SunshinePHP Conference - February 4th-6th, 2016

It's warm and sunny in Florida. Take a break from the cold to enjoy some sunshine, and talk about PHP!

REGISTER!

Below is a full listing of 50 minute talks to be presented at SunshinePHP. Our selection committee did a wonderful job of selecting a nice variety of talk topics by some of the best speakers. We hope there is something for everyone developing with PHP.

NOTE: Attending these 50 minute talks on Friday and Saturday February 3rd and 4th requires the purchase of a normal conference ticket on the Registration page.


A Common Taxonomy of Bugs and How to Squash Them

Kylie Stradley
Session
 
Int
 
Development


Catching software bugs is a mysterious magic, unknowable by science and untouchable by process.

False! Programming bugs, like real bugs, can be organized into a taxonomy. Come with me and I'll show you how classification can help you build “programmer’s instinct” into a logical debugging process.

Debugging may be instinctual but those instincts come from seeing, identifying and diagnosing patterns. In this talk, we’ll use phenetic taxonomy to build a debugging decision making network based on attributes and behaviors of common bugs. Newer developers will learn how to apply systematic pattern matching to debugging while seasoned developers will learn how to use their instincts to teach debugging.


AMP your website: An Introduction to Accelerated Mobile Pages

Robert McFrazier
Session
 
Int
 
Mobile


The Accelerated Mobile Page project aims to create a framework that allows webpages to load fast on mobile devices. By focusing on things that browsers do fast, and avoiding things that take time, the AMP project allows mobile devices to load content almost instantly. During this presentation we will dive into AMP HTML, AMP JS and the Google AMP cache. We will look at the AMP open source project and its closed source alternatives and we will also see how HTTP/2 plays into making your mobile site load faster. We will also look at how you can monetize your AMP based site.


Baby Steps -> Giant Leaps. (Xdebug for beginners)

Sean Prunka
Session
 
Beg
 
Development


var_dump($foo)

print_r($bar)

die($baz)

Are these your current debugging tools? Wouldn't it be nice to see $foo, $bar, and $baz while the code is still being executed? Watch it change, live? And not have it just dumped all over the output of your otherwise beautiful app? We'll install XDebug, set up your IDE to use it (with examples shown for PhpStorm, Netbeans, and ZendStudio), then we'll actually walk through some badly written code that needs to be debugged.


Building great admin panels with Symfony and SonataAdminBundle

Victoria Quirante
Session
 
Int
 
framework
 
Symfony


Coding an admin panel is not the problem you love to face when you wake up in the morning, but is something you need to do very often. Having an environment that allows you to implement this efficiently, is something key for a developer. Symfony and SonataAdminBundle provide a way to do it that gives you as many out-of-the-box functionalities as you could dream of, plus the chance to customize every piece -if you know how to do it. The purpose of this talk is to show how easily can you get profit of SonataAdminBundle once you know how to deal with it.

We will start with a clean installation of Symfony and SonataAdminBundle, showing how to build up form there, and how to solve the main problems and questions that you usually face when having a complex admin panel in your hands. The main purposes are to show how to use SonataAdminBundle in the most standard way, and how to build up from that point, customizing whatever you need to meet the exact requirements of the project.


Code Coverage for Security in Application Migrations

Dana Luther
Session
 
Int
 
Testing


So the time has come to take the leap and upgrade your application to a new major version of the underlying framework, or, perhaps, to an entirely different framework... how do you ensure that none of your functionality or usability is impacted by a potentially drastic rewrite of the underlying systems? How can you move forward with 100% confidence in your migrated codebase? Testing, testing and more testing. Using a combination of unit, functional and acceptance tests can give you the certainty you need. In this talk, we will go over key strategies for ensuring that you begin with full code coverage and move forward with confidence.

Testing framework: Codeception 2.2.x


Composing PHP Applications with Middleware

Josh Butts
Session
 
Beg
 
Development


With the advent of the PSR-7 standard, middleware has become a household name in the PHP ecosystem. This talk will cover middleware architecture concepts including a comparison of how middleware is being used in PHP versus other languages. We’ll look at how to leverage middleware concepts to build applications from scratch as well as combine off-the-shelf components using middleware as the glue. Of course, we’ll also look at some downright dirty tricks you that middleware lets you get away with as well!


