phpDay 2018
11 - 12 May 2018 at Hotel San Marco

You don’t need unit tests. Just write correct code.” “Closing this PEBKAC.” “Looks like another ID-10-T error.” We builders of systems spend a lot of time blaming failures of the systems we build on users of the systems we build. Maybe that’s fine; maybe it’s their fault. If the end users of your web app would just read the ‘Help’ pages, they wouldn’t have to call you with questions so often. If the passengers boarding an airplane would just wait for their zone to be called, the line wouldn’t back up and the plane would leave on time. If the developers you manage would just write code that works, they wouldn’t have to waste all that time on code reviews and unit tests. On the other hand, maybe the systems are inherently flawed, but we don’t notice until users get involved. Maybe we’re not very good at building systems that embrace real people, so instead we build systems that barely tolerate them. How would our system designs change if we started viewing “user errors” as “normative behavior”? How would a system that expected reality from its users be different from one that expects perfection?

9

Not certain you're making full use of Composer's capabilities? Overwhelmed by the number of commands, options and configuration choices? Composer has become the standard tool for Dependency Management in PHP. While we continuously work on improving Composer's usability and documentation, it covers a vast amount of functionality and use cases, and Dependency management itself remains a challenge for software development. Apart from the latest changes in Composer this session will cover details on version constraints, stabilities, semantic versioning, correct use of the lock file, helpful tips for everyday interaction with Composer, such as the right options to use during development, testing and deployment, or commands useful for debugging solver problems. You should already be familiar with Composer and be eager to learn more tips & tricks.

6

There are so many benefits from code review; lower development costs, increased code quality, quick up-skilling and on-boarding of team members. Despite these benefits many teams don’t have code review as part of their process at all. Others don’t get the gains they should from it. This talk first outlines the business case for code review. It then explores how to make code review effective, specifically looking at: * Expectations of what can be achieved with code review. * What should be covered by code review (including example code) * What should not be covered by code review * How to write code that makes code review easy * What makes good code review comments * What makes good responses to code review comments Finally to wrap up you'll be shown how to enable a code review with Github. Spoiler alert: It can be done it under 5 mins! So if you are on a team that isn’t using code review, or isn’t using it effectively then you should be at this talk.

0

Developers still hesitate to include writing tests in their everyday routine. There are numerous excuses, myths and misconceptions around: “they slow us down”, “we’ll never achieve 100% code coverage, so why bother”, “takes too much time to learn testing, we’re better of writing business logic instead”. When we get to the topic of writing tests first, the debate becomes even more heated. In real world, where you get paid by code that ships, developer strive to write the most efficient tests possible. To cover mission critical code. To quickly decide whether writing a functional test or series of unit tests is the best approach. Let us learn together how to use phpunit and TDD in most efficient way possible, for extraordinary results. This workshop is for developers who start their projects by drawing model of the database first, developers who are overwhelmed by number of testing tools or don’t know where to start and developers who simply want to level up their game.

11

Kubernetes is a very powerful container orchestration platform that is quickly gaining traction and gives you lots of benefits in deploying, running and scaling your microservice web application. But it has also a steep learning curve. In this talk I will introduce you to Kubernetes, why you would want to use it and all the tooling around Kubernetes with the help of practical examples.

7

Starting your journey as a programmer can be daunting and overwhelming. There is so much to learn, so many contradicting sources of information, and so many different opinions about everything. Most of the time we don't get the answers we need or want, but we get vague options that don't really help us all that much. In this talk I discuss the problems we face when teaching others, the problems we face as an industry in a disparity between juniors and seniors and how we can vastly improve the way in which we teach our peers and educate our juniors.

3

Applications should be fast regardless of any cache system. However, sometimes we do need to cache data in order to optimise things and deliver a fast response to the clients. This talk covers the different types of cache offered Doctrine ORM (metadata, query, result set, and second level cache), how they work together with the Unit of Work and what we should know before caching all the things.

Do you test your code? What about your tests? Your tests are code, you need to write, refactor and maintain them. This is not cheap so how do you make sure you are testing enough but not too much? Discover Mutation Testing, a fun tool to make your code better by introducing bugs. -- The first part of the talk is about the costs of the tests to introduce what problem mutation testing is solving. The tests themselves are code, requires to be written and maintain and as such are far from being free. Depending of the maturity level of your application and your deadlines, you need to adjust the level of testing. Mutation testing is a technique that can provide a reliable metric to know how much of your code is actually tested (as opposed to unit test coverage which shows what code has *not* been tested) and as such provides a tool for both the team to control their level of tests and the business to have a trustworthy metric. The second part is about mutation testing itself: the theory, a demo of the PHP library Infection, pros/cons of that solution and the further development planned for this tool

Developers of applications under continuous high load often struggle with delivering new features and improvements without taking the app offline, performing the required migrations and taking it back online. I will show battle-tested procedures how to perform migrations without any disruptions. To survive in a competitive market, a software team must be able to deploy new versions of their application as frequently as possible, delivering new features, improvements and bugfixes for their users and stakeholders. Deployments should not be limited to a certain time or to a certain number, otherwise they become a bottleneck for the development process. To avoid disruptions when frequently deploying new versions, developers must adopt a set of practices that allow changing the database schema in production without users even noticing. As a result, the development process becomes much more safe and smooth. I will also talk about zero downtime deployments. They are less about development practices and more about deployment automation and webserver configuration. Some tips might even make your application perform faster!

