PHPBenelux Conference 2018
26 - 27 Jan 2018 at Ter Elst

Building PHP applications using Domain-driven design techniques results in code that is easier to modify, maintain, and test, and a better user experience. Once you try DDD, you will never design software in the same way again. In this tutorial, we will start by learning how to build a strong ubiquitous language with stakeholders. Then, we will learn the benefits of encapsulating business logic in value objects using test-driven development. Next, we will move on to using bounded contexts, entities, and aggregate roots to manage state and protect invariants. We will also cover more advanced topics in the DDD world, such as event sourcing and command query responsibility segregation. No prior knowledge of domain-driven design required.

Modeling complex problems is hard and often leads to very complicated code. Controllers, repositories, services, conditions, forms – client’s business requirements sometimes infiltrate all these layers, everything is mixed together, making code really difficult to read, understand and develop. When you want extend business logic, but you need to dig in tens (or even hundreds) lines of controller action, trying to understand what are all these objects for and what other places should be changed too, it’s time to try different approach… “Thinking in events” means that you can be fully focused on problem domain, implementing testable business logic and associated rules, not on database, web framework or other implementation details. During this workshop you will learn how to use event/command buses in your app, apply Event Sourcing to store all history or split reads from writes with CQRS to increase performance, scalability and security. Being concentrated on client real problem the same time, without any distractions from code.

nternet of Things, City of Things, Smart Cities,… they’re all vague descriptions for the same thing : a collection of networked devices providing or consuming information. But how do these devices work and how can a web developer not only use their data, but actually work with the devices directly ? We’ll have a look at some very cool yet useful and easy-to-build implementations that will work in any web language. Get ready for a whole new world of possibilities through the world of IoT. IoT is hot topic and not something you see a lot at development conferences (except for IoT conferences). This talk will show several use cases for a number of devices that are inexpensive and widely available (Raspberry PI, Arduino and ESP8266), demonstrating how they work, how easy it is to get started with them, as well as how to interface them with REST APIs. I will also focus on the very important aspect of security. I wll bring a bunch of devices for everyone to play with, allowing you to figure out how things work. Over the 3h tutorial, we’ll build an application that reads sensors, controls lights, (un)locks doors, etc.

7

Sooner or later, an application will have errors. Some of them will be your fault, or that of a teammate. Others stem from third party libraries you are using. We want to be able to locate the cause of the error as quickly as possible. In this workshop, we will do exercises that will help you debug your applications more efficiently as well as writing them in a way that they get easier to debug. We will look at the following topics: - reading stack traces - how to search through the code base - writing good exception messages - development time versus run time exceptions (validate options, e.g. OptionsResolver) - use logging (monolog channels) - step by step debugger - using phpunit to debug - git bisect

6

You’ve probably been to a couple talks, about how to do “asynchronous things” with PHP. What the experts don’t tell you is that the hard part starts when you need to build an application. Sure, there are tools for starting an HTTP server or connecting to a web socket. But what about when you need to write to a database or send an email. You go searching for good tutorials, and all you get is API documentation; about how to use each component in isolation. Say goodbye to that frustration. In this workshop, I’m going to show you how to build an entirely asynchronous, high-concurrency PHP application. We’ll bring those isolated components together, to build a real application. Some topics we’ll cover: HTTP servers and routing Watching for file changes, and restarting the server daemon Understanding generators and promises Adding new and useful syntax (to the PHP language) for async applications Testing asynchronous code Working with databases Validating request parameters and formatting responses Making requests to the server (including CORS) Connecting through web sockets Forking and multithreading Reading and writing files Deploying and hosting, with TLS WHAT YOU’LL NEED TO BRING FOR THE TUTORIAL Participants will need to have a working version of PHP 7.1+ and MySQL installed on their computer. Without it, they will not be able to code along. Virtualisation and/or setup time is NOT included in the workshop schedule, but I am happy to meet with individuals before/after the workshop to help them get things set up.

