php[tek] 2024, where we combine leadership, expertise, and networking in one event. A relaxing atmosphere for tech leaders and developers to share, learn, and grow professionally while also providing you with the knowledge to solve your everyday problems. Join us on the journey to be excited about work again!

Tuesday 23rd April 2024

09:00
16
How to Embrace Change with Curiosity, Creativity, and Compassion
Keynote by April Wensel (1 hour)

The tech industry has undergone significant changes in recent years, including an increase in remote collaboration, the emergence of new AI tools, and waves of economic uncertainty. While it’s an exciting time, these disruptions have also led to feelings of fear, isolation, overwhelm, and burnout in developer communities. How are we supposed to keep up? How do we embrace change while preserving what truly matters? Code doesn’t care how much we change it, but humans can struggle with perpetual change. Thankfully, we can harness our human skills of curiosity, creativity, and compassion to navigate change effectively. We can use these skills to bolster our resilience, connect with supportive communities, and help ensure that we’re not just responding to change but also contributing to positive change in our industry and world.

10:00 Lift & Shift, Cut Overs, and other Bad Habits
Talk by Keith Casey (1 hour)

The last time you moved, you had that box. You haven’t opened it in years. You still haven’t opened it but you carry it around with you like a treasured keepsake. Unfortunately, we moved to the cloud the same way. We brought all of our habits, practices, and patterns without considering which may be strengths or weaknesses. In this session, we’ll skip the tools and take a look at our new constraints and capabilities the cloud gives us. Through this, we’ll explore three architectural Cloud Design Patterns - Circuit Breaking, the Strangler, and Pub/Sub - to make our systems more reliable, more maintainable, and probably cheaper to run.

Zombie Hunt: Find and Safely Remove Undead Code
Talk by Andy Snell (1 hour)

Dead and outdated code is a stumbling block to upgrading, refactoring, and maintaining any software project, and at worse could become a security vulnerability. As a rule, we want to remove code and dependencies that just don’t belong in the code base anymore; however, it’s not always clear if and when dead code is really dead. Removing “zombie” code can be disastrous if it is still being used in production. We’ll cover common ways to statically identify dead code, and the accompanying pitfalls. We’ll then cover creating and using code tombstones in our project to definitively identify the living dead. Finally, we’ll discuss some best practices to avoid having zombies in your code in the first place!

5
APIs: A History Lesson in Industry Mistakes and Mishaps
Talk by Jim Seconde in PHP Architect Ballroom (1 hour)

In 1905, the Spanish philosopher George Santayana famously wrote the line "Those who cannot remember the past are condemned to repeat it." Nothing can escape this inevitability: like death and taxes, we have all looked at our screens in bewilderment at an HTTP 200 OK response that contains text in the body reading "er, actually this is an error", or marvelled at pagination design that creates an infinite loop for you to consume. How did we get here? In this session I will be meandering through history, real examples and anecdotes. The internet is littered with a graveyard of poorly designed APIs. Instead of launching yourself head-first into this murky world of quirks, maybe take a moment to learn the history of APIs and their mistakes so you don't repeat them.

Packaging the Monolith
Talk by Dana Luther in PHPUgly Hall (1 hour)

We don't always get to start with a clean slate, but inheriting a monolithic application doesn't mean you're stuck in that space. Using composer packages, we can break down a monolithic application piece by piece, and using private package repositories keeps the project IP confidential. In this talk, we'll go over how to evaluate a project for packaging, how to set up private package repositories, and how to move forward in a way that won't stop your feature development while you're making these changes. We will touch on the importance of SemVer and how to make sure the packages account for PHP's handling of version numbers.

11:00
5
EXPLAIN - The Best And Worst Tool For Speeding Up SQL Queries
Talk by Dave Stokes (1 hour)

Structured Query Language can be tricky. The main tool that is used to check query performance is EXPLAIN. EXPLAIN is beyond tricky, having its own little quirks and foibles. This is an introductory session into its use with MySQL and PostgreSQL where you will learn to decipher what EXPLAIN is trying to tell you. EXPLAIN is a handy tool once you learn how to read the entrails.

The Dark Corners of the SPL
Talk by Omni Adams in PHPUgly Hall (50 minutes)

PHP is a huge language, with lots of "kitchen sink" functionality for you to build data structures with. But did you know PHP includes a standard library that has built-in structures like linked lists, queues, stacks, and higher-performance arrays? This talk will cover a few of the more interesting ones in depth, including how to use them and most importantly why you'd use them over other solutions.

