Filtering security problems

Derick Rethans / Session anglaise

Most of the security problems in applications written in PHP can be solved in two simple steps: Filter Input and Escape Output. In this talk, you will learn about the former, input filtering. I will cover both PHP's new filter extension, and the filtering available in user-land PHP, found in the eZ components.

Top

Unicoding with PHP 6

Andrei Zmievski / Session anglaise

The Unicode support in PHP continues to evolve. Come to this session and find out what this means for you and how you can take advantage of it. Don't be left behind as the software world moves towards language and cultural sensitivity. Speaking Unicode is all the rage these days and this session will show what PHP has learned and how easy it will be to work with multilingual text.

This talk will provide an overview of the most salient features of the Unicode support and illustrate the new internationalization features with a variety of demos on topics such as:

• Character set conversion
• Text boundary analysis
• Working with international dates and calendars
• Transliteration and text normalization
• Working with character sets and properties

Top

PHP & Design Patterns

Gérald Croës / Session française

Les Design Patterns (Modèles de conception) constituent un ensemble de solutions de conception qui répondent à des problèmes courants. Les connaitre permet aux développeurs de profiter de l'expérience de leur pairs et leur assure de disposer d'une solution souple et robuste.

Cette session s'appuiera sur les 23 patterns du GoF qui ont popularisé leur utilisation dans le monde de l'informatique.

Outre la théorie, les patterns seront présentés dans des exemples de code PHP concrets au travers d'une application exemple réalisée pour l'occasion.

Top

Beyond PHP

Joe Stagner / Session anglaise

PHP is a scripting language that is well known for its cross-platform capabilities, but spicing it up with features unique to the Microsoft Windows platform has compelling advantages. In this session, PHP will be the center of attention as you learn to build and run a PHP application on IIS, extend PHP application with .NET and COM, and mingle with the Microsoft AJAX library.

Top

Testing in the PHP world

Marcus Böerger / Session anglaise

PHP is developing quite fast, so are your applications. And most often there is no time for complex testing using overbloated test frameworks like unit testing and whatnot. On the other hand, tests are necessary to get an application - as well as PHP itself - stable and secure. This tutorial will introduce the phpt test script - yes, a single test script written in PHP. Easy enough for everyone to use. This is also the easiest way to help develop PHP. After you got started with testing, the tutorial will introduce the more complex test suits that offer a bunch of nice interactions that make the handling of your test suite much easier.

Top

Bigger and Faster

Rasmus Lerdorf / Session anglaise

In order to build a successful modern web application you have to engage the user at a very primal level and harness each and every user in such a way that every action enhances the overall experience for all users. Translating this concept into code and making sure that an exponentially growing user base doesn't bring your application to its knees becomes an interesting problem to solve.

Scale, latency, and security are the key words for this year's talk. In order to build these bigger and faster web applications, PHP has gotten bigger and faster as well. This talk will explore recent PHP development and apply it to the three key words.

Top

SOA: Beyond the Hype

Rob Richards / Session anglaise

There's more to service-oriented architecture (SOA) than just the hype surrounding it, but remember it is not a magic silver bullet. Before making the leap to embrace this architectural philosophy, you must have a clear understanding of what SOA entails; both the benefits and unexpected issues that might arise. I will use real world examples (using PHP 5 for the services) to demonstrate how and where SOA might fit within your organizations as well as where and why it might not.

Top

VIM for PHP Programmers

Andrei Zmievski / Session anglaise

Are you stuck choosing between Komodo, Zend Studio, PHPEdit, or Eclipse as your next IDE? Did you just come to Unix from Windows and wonder how to translate your "1337" Notepad skills to the new platform? Have you pulled out most of your hair struggling to make your current editor do something more complicated than proper indentation? Or do you feel that perhaps you use only 5% of VIM's potential but desire to learn the true magic? Then head over to this session and grab a seat, because you don't want to be left standing when everyone else shows up to see what VIM has in store for PHP developers. Plus, it'll help that hair grow back.

Top

John's Top PECL Picks

John Coggeshall / Session anglaise

The PHP PECL repository is a little understood and explosively growing collection of PHP extensions. As with any repository it has it's shining stars and bits of code which you probably don't really want on a production server. In this talk, John will highlight a handful of the most useful non-standard and stable PHP extensions available in this great repository and provide a series of working examples which highlights their use.