In this 3 hour tutorial session, you’ll learn how to quickly get started with Symfony 4 and build you very first small application. To get the most of it, we’ll try to cover as many topics as possible in 3 hours : Installing Symfony and third party free plugins with Symfony Flex, Configuring the application with environment variables, Registering services in the dependency injection container, Querying a database through Doctrine ORM mapped entities and repositories, Debugging problems with the Web Profiler and verbose stack traces, Performing tasks through the console tool, And much more!It’s the chance to get started the right way with Symfony 4 and a SensioLabs expert!

2

In this workshop we’ll dive into the topic of Autonomous Service development, with a sandbox project containing several interdependent services. These projects send messages to each other, and they call each other to retrieve data. In other words, they’re not autonomous at all. We’ll figure out some ways in which we can invert dependencies and leverage a messaging solution to achieve autonomy after all. In a relatively short period you’ll get acquainted with the basics of asynchronous integration, CQRS, event sourcing and integrating bounded contexts.

1

Abstraction, Encapsulation, Polymorphism, and Interfaces: whether you’ve been programming in PHP for years or are just starting your journey, these terms can be overwhelming. Not only that, people that already understand it act like it’s so easy and they talk right over the simple questions and never explain the basic concepts in a way that actually makes sense. Real life examples of Object-Oriented terminology in a way that makes sense and allows you to utilizing OOP immediately.

For our tutorial visitors we'll have the lunch served to get you ready for the conference

A warm welcome and general announcements for our visitors

26

What is your greatest tool in your toolbox? Your brain! Sure, you could sharpen this tool and promote your project the normal way, with hard work and years of slow, incremental progress. Or you could use some of the brain’s built-in cheat codes and just hack your way to success. Along with learning, our brains are plagued by a raft of bugs and unwanted features that we have been unable to remove. Use these features to your advantage to teach, learn, and persuade. Join us in a tour of some of the most amusing bugs and exploits that allow you to play with the interface between our brains and the world.

This session will cover the developments of the JavaScript / ECMAScript language in recent years, to give you a quick update on how JavaScript can be written in 2018. The pace of the JS community has remained very high for several years now, and it is often easy to be overwhelmed by the amount of options and new developments. I will present a limited set of features and tools to let you join us in the future without decision paralysis.

4

In this session let me introduce you to Disco, a PSR-11 compatible, annotation-based Dependency Injection container. Disco does not use an external configuration file but uses a standard PHP class with some meta data attached to configure your services. I will guide you through the journey of setting up Disco for a new project as well as highlighting its main features. Join me for a fun little ride to “DI done right” land!

26

We all make mistakes, as much as we try to write flawless code, every now and then an error slips through. In order to reduce this number we do code reviews to ensure the code meets certain standards and to see if the feature was properly implemented. But how do you do a good code review? How do you handle technical discussions? How do you keep your reviews focused and your discussions relevant? In this talk I would like to show you how you can do proper code reviews, what to look out for when doing them, how to give feedback to the developer and a bunch of other tips to improve this process.

4

Most of us are probably aware of code smells, code that doesn't apply SOLID principles, code that should be refactored to make the system easier to maintain. But there are other coding horrors that should trigger alarm bells whenever we see them. Like a good horror movie, coding horrors should scare us when we find them, because they're often symptomatic of deeper problems. So let's take a short tour of some of the greatest horror movies ever made; and some of the most worrying code horrors that I've seen."

Time to relax for a bit

The much hyped “Microservice Architecture” tells us to design our services to be autonomous. Let’s find out what this means and how we can achieve it. In this talk I will guide you through the fascinating world of asynchronous communication, event-driven systems and distributed data.

Different jobs require different tools. There are times where PHP isn’t the right tool for the job. When those times arise, Go can be a great alternative tool to use. Go is a compiled programming language created by Google and used in emerging tools like Docker, and Kubernetes. This session will take you through the basics of Go, compare and contrast it with PHP, and give you some pointers as to what problem areas can you best use Go to compliment your PHP applications.