6
Shell Scripting for PHP Developers
Talk by Andrew Woods (1 hour)

Shell scripting is how you supercharge your terminal. This talk will take your command line skills to the next level. You'll learn shell scripting from a PHP develper perspective. What is POSIX, and do you need to worry about it? Join us as we explore proven techniques and powerful tools to help you become a master shell scripter. We'll review some real world code examples, so you can from them, and help you implement craft shell scripts in your own projects. Key Takeaways * Strategies for creating custom shell functions * Use Logging and STDERR effectively * Improve your dotfiles strucuture * Practical tips and best practices for troubleshooting shell scripts

Advanced Test Driven-Development
Talk by Scott Keck-Warren in PHP Foundation Studio (1 hour)

Test Driven Development (TDD) is the process of using very short development cycles to test and then implement your code. In this session, we'll quickly explain the process of TDD and then work through several examples of how to implement TDD in a complex web application that pulls data from an external source, relies on database access, and handles events.

12:00
6
The Simplified Sorcery of State Machines
Talk by Jake Bennett (1 hour)

Determining the current state of an entity can be difficult. For many, determining state is always implicit — typically taking the form of booleans and timestamps littered throughout database columns and the codebase. The ever growing list of rules used to determine state are rarely documented and even less often tested. What can we do? Simple state machines, allow us to make our state explicit and provide clear instructions on when and how that state should change, as well as what side effects should occur. By making our state explicit, we can eliminate edge cases, write less code, and confidently test our implementations. The great news is that you don’t need to make large changes to benefit from this simple pattern! During this talk, participants will learn: - The event-state-action paradigm - How to create a state chart / diagram - How to implement a simple state machine - How to refactor to, and test, a simple state machine from existing code

Your backend is not your frontend: Using Data Transfer Objects to save time and hurt feelings
Talk by Kaitlyn Concilio (1 hour)

We backend developers only want to name our variables_like_this, while frontenders are all about that camelCaseLife. But you’re not doomed as aCapulet to war with them forever, so don’t reach for that poison just yet. Data Transfer Objects are here to save the day. Whether you’re looking to maintain naming convention consistency or convert between similar data types that don’t quite match up (without either sacrificing type safety or bloating the scope of your component), DTO is the way to go. We’ll talk about the conceptual underpinnings and share examples of when they can be best put to use. Though we'll be using PHP and Typescript, these concepts are applicable to any typed language.

8
Yak Free Docker: Everyday Uses That Aren't Deployment
Talk by Tim Lytle (1 hour)

Though it's the common use case, deploying your application using docker - or even just using docker to power your local development stack - may seem a bit daunting at first. And it may require some changes you're not yet ready, or able, to make. But if you want to get started with docker, there are plenty of uses that aren't deployment. In this 99% Yak-Shaving™ Free session, we'll focus on the ones that require little (or no) setup, and build a solid understanding of docker itself. These day-to-day use cases will make you docker confident, and ready to tackle things like deployment with docker in the future. Bring your laptop, and you'll be using some of them before I stop talking. And if you find the docker vrs virtual machine distinction a little fuzzy, don't worry - this talk will start by clearing that right up, and do it with sock puppets.

4
Composer Guide to Supply Chain Security
Talk by Nils Adermann (1 hour)

Everyone has heard of supply chains at this point, but what exactly does that mean for a PHP project? Learn more about software supply chains, how Composer, packagist.org and Private Packagist come into it and which role PHP dependencies play. This talk will present concrete steps you can take to identify your dependencies and give advice on measures you can put in place to better manage and protect how your application is assembled.

14:00
2
PHP Coding Competition
Workshop by Mark Niebergall (3 hour)

Think you have some mad PHP skills? This will be a PHP code competition, battling developers against each other to solve specific problems. Challenges will generally be relatively "easy" problems needing just a few lines of code or that can be completed in short time frame. Bring a laptop, your favorite IDE, and your Github account to make PRs to complete the challenges. Small nerd prizes, plus bragging rights, for each challenge champion!

Let's Build a Composer Package
Workshop by Ben Ramsey in PHPUgly Hall (3 hour)

You've downloaded and installed open source libraries, required them as Composer dependencies, and perused the source code of countless GitHub repositories. Now, you're ready to help others by creating your own Composer package. So, what does it take to build and publish an open source library? In this session, we'll take a look at some of the common patterns open source PHP libraries follow. Along the way, we'll cover: evaluating libraries for quality, common directory structures, the importance of tests and how to run them on GitHub Actions, publishing to Packagist, choosing a license, interacting with a community, and more. By the end of this workshop, you will have all the tools you need to publish and distribute your own Composer package.