Top

Service Component Architecture

Graham Charters / Session anglaise

Service Component Architecture (SCA) aims to make it possible for a PHP programmer to write reusable components, which can be called either locally, or remotely via Web services (soap/http, json-rpc, atompub, etc), with an identical interface and with a minimum of fuss. It generates service descriptions (WSDL, SMD) as needed from annotations within the script, and resolves dependencies between components at runtime. Deploying a Web service can be as simple as dropping a PHP script into Apache. This talk will show how to use SCA to produce and consume Web services, using working samples.

Top

Technique d'estimation agile pour les applications Web

Louis-Philippe Huberdeau / Session française

Quand un développeur se fait demander un estimé sur la date de livraision, la stratégie généralement adoptée est souvent de donner une réponse évasive. La majorité vont multiplier les chiffres par deux ou trois pour être certain de ne pas dépasser. Cette session propose une technique simple et incrémentale pour obtenir de meilleurs estimés en se basant sur les techniques apportés par le génie logiciel.

Pendant que les développeurs ont utilisés leurs instincts pour déterminer la durée d'un projet, des chercheurs ont défini des techniques pour rendre le processus d'estimation plus fiable et répétable. Cependant, ses techniques couvertes par la littérature s'applique difficilement au développement d'application Web et la complexité repousse une grande partie des développeurs PHP.

Cette session tente de rapprocher le contenu des livres à la réalité du développement Web en fournissant des techniques simples pour obtenir des résultats rapidement. Ses techniques vont permettre aux développeurs de présenter des estimations réalistes et vérifiables aux gestionnaires en assurant un niveau de confiance adéquat.

Top

An introduction to PHP 5.2

Ilia Alshanetsky / Session anglaise

A brief look at the cool new things offered in this release and why everyone should upgrade to it as soon as they can. The bulk of the talk however, will focus on the migration challenges that this release presents when it comes to upgrading from earlier versions of PHP 4 and 5, and how to overcome some of those problems.

Top

Truc et astuces PHP

Damien Seguy / Session française

Avec plus de 3400 fonctions en stock, sans compter les extensions optionnelles, PHP propose une quantité incroyable de fonctionnalités, dont certaines restent inconnues. Dans cette session, nous allons couvrir tout un florilège de fonctionnalités rarement connues de PHP et MySQL, mais qui sont bien utiles, et disponibles directement dans les distributions standards.

Top

Writing Maintainable PHP

Laura Thomson / Session anglaise

In this talk, you'll learn why maintaining other people's PHP code is akin to the ninth circle of hell, and how to write your own code so as not to inflict that on others.

I'll cover:

• Common errors and how to avoid them
• How to write maintainable code: standards, processes, and frameworks
• Developing your developers

Top

symfony: simplify professional web development with PHP

Fabien Potencier / Session anglaise

This session will cover professional web development using PHP5 and the symfony platform. The focus will be on the tools symfony provide to build, test, and deploy *professional* applications (MVC, environments, i18n, configurability, database abstraction - Propel, Ajax support - prototype, functional test framework, plugins, ...) and how PHP5 helped symfony development. Gone were the days of spaghetti code in PHP. Learn how to build maintainable and upgradeable PHP applications with symfony.

Top

Processus d'implantation d'un SGC avec TYPO3

Patrick Gaumond / Session française

Nous aborderons l'ensemble des processus d'implantation d'un système de gestion de contenu (SGC) en plus de démontrer l'application de ces principes à même le SGC TYPO3, un produit entièrement écrit en PHP.

Seront abordés :

• Le pourquoi des SGC et les problèmes qu'ils tentent de régler.
• Les principes communs aux SGC de moyennes entreprises.
• Les intervenants à toutes les étapes de réalisation.
• Ce que le SGC ne réglera pas comme problème.

Les principales tâches à accomplir que nous aborderons :

• Fixer les besoins du client et ses attentes.
• Prévoir une infrastructure technologique en lien avec l'achalandage prévu.
• Sélectionner le produit répondant aux besoins et prévoir les ajustements, configurations et développements nécessaires à l'atteinte des objectifs.
• Établir les ressources nécessaires en graphisme, rédaction, intégration, développement.
• Préarer un plan de formation pour les éditeurs ou les futurs administrateurs.
• Effectuer l'assurance-qualité et mettre en ligne le site.

Bien que ces étapes semblent théoriques, elles seront concrètement appliquées en utilisant TYPO3 pour y parvenir. Tout au long de la présentation, nous nous assurerons que les participants saisissent les enjeux impliqués.