10

Congratulations! Your team has chosen a coding standard to use and you’re well on your way to a consistent code style for all your projects. But… there are some extra things you’d like to check for, some rules you really can’t be bothered with and some which sort of fit your needs, but not completely. Now what ? Come and learn how to make the PHP Codesniffer work for you and how to streamline the PHPCS related work-flow along the way.

1

tbd.

tbd.

I’m the maintainer of a very popular open-source PHP package – PHPMailer. In December 2016, two critical vulnerabilities were found in PHPMailer, affecting potentially millions of sites. I’d been involved in reporting minor security issues in the past, but nothing of this magnitude, and never at the receiving end. I found myself at the start of a steep learning curve and an emotional roller-coaster; a story of open source, CVEs, and people.

13

What would the perfect test suite look like? Well it would definitely fully test every bit of functionality. It would run lightning fast. And the test suite would be quick to write. That sounds great right? Unfortunately these 3 goals work against each other. Increasing test coverage will increase the time spent writing and executing tests. Reducing test execution time will result in lower coverage. This talk look at the properties of unit, integration and system tests in terms of what they test, how fast they run and how quick they are to write. Will look at how to get the most out of testing at each of these levels, how best to architect code for testing and where best to make comprises. Although by the end of the talk we won’t have quite achieved the Test Suite Holy Trinity, we’ll be a step closer.

Most of us use Design Patterns on a daily basis without noticing. Design patterns are commonly defined as solutions to recurring design problems. Frameworks like Laravel use Design Patterns throughout the codebase to keep structure and maintainability. In this talk we will explore 3 to 4 Design Patterns used in Laravel. Once we have a basis of the design patterns we go into some practical examples.

tbd.

6

Largely ignored under PHP5, the SPL (Standard PHP Library) offered a powerful toolbox for developers, ranging from it’s horrendously named collection of Iterators, and a series of Interfaces allowing us to build our own, to DataStructures, and Object Oriented file handling classes. Fast and powerful, the SPL provided a stable and well-tested library of classes and functions. But with all the performance and memory improvements of PHP7, SPL has remained unchanged, and feels like it has been left behind. Now, Generators provide a simpler replacement for writing our own Iterators without all the boilerplate code that SPL’s core Iterators require, especially with the introduction of “yield from” in PHP7 for recursive Iterators. And PHP7’s performance improvements allow us to write our own Datastructures (based around standard PHP arrays, or custom objects) that are as efficient as SPL’s basic Datastructures. So does SPL still have any purpose or value in this new world of PHP7? Let’s find out!

14

From chatbots to your home thermostat, it seems like machine learning algorithms are everywhere nowadays. How about understanding how this works now? In this talk, you will learn about the basics of machine learning through various basic examples, without the need for a PhD or deep knowledge of assembly. At the end of this talk, you will know what the Naive Bayes classifiers, sentiment analysis and basic genetic algorithms are and how they work. You will also see how to create your own implementations in Javascript.

10

How do we get started with docker swarm and how do we get to the point we can properly deploy and update our php applications. Can we just add and remove nodes, what about our data?

tbd.

tbd.

Friday evening social event

11

You might have heard of Domain Driven Design. You may have heard DDD is a tool to write readable and change-ready code. You may have even heard DDD comes with a lot of talking, and modelling, and customers… Starting with DDD sounds big, and scary, doesn’t it? But getting started is not scary! Come find out what DDD can do for your code, tomorrow. We’ll use value objects, entities and services to bring order to our mind and code. We’ll see how naming things can guide us, but also trick us. We’ll rework a piece of code together and improve what it means. And tomorrow you can tell your peers that, technically, you’re doing DDD.