Console Applications: Automate your life away

Matt Trask
Session
 
Beg
 
Development


Today, there is a huge focus on frameworks, web applications and micro services. As we focus on those, we look past something simple, a command line script that can take tasks and remove them from your plate. From something simple like exporting a database back up to sending out notifications to users via an API, a command line script can remove hours of work, and just sit in the background until called via cron or an action. Lets look at ways to automate your code, both production and tests and what libraries can help us write awesome CLI scripts!


Containing Chaos with Kubernetes

Terrence Ryan
Session
 
Beg
 
DevOps


Okay, you've made the move to containers and can now write Dockerfiles for everything. How do you manage all of those containers?. Have you found that you traded managing individual machines for managing individual containers?

Kubernetes, an Open Source container orchestration engine, can be your answer. We'll explore Kubernetes and see how you can use it to run massive collections of containers that fix their own problems and allow you to move your setup wherever you need to be.


Control your application with your brain

Ibis Arrastia
Session
 
Beg
 
UIUX


See the latest technology in brain computer interfaces and see a live demo of how you can control your applications with just your mind! As we seek better user interfaces, maybe future applications will no longer require a mouse and a keyboard, just your thoughts.


Data Visualization with D3

Wenting Zhao
Session
 
Beg
 
Javascript


Introduction/Tutorial of Data Visualization in JavaScript, with the use of the D3.js library.


Debugging Effectively

Colin O'Dell
Session
 
Beg
 
Development


Software bugs are inevitable; some are especially difficult to track down, causing you to waste countless hours before throwing your hands up in defeat. It doesn't have to be this way! The mental fatigue and wasted time can be avoided by using strategies like identifying the most-appropriate tool, taking a logical & objective approach, challenging assumptions, listening to variables, isolating the code path, and reinforcing code with automated tests. Attendees will learn how to combine these techniques with the right mindset and attitude in order to debug their code quickly and effectively.


Design for Developers

Kevin and Cathy Bruce
Session
 
Beg
 
Development
 
UIUX


While there is some truth to “some amount of innate talent is required to be a true artist”, it’s not necessarily so in learning how to design. And as developers, we’ve all found ourselves struggling when called on to be both the designer and developer of a website. There are processes and techniques you can use to create a well designed site. From “hierarchy of content” to “font usage” to “proximity of elements”, I will teach you how to develop an eye for design that will carry you through any task, and may even alter how you see the world as you learn related patterns are everywhere.


Develop A Security Mindset

Lisa Bock
Session
 
Beg
 
Security


Today, cyber threats are everywhere, and are becoming more aggressive, complex and sophisticated. An attack can result in theft of information, exposure to sensitive information. A threat is something we cannot prevent, such as the threat of someone trying to launch a Cross Site Scripting Attack (XSS). However, we can reduce the risk by ensuring proper input validation on all data stored in the database.

Web based applications represent an attack vector. As a developer, you should be aware of the most important security concerns when you develop your web interface, and the best practices you can take keep your servers, software, and data safe from threats that exist in today’s complex environment. I’ll provide an overview of security, list some of the top vulnerabilities, and get participants into a security mind set.


DevOps For Small Teams

Joe Ferguson
Session
 
Int
 
DevOps


Do your peers come to you when they need help with networking?
Are the the one that has to trace down problems with local networking resources?
Do you know the server is down because your Slack DMs blow up?

If you answer yes to any of these, congratulations, you are "DevOps". Every company has DevOps people, whether they call them that or not. These are the people that fix things, patch software, that help developers stay focused on developing.

In this session I will share with you lessons learned form 9+ years of being "the server person". We will cover topics like:
- Stop using WAMP/MAMP and start using Vagrant
- Version control isn't renaming files
- Automate common tasks with shell scripts / command line PHP apps
- From Vagrant to Production

Join me. Embrace your inner DevOps


Dockerize your unit tests for faster feedback

Michelangelo van Dam
Session
 
Adv
 
DevOps
 
Testing


Ever got the message "Fatal error: Out of memory" when running your unit tests? Or do you have to wait for more than 5 minutes for all of your unit tests to complete? We're using Docker to mitigate these and other issues. In this session I will show you how we have split up a single testsuite of 3K+ tests into manageable unit modules which are executed by Docker micro instances in parallel. And with this set up we test our application on the current PHP version, but it also allows us to test against a new major PHP version the moment it is released or even is available in beta.


Don't work for PHPCS, make PHPCS work for you

Juliette Reinders Folmer
Session
 
Beg
 
Development


Congratulations! Your team has chosen a coding standard to use and you're well on your way to a consistent code style for all your projects. But... there are some extra things you'd like to check for, some rules you really can't be bothered with and some which sort of fit your needs, but not completely. Now what?