Top

The Truth about Sessions

Chris Shiflett / Session anglaise

Have you ever had trouble debugging a session problem? Are you concerned about session fixation and session hijacking, but you don't know where to start? Do you want to know what's going on behind the scenes when you use sessions? If you answered yes to any of these questions, then this talk is for you. You're first given a fundamental introduction to HTTP, the challenges that maintaining state presents, and how cookies really work. You'll then learn how to improve upon a basic session mechanism to safeguard against session-related attacks.

Top

From Green Screen to Web Screen

Hans Zaunere / Session anglaise

While the enterprise has accepted open source ideals and internet technologies, legacy systems of years past still rule many fundamental business operations. These core systems continue to provide the business backbone for financial and other business processes, and moving away from them can be tedious, expensive, and risky.

As open source and key elements Apache, MySQL and PHP mature, however, developing internet enabled applications to replace the mainframe behemoths provides a cost-effective and agile migration path. By taking advantage of PHP 5's improved object model and advances in MySQL, open source architects can build enterprise ready web applications that deliver new levels of flexibility and functionality not seen in the past.

In this presentation, New York PHP President Hans Zaunere and Vice-President Chris Hendry expose their process for the discovery and migration process as well as some system and application architecture tips. Using their recent migration of a 25 year old AS400 / RPG application as a case study, Hans and Chris discuss how they leveraged open standards , core PHP 5 objects and extensions (such as PDO and SPL), UML, enterprise architectures (such as message queuing and application tiering), and agile strategies including test-driven development with PHPUnit2, successfully moving 25 years of entrenched legacy technology into history.

Top

Abstraction des données

Fréderic Schmitt / Session française

Nous avons dans le cadre de la mise en place d'un portail groupe (sous Typo3) ainsi que d'applications groupe construit un master data regroupant l'ensemble des informations de nos collaborateurs, site d'implantations, pays, etc.. (le tout sur 13 pays en Europe de l'Ouest et Europe de l'Est).

Ces informations sont ensuites accessibles dans nos applications intranet mais également à des logiciels externes sous formes de services web écris et réalisé en PHP5.

Le but de cette démarche étant que chaque application consommatrice des ces données puissent les récupérer de façon abstraite sans avoir à se préoccuper de la façon dont elles sont stockées (type de base par exemple) ou bien de ne pas subir les modifications éventuelles de la base de données du Master Data afin d'éviter de perpétuelles modifications dans ces applications.

Nous avons trouvés avec ces services web et PHP une façon simple et performantes de mettre à disposition ces données.

Top

Oracle PHP Performance

Christopher Jones / Session anglaise

As PHP adoption increases, Oracle and PHP are used increasingly to deliver business-critical solutions. But how do you make those applications fast and scalable? Discover how to make efficient use of PHP's oci8 extension and Oracle to build and optimize applications for performance, scalability, and high availability.

Top

Managing Resources in a High Availability environment using pgpool.

Robert Bernier / Session anglaise

Pgpool is a pooling manager that is used between middleware, typically an apache webserver, and the postgres server(s). It makes it possible to not only control and regulate the number of connections between webserver and database server but it also functions as the basis of a master-master synchronise replication environment. In addition pgpool makes it possible to use a secondary database backend to take over the primary one in the case of a system failure.

This presentation will show how to install, configure and use pgpool in a High Availability webbased environment.

Top

Leveraging the power of Oracle with PHP

Roberto Mansfield / Session anglaise

Most PHP developers start off in the traditional LAMP environment. But what happens when we switch the "M" with an "O"? Yes, Oracle. The first impulse is to simply learn the "ora" or "oci" functions, and treat Oracle as a replacement for Mysql. That certainly works, but we miss out on the power of Oracle's rich features.

• Functions
• Stored procedures
• Data validation
• Referential integrity
• Transactions

Write your business logic into your database, rather than in your application. This is especially useful if you have multiple applications (in different languages) accessing the same database. This also helps self document your database structure.

XML output, Create Oracle queries which return the data in XML. Pack your complex data object into one XML query rather than issuing multiple queries. Use SimpleXML in PHP to effortlessly parse your results.

Privilege separation and security, protect your data. Rather than giving your web application full access to your database tables, grant access to functions and procedures instead to limit the scope of any security holes.

Top

Rich Internet application development with Flex

Mike Potter / Session anglaise

Despite what the media will have you believe, rich Internet applications and AJAX are not new. With Web businesses like Google and Yahoo! and brick and mortar companies like Harley Davidson and Sherwin Williams embracing RIAs for their online presence, the media buzz is giving way to the reality of a better Internet.