4

In recent years we’ve seen a growing awareness of privacy issues, particularly in the wake of Edward Snowden’s revelations. The 2015 collapse of the safe harbour agreement (making it illegal to store data on EU citizens in the US) was patched up with Privacy Shield in 2016, but that’s on shaky ground too. The new EU General Data Protection Regulations (GDPR) come into force in May 2018, raising privacy & data protection standards, and massively increasing exposure for companies both inside and outside the EU. All too often legal departments have no contact with developers, and the only time the right conversations happen is when something has gone horribly wrong and it’s too late. We need to fix this – developers need to be aware of legal responsibilities because it’s implementation details that matter, and that’s what this talk is all about. We will cover what makes the GDPR different, how it changes what happens at the developer and sysadmin level, and what steps you will need to take to conform to the standards.

10

For the last few years, PHP community has been buzzing about ES/CQRS, pretty much there was a talk on every conference. Now it’s time to see how it worked out for me in practice. ES/CQRS is a different approach to building applications from what we all have been thought to do for years. I’m not going to introduce Event Sourcing and Command Query Responsibility Segregation (ES & CQRS) but speak about my experiences in developing & running it on production. I have implemented it on few projects: in some I run it as a part of bigger application, while in some it’s just the core and one where everything is event driven. The shift in architecture and mindset is pretty big: while code structures and logic became simple, amount of code and workflows get complicated to the point of ‘where did I loose this input?’. Not to go into too many details, I’ve had to learn lot of DDD practices that I feel have made me a better developer and use some of the knowledge gathered in this projects into ‘everyday’ code of projects that I work on.

9

If it works doesn’t imply it’s good. Improving the internal structure of a project is important for many reasons. Refactor also means simplify the debug processes, tuning up performances and make the code readable to avoid a gradual spaghetti project failure. This talk shows some important bad code smells, how to assign priorities, tools useful in refactoring and code quality.

10

It’s about building a development team that can rely on each other. Which phases does a team go through when it’s growing? How do you work with each other, what are the unwritten rules. How can you build routines, get better at estimating. Why is the principal developer as important as the newly joined junior developer? How do you work with a mixed team of frontenders and backenders. All these topics are compared to how professional sport teams work.

9

Step-by-step debugging with Xdebug is no secret for you? Perfect then, because we won’t talk about it. We will rather see tools that let you know what’s really happening in your PHP code, like the phpdbg debugger, phptrace, process tracing tools like: strace, ltrace, the Linux inotify mechanism, tcpdump/wireshark for network analysis or MySQL Proxy for real time SQL debugging and monitoring!

tbd.

tbd.

Saturday morning break

12

Want to build software that is more testable, easier to modify, and has fewer lines of code? Architecting with more immutable objects that are always in a valid state is the most important lesson I have learned in building better software applications. Using immutable value objects will lead to less checking, fewer bugs, more DRY code, and help avoid the “spooky action at a distance” problem in PHP. We will also learn how to use immutable objects and immutable collections to improve design of our mutable entities. Lastly, we’ll see how immutable objects and functional programming can reduce complexity.

9

Symfony has a wide userbase today. Most who work with Symfony on a daily basis have configured their own services, are fluent in configuring routing and validators. But what is actually going on under the hood? What happens when the configuration is parsed? What is a cache warmup? What happens to a request before hitting your controller? How does the HttpKernel work? This talk helps you gain insight into the inner workings of the framework. If you have used Symfony, but have never build a compiler pass, a cache warmer, or are wondering how exactly the container is built, this talk is for you.

2

Many developers get lost in the hype of object oriented design. They miss out on how expressive and succinct their code could be if they tried functional programming. Take Monads, for instance. Many developers haven’t even heard the name, much less are able to describe what Monads are and how they can be useful in every-day code. In this talk, we’ll gain a clear and simple understanding of what Monads are, and how they can help us to refactor our code to be clear and concise.

3

Jenkins is a great CI tool. Especially if you need a high degree of customization and if other cloud players are simply not a fit for your needs. However when you need to manage a lot of jobs, this can quickly become a pain in the neck. What if you could automate all this? This talk will show you how to do this through different easy approaches and examples. Oh, and Jenkins is not only for java projects ;)

1

tbd.