Come and learn how to make the PHP Codesniffer work for you and how to streamline the PHPCS related work-flow along the way.


Employing CQRS and Event Sourcing to Build an MVP

Beau Simensen
Session
 
Beg
 
Development


Learning about Command Query Responsibility Segregation (CQRS) and Event Sourcing can be both exciting and confusing. It sounds great, but how does it work in the real world? Won't it be a lot of work before you even get started? Will it be worth the investment and when will that investment start paying off? Are these technologies appropriate for building a minimum viable product (MVP)? Find out how these questions were answered for one team as they set out to build their MVP.


Engineering - Mastering the art of Software

Cristiano Diniz da Silva
Session
 
Beg
 
Soft-Skills


Software development has grown in the last 10 years, and with it the profession has also grown.

This talk will cover the basic principles and mindset that differ from a software developer to a software engineer. Principles such as troubleshooting, toolsets, risk management, etc.

The idea of the talk is to go over these base core principles and expose them to software developers starting in the profession or want to give a shift in their career improving it.


From Docker to Production

Chris Tankersley
Session
 
Int
 
DevOps


Congrats! You and your coworkers love Docker. Docker has become an increasingly helpful tool when it comes to devops. We can now build smaller, more robust local development setups with the promise of mirroring production. One thing that still plagues many situations is how to get those containers into production and update them over time. We will explore different tools for setting up, configuring, and maintaining containers as they go live.


Going Password-Free

Eric Mann
Session
 
Beg
 
Development
 
Security


Should a password be long and complex? What about a string of easy-to-remember words instead? Are password managers the best way forward? What about multiple factors? Is there a better way?

These are all questions your users have: learn how to answer them and how to make security easy by moving beyond passwords for your web app entirely with magic link based authentication! Your users just click a link; they don't have to remember anything.


Graph Databases Will Change Your Freakin Life

Edward Finkler
Session
 
Beg
 
Database


All of us have worked with relational DBs like MySQL or PostgreSQL, but for many use cases they aren't the best option. Graph databases have a simpler, more powerful model for handling complex related data. In this talk we'll work with Neo4j to explore the advantages of graph DBs. Attendees will learn the graph model, how graph DBs let you do things that are practically impossible with SQL, and the best options for integrating one into your PHP application -- new or existing.


HTTP/2 and Asynchronous APIs

Davey Shafik
Session
 
Int
 
API
 
Async


HTTP/2 (H2) is coming, and along with it a whole new way of communicating over the web. Connection re-use, prioritization, multiplexing, and server push are just some of the features in H2.

In this talk we'll look at the HTTP/2 protocol, and at how we can use asynchronous request now with HTTP/1.x. We will also look at what asynchronous requests and H2 mean for your API and clients in the future.


Irresistible APIs

Kirsten Hunter
Session
 
Beg
 
API


When creating a new REST platform, the planning process frequently gets skipped (or is misunderstood) resulting in an ill-conceived API. I’ll walk you through the steps needed to create an API that developers love, and point out the common traps to avoid.

The presentation will cover creating user stories, deciding on metrics, planning the API, design decisions, documentation and developer support. I will focus on creating a developer experience that will delight and amaze your developer partners and increase engagement with your platform. This talk will focus on higher level choices rather than HTTP architecture, and is appropriate for developers, product managers, or anyone else with an interest in achieving success for their API program.

The Open API Ecosystem is an amazing opportunity for companies to partner with developers, but you really only get one chance to impress, so come learn how to make your company’s API an “A List” destination.


Irritating Strings -- Iterating Things

Eric Poe
Session
 
Int
 
Development


Arrays are beautiful in PHP. One can map them, reduce them, filter them, foreach them, and use them in generators. Strings, on the other hand, are mere shadows to the Array. One can, uh, input and output Strings, and, when brave, manipulate them. What makes Arrays so awesome and Strings so dull? Iterators.

In this talk, we’ll look at the modest origins of the String and the basics of the Iterator. Then, we’ll look at how we can make the String as awesome as the Array through the use of iterator interfaces.

By the end of this talk, you will know the origins of the PHP String and you will be able to extend your knowledge of iterating through a String to be able to iterate through customized objects.


Kicking off with Zend Expressive and Doctrine ORM

James Titcumb
Session
 
Beg
 
Framework
 
Database
 
Zend Framework


You've heard of Zend's new framework, Expressive, and you've heard it's the new hotness. In this talk, I will introduce the concepts of Expressive, how to bootstrap a simple application with the framework using best practices, and finally how to integrate a third party tool like Doctrine ORM.