5
Writing PHP Extensions
Workshop by Derick Rethans (3 hour)

In this workshop, you will learn how to write a PHP extension. We will start by converting a function that we already have in PHP code into C, which we will then wrap in a PHP extension. This will show what performance benefits you can expect by converting an algorithm. Secondly, we will then look at wrapping the data structure that the function operates on into a class, with the initial function converted to a method. And then lastly we will add multiple methods to finish up. What You Will Learn - How PHP's build system works. - How PHP handlers memory management and types. - How to write a basic extension with procedural functions and OO. - Where extensions would not be useful. Required For understanding the tutorial: - Some knowledge of C For taking part in the exercises: - A Linux machine or Linux VM - Compilers installed (apt-get install php-dev, or similar) - GIT, valgrind, and gdb installed (all through apt, or similar)

6
Domain-driven Design in PHP
Workshop by Andrew Cassell (3 hour)

Building PHP applications using Domain-driven design techniques results in code that is easier to modify, maintain, test, and makes for a better user experience. In this hands-on tutorial you will become versed in the best practices for solving problems in PHP from start to finish. YOU WILL LEARN TO: - Discover a ubiquitous language and identify changes in the design of PHP classes, methods, and problem solving - Assemble an incorruptible domain model in PHP by encapsulating business logic in immutable value objects, specifications, and entities - Employ best practices for persisting and accessing entities and aggregate roots - Use advanced PHP object-oriented techniques to simplify code and reduce state complexity - Plan for change by using the Hexagonal Architecture Pattern - Introduce DDD to a “legacy” codebase - Discover recommended resources for learning more about applying DDD in PHP

Wednesday 24th April 2024

09:00
10
Finding Your Perfect Place in Tech
Keynote by Ume Habiba (1 hour)

The tech industry is massive. You've probably heard "you can definitely find a role that matches your interest in tech", but what does that really mean? How do you know what YOUR perfect role is? There are researchers, developers, educators, founders, I could go on and on. How do you figure out which role best fits your interests and skills and how do you go about finding an opportunity that matches it? Come find out with me, Ume, a full stack engineer who has done tech research, worked in the gaming industry, worked as a tech educator, pretty much everything you can think of I've tried. After so much trial and error, I can finally provide some insights as to how you can leverage any opportunity to guide you to your dream position.

10:00
4
Break loose from CRUD - use CQRS
Talk by Chris Hartjes (1 hour)

As our applications grow in size and functionality, it can become harder and harder to figure out what functionality belongs in what location. Most web applications use the CRUD (Create Read Update Delete) pattern in how it organizes accessing the application's data. In many cases, this encourages our controller objects to get larger and larger, making maintenance and testing more difficult. The required dependencies increase in size, and the scope and it get harder to debug when things go wrong. The Command Query Responsibility Segregation (CQRS) pattern is a different way of organizing how your application interacts with it's data and helps you keep your reads away from your writes. In this talk Chris shows how he took a tangled mess of a PHP application that has been in use for more than a decade and used CQRS to make sense of it all.

Data regulations for software developers
Talk by Kaitlyn Concilio (1 hour)

GDPR, HIPAA, CCPA, COPPA … nowadays there are (almost) as many regulatory acronyms as there are Javascript frameworks and libraries. But while we have entire conferences and books devoted to React and Angular, regulatory obligations are often left up to lawyers or those developers with deep domain knowledge to sort out. Well, no more! We’ll cover some of the most important regulations, with a broad overview of what they require and (more importantly) when you need to worry about them. And this knowledge will continue to be useful, both as you write code and look to advance in your career.

7
Better Debugging With Xdebug
Talk by Derick Rethans (1 hour)

In this talk I explain how to use Xdebug to get more productive writing PHP code, focussing on the improvements in Xdebug 3.2 and 3.3, to make the debugging experience better and easier to set up. Beyond that, this session also goes through a few complicated scenarios that are harder to debug, and shows solutions to these conundrums.

11:00
5
Advanced Git Magic
Talk by Pauline Vos (1 hour)

You know your local from your origin, your push from your pull, your merge from your rebase. But Git is still a mystery sometimes. Making mistakes is scary. What the $^@#! is a detached HEAD state? How do you get out of it? This and more mythical Git beasts will be discovered and tamed in this tutorial. Even advanced Git users will leave this talk with new skills. You’ll be force pushing, hard resetting, and auto-bisecting like nobody’s business. What’s more: you’ll be confident, comfortable, and love doing it!