In recent months I have had the opportunity to work on the refactoring of a large legacy application, for a good part written in procedural code: the challenge was to make the application evolve to keep up with the business needs, without embark on an expensive and unthinkable rewrite During this session I'd like to share what techniques we used to achieve the goal, highlighting what worked well, and what didn't, to give you a couple more ideas the next time you're facing a similar challenge. Some of topics: - code organization from folder structure to classes - choosing an architectural style - testing - refactoring to objects

Symfony 4.1 comes with a new Component: Messenger. It drastically simplifies the use of message buses and handling asynchronous operations using message queues such as RabbitMq. In this talk, I will introduce you to this component and show you how to get started with it.

3

The good old times where a text editor and an FTP client were enough to fulfill your web development needs are over! With the rise of containers and microservices and new concepts like serverless everything got much more complex. Fear not we’ll dive into the concepts and you’ll see which parts you can already adopt today! Everyone is talking about containers and serverless but barely anyone is using it in production. Let’s dive in together into the new world of web development.

6

Whenever you are faced with a problem it is normal to try to find a generic solution and then you implement that solution in code. But some problems might be too complex to solve by humans (and even engineers). Imagine you are a traveling salesman, about to visit 10 cities in Europe. You can visit them in any order. What’s the cheapest route? To find this out, we could use dynamic programming to let the computer solve the problem for us and just give us a result.

5

In this talk we will present a middleware async architecture based on [Expressive](http://getexpressive.org/) and [Swoole](https://www.swoole.co.uk/) to speed up web API development and runtime in PHP. Using this approach, you will be able to achieve great performace improvement, up to 4x faster than nginx or Apache ([benchmark](https://framework.zend.com/blog/2018-03-21-expressive-swoole.html)).

Blockchain, Cryptocurrency. Bitcoin, Ethereum. Buzzwords? Trendy topics? Sure. As a developer, I’m not very interested in the hype or the crazy speculation. But I want to understand the underlying technology. How Bitcoin works. What makes Ethereum useful. The concepts and algorithms used by Bitcoin, Ethereum, and the thousands other coins that were created in the last years. I read the Bitcoin whitepaper. I found it very interesting. To share my new knowledge, I’d like to create a cryptocurrency in PHP… with you. This session should be more than enough. Along the way, you will hopefully better understand what makes Bitcoin revolutionary.

6

Every developer should be confident that their code is efficient and safe to run in production. But it can be hard to get started. What tools to use? What do the graphs mean? What to look at first? In this talk, we will analyse and optimise the performance of a simple PHP application. By demonstrating how to use some of the excellent open source projects such as xdebug, xhprof or meminfo I hope to give you a good idea of where to start with analysing and optimising your PHP code.

1

"Event Sourcing", along with "CQRS" (Command Query Responsibility Segregation), have recently become trending terms, and now there is so much theory, blog posts and talks about them. However, most of these deal with the problem starting from an utopian assumption: having to write a project from scratch (greenfield), but at the same time with a high domain complexity right from the start, enough to justify the use of a complex technique like event sourcing and CQRS, which carry a fair amount of inherent complexity. But the reality greatly differs: projects are born from small and simple prototypes, and they accumulate complexity only with time and the growth and evolution of specifications and features. This talk is a case history in which I will tell you (with little theory and a lot of practical examples) how we decided to **add event sourcing to an already existing project** (without eradicating the rest or rewriting it), to **solve a specific problem** (reporting and its historization) for which this methodology proved to be the **perfect solution**.

We'll start by creating a fully-featured API in just a few minutes with API Platform, Symfony and Doctrine. The API will support pagination, data validation, access control, relation embedding, filters and error handling. It will expose many formats (JSON-LD, Hydra, JSONAPI, HAL, JSON, XML, YAML and CSV), will be documented with Swagger/OpenAPI and will have a nice UI done in React. Last but not least, the API will respond in a just few milliseconds thanks to its builtin invalidation based cache mechanism. Then, we will use the ReactJS tools provided by the API Platform to consume the exposed Hydra documentation. In a few more minutes, we will get a Material Design administration interface (a la Sonata / EasyAdmin - but 100% client-side) built with React. Finally, we'll discover 2 nice code generators to bootstrap a SPA (React, Redux and React Router) and iOS and Android mobile apps (React Native).