Locate all the things

Derick Rethans
Session
 
Int
 
Database
 

In this talk you will learn how to effectively store, retrieve and display geospatial data, such as roads, points of interests and more.

First we will be importing an OpenStreetMap dataset covering London into MongoDB. This is not trivial due to the amount of data.

After importing, we will look at which types of queries we can run to find things. Either by predicates, or with geospatial queries.

And last we will have a look at how to display the data that we've requested, through a website using the Leaflet mapping library.


Making the most out of MySQL

Gabriela D'Ávila
Session
 
Int
 
database


The new JSON fields are some of the most talking about new features in MySQL 5.7. But they are by no means the only awesome things this version has to offer. MySQL 5.7 is a year old, so this talk won't be an introduction to this version. We will be digging into 5.7 to see how to make the most of the tools available in it. Want to tackle important practical problem solving for your data, make your query performance analysis more efficient or look at how virtual columns can help you index data? This talk is for you!


Meet your BFF - Building Backends-for-Frontends

Luis Atencio
Session
 
Int
 
API
 
Framework


We live in a highly distributed world. This means that data doesn’t all live in one place, development teams are scattered and spread geographically, and service modularization is the key to tackle the complexity of large enterprise systems—in short, the end of the monolith. As a result, modern distributed architectures (microservices) have become widespread. What does this mean for a professional PHP developer like you?

It means that instead of reading data from your single, all-mighty MySQL server, you find yourself mashing up APIs from different sources that each make up a piece of the puzzle of the user interface your customers see. Unfortunately, this adds an incredible degree of difficulty to your code as the data is no longer accessible from your local, fast database, but from slower, remote, asynchronous RESTful APIs.

In this talk , we explore the Reactive Extensions library for PHP (RxPHP), which will become your BFF when building a server-side aggregation endpoint that can compose data from multiple RESTful services or APIs and combine together in ways PHP developers have never seen before.


MySQL: Analysis, understanding, and optimization of queries

Michael Moussa
Session
 
Int
 
Database


Your new database query ran quickly when you tested it, but seconds after deploying it, alarms are blaring and you’re scrambling to rollback before the site goes down. What happened?!?

I can “EXPLAIN”.

Queries that perform well under development load with limited datasets can easily bring a database to its knees under production load. In this talk, you will learn to decipher MySQL query execution plans, recognize portions that can be improved, and take the necessary steps to optimize your queries - all without starting any fires!


MySQL's JSON Data Type & Document Store

Dave Stokes
Session
 
Beg
 
Database


MySQL now has a native JSON Data type. So like an Integer or a character, you can store an entire valid JSON document in a column of a table in a MySQL database. Sure you could store JSON data in a text field but then you end up using Regular Expressions to search that data and who needs that aggravation? This session will cover how JSON information is store in an optimized binary format, functions you need to know to use that JSON data (How many email fields are in that JSON document or how to update information), the usages of generated columns that take information from JSON documents to materialize a column that is indexed for searching, and lots of programming examples.

Plus there is a new MySQL Protocol and X Devapi that allows you to use a MySQL database as a document store which means no writing queries, no structured query language, and the ability from your favorite programming language to do CRUD (Create, Replace, Update, Delete) directly.


Not-On-Calliday: On-Call Best Practices

Amanda Folson
Session
 
Beg
 
Soft-Skills


Being on call sucks, but it doesn’t have to. Many organizations struggle to maintain effective on-call rotations that minimize the number of people woken up in the middle of the night -- so much so, that “burnout syndrome” is an actual disorder that’s commonly experienced by professionals in on-call positions. In this talk, we’ll talk about how you can set up your on-call rotations to optimize the uptime of your infrastructure and your engineering team.


Practical Performance Tips and Tricks to Make Your HTML/JavaScript Faster

Doris Chen
Session
 
Beg
 
Javascript
 
Scaling


How to tackle real-world web platform performance problems in modern websites and apps? This session starts with a basic understanding of the web platform and then explores to a set of problem/solution pairs built from industry-standard performance guidance. In the talk, we will demonstrate performance tips and tricks that will help you improve the performance of your apps and sites today. We will discuss the following respond to network requests, speed and responsiveness, optimizing media usage, and writing fast JavaScript. These performance tips and tricks apply equally to web sites that run on standards based web browsers, as well as to modern apps.