1
Do you know where your secrets are? Exploring the problem of secret sprawl and secret management
Talk by Dwayne McDaniel (1 hour)

Do you know what Uber, CircleCI, and Toyota all have in common? They had hardcoded credentials in plaintext somewhere in their environments, which led to either a public leak or enabled an attacker to expand their footprint during a breach. It is easy to understand why hardcoding secrets is a problem, but do you know how widespread this problem is or how fast it is escalating? Do you know how it keeps happening? Do you know what you can do about it? This session will deep dive into the research around secrets sprawl and compare it with historical data to show how much worse the situation is becoming, as well as what type of secrets are most commonly involved. We will also explore how to evaluate the maturity of your secrets management strategies and what steps you might consider next on your security journey. In this session, you will: Hear about the state of secrets sprawl Discover the most commonly leaked credentials See how you can stop secrets sprawl in your organization by shifting left Learn to measure your secrets management maturity.

PHP Applications at Scale
Talk by Mark Niebergall (1 hour)

Making PHP applications fast at scale is hard! As the saying goes, "Make it work, make it right, make it fast". Having worked with PHP and SQL at scale in the range of billions of data sets, I'll share some tips and tricks that I have learned that you can take and try out to tackle making an application scale to size. Learn about various strategies and patterns that may or may not be intuitive, including database denormalization, chunking, caching, workers, optimizing SQL statements, and indexes. Jump into some statistics of PHP function benchmarking to see what scales and what does not for a little trivia game of "Will It Scale?".

Embracing Enums
Talk by Andy Snell (1 hour)

In January 2020, I delivered a conference talk titled "Enums: The Missing Data Type", which ended on a sour note: PHP probably would not have a native type for handling enumerations any time soon. To my surprise and delight, PHP 8.1 would release with a new "Enum" type less than two years later. Now we can really explore enumerations: both the theory behind them and the current PHP implementation. We’ll cover how representing things like statuses with enums improves immutability, readability, and type safety; the different types of enums available to us; and address the most common questions: - Why can't PHP enums be extended like other classes? - Why can't backed PHP enums be cast to a string or int? - Why can't backed PHP enums be used as an array key?

12:00
2
Digital Whiteboarding for Developers
Talk by Susan Fung (1 hour)

Before the pandemic, whiteboards were everywhere. Now that we are remote, where did they go? Let's talk about how they help us sync and why we still need them. Learn tips and tricks on how to use virtual whiteboards in virtual offices. In this talk, we will show techniques to quickly sketch out visualizations of coding problems and complex system architectures using online platforms such as Miro, Mural, and more. These tools aid in understanding problems, solving problems, and most importantly, explaining problems to the rest of your company. Discover the extraordinary power of visualizing your code, a transformative element in tech discussions, presentations, and beyond.

3
Consulting: Coding Is Only Half the Work
Talk by Beth Tucker Long (1 hour)

Being a consultant sounds amazing - set your own hours, choose your own projects, work where ever you want! Is this fairy tale dream true? Well, sort of. While consulting does have its perks, there is a lot of work that goes on behind the scenes to make it a success. Learn what goes in to running a successful consulting business and how to decide what to charge.

8
The 2024 State of PHP
Talk by Matthew Weier O'Phinney (1 hour)

2023 marked a year of transition for the PHP ecosystem, with upward of 72% of companies performing at least one PHP migration within the last year — and many of those moving off PHP 7.4 and on to PHP 8.x versions. Despite emerging challenges and competing priorities, companies are clearly prioritizing the security of their applications. However, the state of PHP in 2024 isn’t so straightforward. Nearly 55% of teams are still running end-of-life (and consequently, unsupported) PHP versions in their production applications, with smaller companies struggling to keep pace with the rapid pace of PHP release and support lifecycles. Our survey also noted a significant disconnect – teams deploying end of life PHP still felt confident in the security of their PHP applications, with C-Suite respondents even more confident than their development teams. That dissonance aside, our survey data is clear: the future for PHP is bright. PHP remains a much-loved language for developing innovative and highly-scalable web-facing applications and APIs. In this live presentation, we will discuss key findings from the Zend 2024 PHP Landscape Report, including: - PHP version adoption trends and how adoption varies by firmographic profile - PHP migration trends, including top pain points by migration path - The perceived (and actual) state of security and compliance within PHP applications - Key shifts in PHP application deployment strategies and why it matters - The top technologies used in developing and deploying PHP applications today - Emerging trends teams need to account for in 2024 - And more!

2
A Sparkle of AI
Talk by TJ Miller (1 hour)

My goal is to lower the barrier to entry and jumpstart your journey into AI and LLMs. We'll cover LLM 101, deep dive a LLM workflow, and show you how I'm solving those problems with Sparkle.