Lunch is being served in the sponsor area

10

Content Security Policies are another tool we should have in our security toolbelt to help protect users of our sites. In this session you’ll learn what they are, why they’re needed, how they work and the limitations on what they can & cannot do to protect users. You’ll see a demo of attacks a CSP will block, you’ll see a site broken by a CSP, show what the different CSP directives & options will do and be introduced to some of the tools available to help with implementing a CSP on your sites!

7

One of the most recent new features of PHP is Anonymous Classes, introduced with PHP version 7. But what are Anonymous Classes? How do you use them? And what would you use them for? Let’s take a look behind the mask, and find out. Anonymous Classes were introduced to PHP7 with very little fanfare, and without much explanation of the use cases where they might have value. Yet they have the potential to be extremely useful in a whole range of situations from internal classes within libraries, to creating mocks for unit testing; but only if developers are aware of them, and understand how to use them, and what limitations there are to using them. A central part of this talk will look at how Anonymous Classes can be used as an alternative to stubs and mocks in unit testing, and how assertions like $myMock->expects($this->once())->method('blah')->with($param2, $param2) can be simulated; and how to use Anonymous classes to unit test abstract classes and traits. Another part will include my investigations into an Anonymous Class Factory with additional information about creating Inner/Nested Anonymous classes.

8

Everybody is using Docker. Pull an image in minutes and start multiple containers in seconds. Great! Unfortunately the public containers are normally not ready for an immediate use as a custom development system: Maybe the debugger is missing, the vhost is not configured correctly, or something app-specific has to be installed first. In this session, I will show how to build your own custom system based on a Docker-compose template. This includes also the automatic setup of connections to other systems like DB servers or a load balancer to start a scalable cluster. And the best: The whole system configuration can be simply stored in a version control system, so that the Docker development template is available for all developers on the team.

2

tbd

Implementing a REST API is not only about designing correct resource URLs. I will talk about the software and system engineering part it takes to build a data API. I will show concrete examples from a project where we gather data from dozens of different services and systems and build a real-time capable data store. The main technology stack is Symfony, Elasticsearch and Varnish.

5

Have you heard about the two hardest things in computer science? It’s cache invalidation and naming things. I want to focus on the second one. Let’s see common examples of both good and bad naming. What’s the common part of each of them? What’s makes names good? Can we settle on good enough or should we aim for perfect names? I’ll show some of best and bad practices so you’ll be able to recognize both of them when you make code review for your peers. Naming is one of two hardest things in CS, so I don’t claim to be right about everything but I’m open to discussion and happy to learn from you as well.

We have all seen some pretty interesting things happen when using floats. You might even know how to get around most of these problems. But why do these problems occur? Why do floats become so inaccurate when working with really small, or really large numbers? In this talk, we will take a look at decimal values through the eyes of a computer to get a better understanding of whats going on behind the scenes.

tbd.

ibd.

Time to clear your mind for the final talks and closing

A look into the internals of PHP; How it came to be, how it works, and how PHP 7 leapt far out in front of its predecessor on performance and memory consumption with some thoughts on what’s next for PHP 8.

7

Keeping your web application secure and free from vulnerabilities is hard work, even if you know the OWASP Top 10. In this talk I will show tools, best practices and patterns to help you with this, so that you can find security issues before an attacker does and even prevent them in the first place.

9

This prototype works, but it’s not pretty, and now it’s in production. That legacy application really needs some TLC. Where do we start? When creating long lived applications, it’s imperative to focus on good practices. The solution is to improve the whole development life cycle; from planning, better coding and testing, to automation, peer review and more. In this talk, we’ll take a quick look into each of these areas, looking at how we can make positive, actionable change in our workflow.

0

tbd.

Closing of the conference and raffling some awesome prizes

Social event in the sponsor area