that may disrupt your current business and get inspired with new ideas of your own to beat the competition.

In this sneak peak at multiple technologies that are on the market today. Come and get your hands on some of the most exciting computing advances of today, including:
  • OpenBCI - Brain Computer Interface
  • Kinect Motion Sensors
  • Bare Conductive Touch
  • Microcontrollers
  • Arduino Sensors
  • Augmented Reality with Sphero
  • Microsoft Hololens
and more!


Let's Talk Scope

Alena Holligan
Session
 
Beg
 
Development


Scope is a major factor in any application, from programing scope to project scope, and communication is key. We will discuss different application scopes including global, functional, class, and package scope. We'll demonstrate how namespaces fit into the scope and how everything ties together with communication of the project itself.


Make your application Expressive

Christian Varela
Session
 
Int
 
Expressive


Learn the concepts of PSR-7 middleware with Zend Expressive and how your application could be developed from scratch adapting those concepts with a new mindset. You will see the different approaches, advantages and disadvantages and the contrast of this paradigm and other more conventional paradigms.


MySQL 8

Dave Stokes
Session
 
Beg
 
Database


MySQL 5.7 has been the most popular release but there are architectural and design issues that have caused issues for years. Version 8 is now available for testing and the biggest change is a true data dictionary (no more metadata in files) which means you can now have millions of tables in a schema (the bad news is that you can now have millions of tables in a schema). Plus there are roles, UTF8MB4 support, Invisible Indexes, are more to make your life better. Plus learn what happened to MySQL 6 and 7!


OSS Commerce Melee

Ben Marks
Session
 
Beg
 
E-Commerce


Aimeos (Laravel). Drupal Commerce. Magento. OSCommerce. PrestaShop. Shopware. Sylius. WooCommerce. Bespoke. SaaS.

It's no doubt that when a website needs a commerce component, open source provides the most control - but how do you know which one is the best choice? While it's easy to go with a system built on your favorite framework, it may not be the best choice based on business needs. This talk takes an objective look at the open source commerce ecosystem and provides a set of questions and guidelines to use to find the right system for your application.


Philosophy in Code: I Kant Even

Margaret Staples
Session
 
Beg
 
Development


Coding in practice is a perpetual learning experience. The ongoing necessity of tackling new languages, frameworks, legacy codebases, etc. can be daunting. Immanuel Kant outlined some thought tools for making sense of and eventually conquering vast intellectual territory. I have found the application of these insights enormously helpful over many years and countless tricky knowledge bases. This talk will aim to pass along those tools and techniques, and make the first steps of your future challenges less intimidating.


Practicing YAGNI

Jason McCreary
Session
 
Beg
 
Development


We often have the tendency to over engineer our software. We want to use the latest packages, integrate with the hip services, and adopt those shiny patterns. I’m here to say, “you aren’t gonna need it”. YAGNI is a principle of eXtreme Programming that states "a programmer should not add functionality until necessary". In this talk we’ll take a look at what that means when writing code and how you can start practicing YAGNI to write better software.


Protect your API with OAuth2

Rob Allen
Session
 
Beg
 
API
 
Security


OAuth 2 is the gold standard for authentication in APIs and in this talk we'll take a deep dive into how it works and how to implement an OAuth 2 server in your API. There are a number of work flows in OAuth 2 for different scenarios including mobile apps and websites connecting via JavaScript, so I will discuss each one and show you how to implement it. We'll also look how to use JWT which can provide performance improvements. By the end, you'll be well equipped to add OAuth2 to your API.


Securing Web Services: Fundamentals, Lessons Learnt, Common Vulnerabilities and Security Strategies

Amrita Jain
Session
 
Beg
 
API
 
Security


In this three-part talk, we will first analyze the fundamentals of common security protocols such as Oauth1.0/2.0, Three-legged and Pin-based Auth. Next, we will review the security models of Facebook, Twitter and Google APIs in the light of the aforementioned protocols. Finally, we will apply our learnings to construct a comprehensive security model using a dedicated trust server, handshaking token, hierarchical security matrix and dynamic secret sharing.


SlimPHP - When you don't need the kitchen sink

Joe Ferguson
Session
 
Int
 
SlimPHP


Full stack frameworks can often be too much for an application. What if you have a one off project that doesn't need "everything and the kitchen sink"? What if you have a large project you want to build yourself to be as lean as possible?