14:00
0
How about HTML? Headless frontends for PHP explained!
Talk by Anton Komarow (1 hour)

I want to bring to attention a way how PHP powered large scale platforms can benefit from static site generated headless front-ends. Hugo server-side generated static HTML can bring robust and fast loading experience for sites using Drupal, WordPress, or Sylius, without giving up on interactivity.

5
Writing sustainable code in PHP
Talk by Michelle Sanver (1 hour)

As software engineers it is sometimes too easy to forget the impact that our code has on the environment. We build for changeability, speed and hopefully quality, but we forget about sustainability. The time to act is now. It is time for us to take responsibility and to write more sustainable tech. In this talk I will talk about things we can do to write more energy efficient code. I will also talk about hosting your code more sustainably. And last but not least… I will share the software architecture needed to build greener applications using message queues in PHP.

Never* use arrays
Talk by Larry Garfield (1 hour)

PHP loves its arrays. Arrays are the uber-data structure. They're a list, a map, a stack, a queue, everything in one! Which is the problem. Modern PHP grossly over-uses arrays. In most cases there are better options today, and when you find yourself reaching for "oh I'll just make this an associative array", stop. An extra 60 seconds of thought and code will often give you a more readable, faster, more memory-efficient, more flexible alternative. Classes, iterables, and collections can and should replace arrays in most of your day to day coding. This talk will go through what PHP arrays actually are (hint: they are not, in fact, arrays at all), why they're so problematic, and what to do instead. By the end, you should find yourself (almost) never reaching for arrays to solve a problem.

0
Web Components are the Future
Talk by Chris Tankersley (1 hour)

In the JavaScript world, there are plenty of ways of accomplishing the same task. Recent frameworks have popularized the idea of "components" which encapsulate the logic and visual aspects of a UI element. Web Components are poised to revolutionize the way we build web applications, offering a standardized approach to creating reusable UI elements. Why lock yourself into one framework when you can build front-end components that work everywhere. In this talk, we will explore the fundamentals of Web Components and how they can enhance your PHP projects. We'll cover custom elements, shadow DOM, and HTML templates, demonstrating how to encapsulate functionality and style to avoid conflicts in complex applications.

15:00 Building for the PHP Command Line Interface
Talk by Steve Grunwell in PHPUgly Hall (1 hour)

Executing PHP from the command line enables us to interact with our applications in new and interesting ways: from performing site maintenance to scaffolding new projects, CLI tools like WP-CLI, Artisan, and Symfony's Console component make it easy to interface with our code without ever opening a browser. Attendees will be introduced to popular PHP CLI tools and their default capabilities. We'll discuss characteristics of good CLI scripts, strong use-cases for writing custom commands, then write several CLI programs across different platforms.

Break Off a Piece of That Monolith
Talk by Omni Adams in PHP Roundtable (1 hour)

Most of the PHP that still exists today was written long ago by developers lost to the sands of time. It was written in an era where we didn't have the tools we do today such as Composer, type safety, unit testing, and code standards. Even code that was written recently frequently ignores best practices in order to "get things done". You've been tasked with maintaining a legacy application and would like to modernize it, but the powers that be won't let you rewrite it. This talk will discuss strategies for bringing ancient codebases into the modern age piece-by-piece, covering the pros and cons of microservices, monoliths, and event buses.

Building a PHP Safety Net
Talk by Aaron Holbrook (1 hour)

Discover how to bulletproof your PHP projects by mastering essential developer tools and automating pre-commit checks. You'll learn how to: Seamlessly integrate Make, PHPStan, PHPCS, and PHPMD to streamline your coding tasks. Write versatile Makefile rules to automate PHP-related workflows. Set up pre-commit hooks that act as your code quality safety net. Dive into real-world examples, tweak advanced configurations, and troubleshoot common issues. Walk away with a robust pre-commit workflow that enhances your code quality and catches issues before they reach the repository.

3
You Can Handle APIs: Introducing API Handler
Talk by Tim Lytle (1 hour)

This session is a 'no slides, just code' introduction to a newly open sourced pattern that has changed the way we think about API development. No, it's not yet another framework. It's a PSR-15 compatible middleware implementation paired with a set of intuitive interfaces designed to streamline API construction. For legacy applications, the interfaces allow easy integration into your existing codebase, eliminating the usual configuration headaches of API frameworks. And if you're on the path of crafting something new, imagine building a core stack that's feather-light, powered by nothing more than PSR-7 and PSR-15 implementations. In this hands-on session you'll see firsthand how to implement this pattern in various scenarios, from breathing new life into old systems to laying the foundations of modern, lightweight applications.