4

The Sodium crypto library (https://libsodium.org/) is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more. Sodium has been added to PHP 7.2 as core extension. In this talk we will show how to use Sodium in PHP projects to solve common problems, like how to store the users' password, how to encrypt/decrypt sensitive information, how to authenticate user's data, etc. We'll also present some of the advanced features of libsodium like authenticated encryption, anonymous public-key encryption, and elliptic curve cryptography.

4

At any given time, 1 in 5 adults are living with a mental illness, such as depression, bipolar disorder, generalized anxiety disorder, substance use disorder, burnout, or ADHD. Statistically, all of us working for an organization with 5 or more employees have at least one colleague who is affected. At the same time, the tech industry is often characterized by high stress, long hours, workplace pressure to be available by phone and e-mail after-hours or sometimes even while on vacation, social pressure to constantly network and attend conferences and make a name for yourself, and the precarious balance between trying to do good by contributing to open-source and maintaining some semblance of free time that doesn't involve coding. Given how this demanding environment increasingly blurs the line between our professional and personal lives, how can we ensure that the most vulnerable among us aren't being left behind? As a community, the single most damaging thing we can do is continue to treat mental health as a personal shortcoming that can't be talked about openly. We shouldn't think of it as "somebody else's problem"; the 4 in 5 of us who don't currently have mental health disorders must do our part to help end the stigma. This talk will begin with an overview of key statistics about mental illness, followed by the efforts of the non-profit organization [Open Sourcing Mental Illness](https://osmihelp.org) to gather more data about mental health in the tech industry, the ALGEE action plan taught by the [Mental Health First Aid](https://www.mentalhealthfirstaid.org) training course, and finally conclude with ideas and strategies for making our tech workplaces more accommodating and inclusive.

No no, not country flags, feature flags! Feature flags are a powerful technique that allows teams to modify a system's behaviour without changing code. They can be used several reasons - canary releases and A/B testing to name a few. This talk will show you how you're already using feature flags in your application without realising it. Next, we'll take a look at some of the best tooling out there to help you take feature flags to the next level. Finally, we'll cover strategies for removing feature flags before they become technical debt that you have to manage.

Websockets are a technology allowing bi-directional communication between the server and the client and are not often the topic of focus when it comes to writing standard web applications due to their complexity and learning curve required. In this talk will will discuss event loops and event driven programming and end with a distributed messaging architecture that will work in enterprise. This talk is also the story of my first real project involving sending torrent data from the server to the browser so I could build my own Torrent Web GUI. You will see fully working code and a live example. What is an event loop and how does it work? How about authentication when using both HTTP and Websocket requests? How do I make my code non-blocking? How about the overall architecture? These are some of the topics covered from both a theoretical and a practical standpoint. I also talk about security and privacy and how not to get caught when setting up a server designed solely for streaming Ubuntu downloads. Going out of the talk, you will know how to architect a realtime, distributed application with PHP.

A small introduction to Flyimg.io which is a dockerized PHP application runs as microservice to crop and resize images on the fly.

REST API modeling may be hard, using and supporting large collection of APIs is even harder. GraphQL is a answer for some of these problems. It’s a query language for APIs which provides complete description of your data and gives clients the power to ask for exactly what the need in a single request. In this talk you will learn about GraphQL concepts, differences between GraphQL and WSDL/SOAP/REST/etc and how to add it to your existing stack.

2

The Symfony Translator component is the one you learned how to use in 5 minutes and you have not thought much about it since. It just sits there in almost every project and just works. That is great, that is what a great component should do. The tricky part is how you build your development processes to work together with the translation process. You will start to notice problems when you have 4 or more languages. What other tools and services should you use? And how do you teach external translators to edit xliff files? Of course your should not force XML on non-developers. Taking the experiences learned from JMSTranslationBundle, Happyr’s translation bundles and the PHP-Translation organization; I will give you example of a few very concrete processes working with translations in a Symfony environment.

2

This talk will go through the process of migrating your existing Symfony application to Symfony 4 using the new directory structure. I will go through the recommended process, explain some of the problems you will encounter and talk about when it might not make sense to do it.

-

The annual (un)official meeting of the PHP-FIG at PHPDay 2018!

Symfony4 has brought some significant changes in the way you work with the framework. From easier service configuration to the way you compose leaner applications, there is a lot to discover. This talk explains the advantages of Autowiring, configuration through env vars, Bundle-less application structure, and of course Symfony Flex in depth for users who have some basic Symfony background, and want to get started quickly using the new features.

3

Timezones, DST, human readable diffs, standardised formats, intervals, getting the last Tuesday of next month… Dealing with timestamps seems easy, but there’s a lot to it. It’s very easy to do it wrong. Learn how to do this properly and you’ll never be tracing weird time related bugs anymore!

The world of technology evolves constantly. Every day we as developers do not learn something new, we fall behind. We should never stop learning. There are so many reasons for learning and ways of learning, Let's find out which.