Join us for an introduction into the Slim framework. We'll cover getting started, building a small application, and using components from bigger frameworks and other extraordinary sources.


Squash Accessibility Bugs

Andrea Skeries
Session
 
Beg
 
UI/UX


People perceive, operate, and understand web content in different ways. Is your site robust enough to give equal access to all visitors? Find out in this intro to web accessibility. Learn how to spot common barriers to access and how to fix them.


The Voice-First Revolution: Building Google Assistant Apps Using JavaScript

Kesha Williams
Session
 
Beg
 
Javascript


Hands-free is the future of Internet services due to the Artificial Intelligence (AI) discipline of natural language processing. Google Assistant, released in 2016, realizes the promise of voice as a more natural and frictionless way to interact with technology. Although not the first product of its type on the market, Google Assistant outshines its competitors. During this talk, learn how to interact with Google Assistant and the steps required to teach this AI to become smarter. This talk explores the creation of Actions and the API.AI platform by peaking under the covers of an existing Action. Attendees will hear from a developer's point of view, the major differences in development and implementation between Google Assistant and its competitors. Attendees are exposed to creating Actions using JavaScript and the Google Cloud Platform.


Virtual Machine, Container, or Serverless

Terrence Ryan
Session
 
Beg
 
DevOps


One of the first challenges of moving your workloads to the Cloud is figuring out which three major flavors of computing technology to use: virtual machines, containers, or what is being called serverless. Each of these tools has its niche, its hype, and its downside. This session will tour application scenarios, discuss how each technology would handle them, consider the tradeoffs, and leave you with recommendations for which one to pick.


Vulnerability Scanning for your Website

Lisa Bock
Session
 
Beg
 
Security


Web sites are prone to security risks, and are a target for common attacks such as Cross Site Scripting, and SQL injection, which can result in exposure of sensitive data and even more aggressive attacks. Vulnerability scanning checks for known vulnerabilities and generates a report that the developer can use to fix web site vulnerabilities. Join Lisa Bock as she reviews some common scanners that even an average user can run. Vulnerability scanning is inexpensive, as most scanners are well under $1500, and many are free and can provide a great deal of information. Participants will learn that scanning a website to check for vulnerabilities is an important exercise, and regulations such as PCI, GLBA, Sarbanes Oxley, HIPAA or FISMA many times require periodic scanning. Vulnerability Scanning is an important first step in reducing overall risk, as most vulnerabilities can be addresses and reduced if not removed entirely.


Win Big, Cache Out

Ashley Hutson
Session
 
Int
 
Scaling


Caching can be a very complicated and loaded topic in Computer Science. There are many factors to consider from query caching, results caching, SQL caching, partial content caching, and full page caching. Look forward to finding out typically when, what, and where you should be caching and the best practices in implementing and how in PHP with various caching technologies(Redis, Memcached, and cloud based solutions). Always remember that you can over cache, so it is important to not go overboard as well.


Xdebug

Derick Rethans
Session
 
Beg
 
Development


This session teaches you how to detect and debug PHP scripts with the open source tool Xdebug, focusing on the new features in Xdebug 2.5 and 2.6.

The first part will quickly show how to get started with Xdebug. The second part of the session will cover detecting problems in your scripts by showing how Xdebug provides debugging aides in the form of stack/function traces, dumps of variables, modified PHP functions. In the last part I will show the remote debugger capabilities of Xdebug with different IDEs, where you can: set breakpoints on functions, methods and file/line combinations and evaluating error messages. On top of this you will also see how you can use Xdebug's profiler to find bottlenecks in your applications. I will be focusing on the least known features of Xdebug.


You Were Lied To About Optimization

Chris Tankersley
Session
 
Beg
 
Development


Many know of the famous quote, "Premature optimization is the root of all evil," but most people do not know the full quote or understand the context in which optimization is considered evil. As with anything in programming optimization is evil, maybe. Stop using excuses for slow code, and start to think about the places and tools that you can use to optimize. Thankfully there are are many different tools like xhprof, Valgrind, and others to help us out and properly optimize our code for those times when we need to dig deep into our code.


Newsletter