16:00
3
SDK Tuning: From Toolkit to Cool-kit
Talk by Jim Seconde (1 hour)

I've got plenty of engineering experience. I'd inherited an SDK at Vonage: so what? It's just like any other code, right? Except, of course, it isn't. Coding an SDK is a -very- different animal to tame. You have API versioning to consider, razor-tight semantic versioning to stick to and a -ton- of banana skins presented to you for everyone to see if you fancy a Laurel and Hardy tumble. Coding for a product used by developers is an interesting ballgame, so after doing it for two years I'll go through how to make sure you delight your engineers instead of getting into another fine mess.

0
GraphQL API in PHP
Talk by Drishti Jain (1 hour)

APIs are a trivial part of development. But there are number of challenges that come along right from data fetching to iterating over endpoints. Worry not GraphQL is here to the rescue. Come dive into the world of GraphQL and learn to develop efficient and easy to understand APIs!

2
CICD should be boring and run anywhere
Talk by Joe Ferguson (1 hour)

Continuous Integration and Continuous Delivery can be a pain point in the development workflow. We’ve all done it, we’ve searched for “how to run TravisCI/GitHub Actions/GitLab CICD on my local machine” with the typical dismal results. We’ve had times of frustration as we push commits repeatedly just trying to appease the build system to pass our tests. Stop banging your head and start building your CICD actions to run in any environment, especially locally so we can skip the commit-push-wait feedback loop. If you’re interested in saving time and resources in your CICD systems join us for a dive into how to build workflows that provide value and not just failed builds! We’ll explore options and show examples of migrating an application to run everything locally just as it would in CICD.

The Many Layers of OAuth
Talk by Keith Casey (1 hour)

OAuth is one of the most important but most misunderstood frameworks out there. What you think it is, it probably isn’t. What it actually is, you probably hadn’t considered. Regardless, when you consider the standards, specifications, and common practices interact and fit together, it’s impressive what you can accomplish with minimal effort. In this session, we’ll explore through the most common RFCs and implementations that are combined to make powerful, robust, and secure solutions that drive modern software development.

Thursday 25th April 2024

09:00
10
Saving Open Source
Keynote by Ben Ramsey (1 hour)

Open source software is everywhere—from large enterprises to small businesses, from smartphones to airplanes. It pervades software development and infrastructure. We fought for open source to be accepted, and we won. Now that it has a seat at the table and the managers, board members, and investors have their hands on it, has it lost its soul? Has open source gone corporate? Furthermore, with a generation of developers who grew up in a post-Napster world that views all knowledge and content on the Internet as free, we're seeing many public software projects forego the concept of OSS licenses in favor of looser forms of sharing. How did we get here, and does this mean we've entered a post-open source era? Let's look back to the beginnings of the free software movement to discover what made it a movement and not a corporate strategy. We'll consider whether open source has exchanged its jeans and t-shirt in favor of khakis and blue, button-up shirt. More importantly, we'll examine whether this is a greater cultural phenomenon and what it means for the future of software development and whether open source needs saving.

10:00 Rocking the Repository Pattern
Talk by Mark Niebergall (1 hour)

The PHP community has long debated the best solution for database interactions. Using an ORM with Active Record or the Data Mapper Pattern is a common solution, but each comes with nuances. Come learn all about another practical approach by using the Repository Pattern for a clean solution to this common problem. Dive into using a supporting cast of Services, Entities, Value Objects, and more to find an alternative to the data persistence problem. Discuss technical pros and cons as implementation strategies are explored.

1
Seven Database Query Sins You Are Going To Hell For And How To Earn Redemption
Talk by Dave Stokes (1 hour)

Writing good Structured Query Language queries takes effort. But you don't have the time so you use 'SELECT * FROM foo' and as your data grows so does your query time. Or, you have a series of queries that could be run in a batch but run one at a time in a transaction and can not determine why your server is slow. These common problems and others are easy to fix if you know what is wrong and how to fix it. In this session you will see the big seven query sins and understand how to fix them.

2
PHPStan - The PHP Static Analysis Tool to make code bug free!
Talk by Drishti Jain (1 hour)

Imagine a world where your PHP codebase can be checked for all the bugs without even writing testcases – doesn’t this sound the BEST!? Here is where PHPStan comes to our rescue. An opensource Static Analysis tool to check for the bugs in the entire PHP codebase without writing tests! It can run directly on your setup as well as in CI to detect and prevent the bugs reaching production. Join me in this talk as I take you through PHPStan, how it is legacy friendly, helps eliminate the tricky bugs, its extensions for Symphony, Laravel; and much more!