Pulling up Your Legacy App by its Bootstraps!

Emily Stamey
Session
 
Beg
 
Development
 
OOP


Your mission, should you choose to accept it, is to support an application built on an older framework. Refactoring isn't an easy option. The code is untested and nowhere near best practices or standards. In this session, we'll talk about strategies to incorporate modern PHP coding practices to add features and functionality and retiring the older code in pieces. We'll review specific examples and code from a real project where we bootstrapped a legacy application that needed a lot of help to become useful to its users and simpler for developers to maintain. We'll talk about strategies to leave the existing code in place until the new code is ready to replace it in whole or in pieces.


Securing Legacy Applications

Chris Cornutt
Session
 
Beg
 
Security


It’s common to hear people preach “plan in security from the start” and in an ideal world you can. Here in the real world, though, we have legacy code that’s gathered over time and comes with a host of problems - (in)security included. What do you do when you’ve been commissioned with securing an application that’s showing its age? Follow along with me as a I step you through a list of tips and tricks you can use to discover security issues in your application and effectively fix them and secure your application.

Topics will include some of the most common vulnerability types, key places to look for potential issues and arm you with the tools and knowledge you’ll need to refactor that legacy application into something secure.


Tales from the Crypt: Cryptography Primer

Adam Englander
Session
 
Adv
 
security


Cryptography is a complex and confusing subject. There seems to be more disinformation than actual information. Learn how to properly use cryptography to secure user credentials and consumer data. We will discuss cryptographic methodologies and algorithms available to PHP. The main focus will focus be on encryption with RSA and AES and hashing with SHA and the PHP Password Hashing extension. We will discuss other methodologies as part of a compare and contrast based on cryptography strength and randomness.


Taming the Resource Tiger

Elizabeth M Smith
Session
 
Int
 
Development
 
Scaling
 
DevOps


No matter how many virtual machines you throw at a problem you always have the physical limitations of hardware. Memory, CPU, and even your NIC's throughput have finite limits. Are you trying to load that 5 GB csv into memory to process it? No really, you shouldn't!

PHP has many built in features to deal with data in more efficient ways that pumping everything into an array or object. Using PHP stream and stream filtering mechanisms you can work with chunked data in an efficient matter, with sockets and processes you can farm out work efficiently and still keep track of what your application is doing. These features can help with memory, CPU, and other physical system limitations to help you scale without the giant AWS bill.


Time Management For Grumpy Programmers

Chris Hartjes
Session
 
Beg
 
SoftSkills


I don't have enough time" is a cry that echoes across social media and online chat rooms. Work deadlines, family obligations, hobbies that don't involve computers -- they all are taking out chunks of the time we have available to us. But there is one immutable fact --we all have the same amount of time available, some of us just find different ways to use it.

In this session learn how long-time grumpy programmer Chris Hartjes organizes and makes decisions about how to spend his time. Business owner, involved work-from-home parent, conference speaker, podcaster, collectable card game enthusiast - Chris does this all and more without feeling super-stressed about it. Was he born with this super power? Not at all. The talk will cover how Chris plans his life, his preferred tools, and strategies for figuring out what to do and when to do it. It is possible to get a lot done and not become a workaholic in the process. Sit back, relax, and let a grumpy programmer show you how to maximize your time.


Unit Testing by Example

Anna Filina
Session
 
Beg
 
Testing


Everyone tells you that you need to test. You know the theory, but you don't know where to begin. What to test? What cases to write? Through realistic and pragmatic examples, this presentation will take you away from var_dump and ease you into the testing business until you're ready to do TDD. All this without losing sight of the tight deadlines.


Web Performance 2017: Myths and Truths

Christian Wenz
Session
 
Int
 
Scaling


The performance of a web site is one of the criteria used by Google and other search engines to determine the site's ranking. Various studies have shown that there is a link between performance and conversion rates. These are just two of many reasons to make performance optimization a mandatory step in your development process. However advice that was relevant a few years ago is often made obsolete by new browser versions or new technologies like HTTP/2.

We will cover several aspects of optimizing a site from a performance perspective, debunk some myths, and also present tools that help analyzing a web site's performance.


Websockets and Event-driven Programming with ReactPHP

Steve Meyers
Session
 
Int
 
Async
 
Javascript


Modern browsers support a new standard call Websockets, which allow persistent connections between a browser and a server. We'll discuss how to implement Websockets with your client-side Javascript talking to your server-side PHP, using the ReactPHP framework.