But few RIAs leverage the full potential offered by using a combination of PHP, Flex and AJAX technologies. In this presentation, the spokesperson will show how application developers are using a mix of PHP, AJAX and Flex to create RIAs that are changing the face of the Internet. He will present what developers are doing right now to design rich Internet applications for the Web that combine the best of traditional graphical user interface applications with the wide reach of Web-based access, leading to more streamlined business processes and richer customer service. He will discuss how seamlessly PHP, Flex and AJAX can work together, with minimal to no re-coding or re-starting projects from scratch.

The audience will gain an understanding of:

• How PHP, Flex and AJAX are changing the face of the Web
• How developers can combine PHP, AJAX and Flex in their Web applications to provide better customer service, sleek branding, and better business processes
• How developers can add Flex and Flash functionality to their existing applications without starting from scratch
• How companies can leverage rich Internet applications to do better business, including increased conversion and checkout rates
• How developers are using Flex and Flash to create rich, interactive e-commerce and community Web experiences

Top

Querying XML: simplifying your PHP code with DB2 9 pureXML

Kitman Cheung / Session anglaise

In the Web 2.0 world, XML is a core element of the infrastructure. With its myriad of XML related extensions of modules, PHP will be an important part many new projects. Recognizing the importance of XML, IBM DB2 Express-C 9 pureXML feature provides cutting edge SQL/XML and XQuery supports to developers to compliment the XML features provided by PHP. Using SQL/XML and XQuery, PHP can selectively retrieve partial XML document, merge segments from two different documents, or work with XML and SQL data interchangeably. This presentation will provide hints to developers, through the use of a sample PHP application written using DB2, on how to take advantage of pureXML to simplify their PHP application code while improving overall performance.

Top

Using views in MySQL 5 for data migration

Morgan Tocker / Session anglaise

Changing the structure of your tables is one of the more painful changes you can make to any application. The release of MySQL 5 brings views, triggers and stored procedures.

Using a combination of these technologies I will show a series of examples of how to migrate your data while maintaining a view of it in the older format. Your application will continue to work with minimal change, and without lengthy migration period.

Top

Replication with Postgresql

Robert Bernier / Session anglaise

SLONY is the most popular replication tool used in PostgreSQL today. It is an asynchronous master/slave replication system Trigger based Intended for data centers and backup sites.

This session will present a hands on experience of how to install, configure and use SLONY in PostgreSQL. Scripts explaining the creation and administration of nodes will be demonstrated on a live database engine.

Top

L'Accessibilité des contenus web

Vincent François / Session française

L'Accessibilité des contenus web est une préoccupation majeure des nouveaux déploiements.

Elle apporte aux visiteurs souffrant de handicaps variés de réelles améliorations pour partager les informations et participer à la vie numérique et elle permet en même temps de faire profiter à tous les visiteurs de la cohérence et du respect de certaines règles qu'elle entraîne.

Mais c'est aussi pour l'offreur de services web l'opportunité d'améliorer son image de marque corporative tout en réduisant souvent ses coûts d'exploitation par la standardisation et la division nette entre le contenu et la présentation qu'elle exige.

Rendre son site accessible est un travail à la portée des intégrateurs, designers et programmeurs corretement formés, le plus souvent avec l'aide d'expert certifié. Mais une fois le travail rélisé, il peut être utile d'aller chercher un troisième oeil, expert, afin de certifier la démarche accomplie et de la faire connaître

La nouvelle Coopérative de Solidarité pour l'Accessibilité Numérique "Accessibilité Web" offre la possibilité de certifier les sites. La session présentera :

• les avantages de rendre son site accessible.
• pourquoi certifier
• comment certifier

Top

10 Random tips for MySQL performance Optimisation

Morgan Tocker / Session anglaise

Improving performance is about discovering what bottlenecks you are hitting and finding creative ways to resolve them.

This talk looks at some of the options to tune MySQL and to tune the hardware/OS that your server resides on.

Points covered include:

• Your storage engine is your friend (learn their differences and exploit them)
• MyISAM optimisations
• InnoDB optimisations
• A walk through various caches in MySQL

Top

Microformats : Méta-données pour les humains et les machines

Sylvain Carle / Session française

Conçu pour les humains en premier mais aussi pour les machines, les microformats sont un format de données ouvertes, simples, construit sur les bases des standards existants. Les microformats s'appuient sur ce qui fonctionne déjà en s'adaptant à l'utilisation courante des logiciels sociaux et de réseaux (blogues, xhtml).

Une présentation des microformats couramment en utilisation (hCard, hCalendar, XFN, hReview) et des librairies php (et autres!) pour générer ou consommer des micro-formats.

Top