0
Five Things Every Developer Should Know About Mental Health
Talk by Sarah Savage in PHP Foundation Studio (30 minutes)

Five Things Every Developer Should Know About Mental Health

10:30
2
Getting S**t Done: Background Work in PHP in PHP Foundation Studio (30 minutes)

Getting S**t Done: Background Work in PHP

11:00
5
Who Goes There? Actively Detecting Intruders With Cyber Deception Tools
Talk by Dwayne McDaniel (1 hour)

Intrusion detection works best when you can discover the attacker while they are still in the system. Finding out after the fact does little to protect your systems and your data. Ideally, you would want to set an alarm that an attacker would trigger while limiting the damage to your environment. We know from many recent breaches that attackers commonly try to expand their foothold in a system by finding and exploiting hardcoded credentials in environments they have accessed. We can use these behavioral patterns to our advantage by engaging in defensive cyber deception. You might already be familiar with the concept of honeypots, false systems, or networks meant to lure and ensnare hackers. There is a subclass of honeypots that require almost none of the overhead, are simple to deploy, are used by many industries, and lure attackers to trigger alerts while they are trying to gain further access. The industry has arrived at the term honeytoken for this branch of cybersecurity tooling. Takeaways: - Analysis of recent breaches for common attack behaviors - A history of cyber deception and the evolution of honeypots in defensive strategies. - Understanding how honeytokens work - Maximizing the impact of honeytokens

Up to my Eyeballs in Technical Debt!
Talk by Steve Grunwell in PHP Roundtable (1 hour)

Every decision we make in our projects has the potential to increase or reduce technical debt. While the only way to completely eliminate the debt is to never write any code, there are steps that we as engineers, project managers, and project stakeholders can take to mitigate our risk. This talk covers the concept of technical debt, its potential to devastate projects, and red flags that project teams can look for to reduce its impact before it spirals out of control.

The Ethics of Data Collection
Talk by Beth Tucker Long (1 hour)

Many professions have strict requirements for behavior and decision-making, like doctors, lawyers, and journalists. The codes they follow outline best practices and establish boundaries for what is considered appropriate or inappropriate. The codes are designed to not only protect the professional performing the work or activity, but also anyone else who may directly or inadvertently be involved. The tech field lacks such a code, but the impact of our actions reaches worldwide. Just what are the ramifications of what we do and what protections should be in place?

3
PHP Foundation Q&A in PHP Foundation Studio (30 minutes)

PHP Foundation Q&A

12:00 SQL Database Design For Developers
Talk by Scott Keck-Warren (1 hour)

As shocking as this may be, not every team has a dedicated database administrator. Like many developers, I have had to learn difficult lessons about database design the hard way when under a lot of pressure to get something that’s broken fixed. In this session, we will go over how to normalize our database, how to use indexes to improve our performance and discuss using constraints to make sure that the data entered into our database follows our business rules.

1
The Business of Bisecting
Talk by Pauline Vos (1 hour)

I've been teaching Git for years, and everywhere I go `git bisect` seems to be a bit of a mythical beast. Some people have heard of it, very few know what it is, and almost nobody knows how powerful it can really be. In this short talk, you'll find out not only what bisect is and how it works, but also all the ways in which it can work for you. From finding a specific point in your history lightning fast, to making it debug for you using a combination of bisect and regression testing.

5
Manage Large Data Sets with Streams in PHP
Talk by Joe Ferguson (1 hour)

Working with streams sounds scary and complicated but we’ll show you how to leverage streams to process large data imports without having to sell your house to buy RAM. Streams are a way to generalize data for easier processing in a linear way including the ability to seek around the stream. We’ll cover our own tips and tricks we’ve learned along the way to help you dive deep into processing streams. Streams have been in PHP since back in the 4.x days however we continually see developers trying to iterate on huge data sets and often run out of memory. We’ll show you a better solution instead of “ ini_set(‘memory_limit’,’16GB’);”

2
Queryable Encryption w/ MongoDB in PHP Foundation Studio (15 minutes)

Queryable Encryption w/ MongoDB

12:15
1
Accessibility
Talk by Paulo F in PHP Foundation Studio (30 minutes)

Accessibility

14:00
8
Simple Ways to Make Webhook Security Better
Talk by Scott McAllister (1 hour)

Webhooks are a simple and powerful way for services to notify each other that something interesting has happened. So much so that it became the most popular mechanism for communicating events. While webhooks give us power and flexibility, they rely heavily on the listener to enforce security. In this session, we will learn the most common, interesting, and challenging patterns across 100+ webhook implementations, and learn some simple ways to make webhook security better (for providers and consumers).

WebSockets Made Easy with OpenSwoole
Talk by Savio Resende (1 hour)

Real-time data communication is pivotal in delivering dynamic user experiences in the ever-evolving web technology landscape. In "WebSockets Made Easy with OpenSwoole" I will demystify the complexities of real-time, bidirectional communication between web clients and servers using PHP. In this presentation, we delve into the powerful capabilities of OpenSwoole, a high-performance network framework for PHP. We'll explore how OpenSwoole simplifies the implementation of WebSocket servers, enabling seamless data exchanges in real-time applications like chat systems, live updates, and interactive services. Attendees will gain a clear understanding of WebSocket concepts, the advantages of using OpenSwoole, and practical insights into setting up and scaling WebSocket servers. We'll also walk through engaging examples and best practices, demonstrating how to integrate OpenSwoole into your PHP projects to elevate them efficiently with real-time features. We will also look at integrating it with the popular framework Laravel. Beginners can get a very good understanding of this, but intermediaries might be the ones getting the most out of it. I'll delve into the basic PHP concepts, so it is required to know PHP programming. It is recommended that you understand the difference between PHP-CLI and PHP-FPM, and for the last part of the talk, it is recommended that you know the basics of Laravel.

2
Create Better Dotfiles
Talk by Andrew Woods (1 hour)

Dotfiles are an essential part of the command line. They configure your environment and personalize your experience. Many CLI commands provide a config file to manage your settings. They build up quickly, so it's important to have a way to manage them. You can get as nerdy as you want, with your system settings. You'll learn things you should do, and some things to avoid. You'll learn how to structure your dotfiles, make them modular, and make them maintainable for the long term. With the power of scripting, this talk will help you learn how to make your dotfiles extensible and easier to maintain. Key Takeaways: * learn shell conventions and the The XDG Base Directory Specification * Learn strategies for creating a publicly shareable dotfiles repo. * Leverage the capabilities of the shell * Learn cross platform strategies

2
Modern SQL
Talk by Elizabeth M Smith in PHP Foundation Studio (1 hour)

By popular (poll result) demand

15:00
4
(Neo)Vim for PHP Developers
Talk by Chris Hartjes (1 hour)

You've heard the jokes about how hard it is to quit. You've witnessed the unending fight it's had with Emacs. But the truth is that Vim and NeoVim are extremely powerful modal editors that can be customized to create a powerful Integrated Development Environment. In this talk Chris will talk about how he uses NeoVim to work on PHP projects and open your mind to the concept of modal editors and an infinitely-extensible development environment.

Simplifying the Complex: The Clean Code Methodology
Talk by Aaron Holbrook (1 hour)

Dive into the art and science of crafting streamlined and sustainable code with: "Simplifying the Complex: The Clean Code Methodology." In this session, we'll explore pragmatic approaches to writing software that stands the test of time—software that is not only functional but also clean, clear, and easy to maintain. We'll dissect the essence of clean code, break down the principles that guide seasoned developers, and provide actionable strategies to transform your coding practices from convoluted to crystal clear. Attendees will take away: * Key principles of writing clean code that any developer, from junior to senior, can apply immediately. * Techniques for refactoring that reduce complexity without sacrificing functionality. * Best practices for code reviews that focus on maintaining a high standard of code hygiene. * Strategies to foster a development culture that prioritizes clear and maintainable code within their teams.

PHP Attributes: Let's get Meta
Talk by Larry Garfield (1 hour)

One of the unsung heroes of PHP 8 is PHP attributes. Attributes are a language-native way to provide accessible metadata on almost any language construct. Huzzah! Joy! New toys! So what? What can we actually do with attributes, and how can we make them even more powerful? In particular, what can they replace in our older code? This session will cover PHP attributes, what they are and how they work, as well as how to make them even more powerful with AttributeUtils, a robust user-space library for working with attributes.

2
Accessibility
Talk by Paulo Fernandes in PHP Foundation Studio (50 minutes)

Uncon talk

16:00
7
Community, PHP and us: Growing up
Keynote by Michelle Sanver (1 hour)

In year 2000 when PHP 4 just came out, we had functions.php and when it started being big we made functions2.php. When object orientation came out we renamed our databasefunctions.php and put a class around it and called it OOP. PHP by then, was not very mature. I by then, was not very mature. The community by then, was not very mature. We have come a long way since then! We now believe 12 year old girls on the internet are not FBI agents. We now have type hints, and namespaces, and composer! We have all matured. Let me share my story of amazing technology that changed my life. I will also share some horrible community experiences, and the awesome ones that kept me going. Let’s keep growing, because we never really stop.