ScotlandPHP 2017
4 Nov 2017 at Edinburgh International Conference Center

Details coming soon!

10

Contrary to popular belief, no code is untestable. Sure, writing unit tests for well-crafted code that follows the SOLID principles is easy. But what about legacy code residing in some god class with implicit dependencies and no separation of concerns? We will show you that it is possible to write tests for even the worst code by explaining the why, the what, the how, and the when of software testing while looking at real-world examples.

10

It's 2017 and times have changed – yet PHP is still most often associated with your average product catalog or blogging platform. In this talk you will learn that PHP's huge ecosystem has way more to offer and PHP is not inferior at all to its evil cousin Node.js. You will learn about the core concepts of async PHP and why you too should care about ReactPHP being a real thing. The talk has a strong focus on sparking the idea that PHP can be way faster and more versatile than you probably thought. Bring along an open mind and through lots of examples and demos learn why what sounds crazy at first might soon be a valuable addition in your toolbox.

9

The Cloud Native Computing Foundation, founded by The Linux Foundation, currently oversee's the guidance of Kubernetes, Prometheus, OpenTracing, Fluentd, and more. The Cloud Native Computing Foundation describes being "Cloud Native" as three major components: Containerized Each part (applications, processes, etc) is packaged in its own container. This facilitates reproducibility, transparency, and resource isolation. Dynamically orchestrated Containers are actively scheduled and managed to optimize resource utilization. Microservices oriented Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications. In this talk, I will guide you towards taking your application cloud native, utilising the software available to us today, from the CNCF, and others, covering containers, tracing, logging and service discovery ... as well as the dreaded: "What actually is a micro-service?"

You've been given the task of refactoring that legacy app, so what are you going to do to make sure you're leaving something better? How are you going to tackle something made over the years with features built and understood by those who’ve left and live in infamy? In this talk we'll look at different techniques you can take to overhaul legacy applications. We'll work from the ground up with planning, production, and aftercare: focusing on 3 different approaches with Laravel you can take depending on your time, budget, and needs so you'll end up with a legacy to be proud of.

MySQL 5.7 has been the best received version of MySQL to date. But several legacy issues have needed correction for a long time and are now being fixed. MySQL 8 will have a true data dictionary (no more .frm, .myd, or other table with metadata) that will let you have millions of tables within a databases. The default character set will be UTF8MB4 with multi plane support for thinks like CJK support and emojis. Plus you will get invisible indexes, roles, windowing functions plus CTEs, and big improvements in the optimizer. histograms for the Performance Schema, and more. Plus learn how to test MySQL 8 from a container before you need to upgrade.

20

Content Security Policies are another tool we should have in our security toolbelt to help protect users of our sites. In this session I’ll cover what they are, why they’re needed, how they work and the limitations on what they can & cannot do to protect users. I’ll demo attacks a CSP will block, break things, show what the different CSP directives & options will do and introduce some of the tools available to help with implementing a CSP on your sites!

6

We all make mistakes, as much as we try to write flawless code, every now and then an error slips through. In order to reduce this number we do code reviews to ensure the code meets certain standards and to see if the feature was properly implemented. But how do you do a good code review? How do you handle technical discussions? How do you keep your reviews focused and your discussions relevant? In this talk I would like to show you how you can do proper code reviews, what to look out for when doing them, how to give feedback to the developer and a bunch of other tips to improve this process.

13

This is not your normal security talk. Sure we talk about secure communication and the importance of hashing and encrypting (and why rolling your own is never a solution). We might even get frisky and cover some more interesting topics like true randomness, timed attacks and social engineering. But what we're here to learn about is the state of online security. Based on the results from a 4 year research project to see just how vulnerable the average website is. Theodore Sturgeon famously said 90% of everything is crud, we'll get to see just how close we come to that number. So if you're ready to see how scary the dark depths of security can be and just how scary it is when you look up and see all the leaky boats above us is, this is for you.

Okay, you've made the move to containers and can now write Dockerfiles for everything. How do you manage all of those containers?. Have you found that you traded managing individual machines for managing individual containers? Kubernetes, an Open Source container orchestration engine, can be your answer. We'll explore Kubernetes and see how you can use it to run massive collections of containers that fix their own problems and allow you to move your setup wherever you need to be.

8

"GraphQL represents a massive leap forward for API development." says GitHub. What can we do with it in PHP? It turns out to be not that hard. In this talk I will present how you can make this happen using PHP with Symfony backed by the current available libraries, while also taking some time to introduce you to the concept behind it and what could be the advantages for your project.

12

We all face a daily battle to write good code for ourselves and others, deliver finished applications fast to satisfy business, and ensure everything is properly tested to prevent end-user fails. In this talk we will discuss what “clean application development” is, and how it can help us win those battles. The talk will provide practical and usable examples to, integrate into your workflow, and continue to grow into good habits.

3

Behat is widely used as part of a Behaviour Driven Development lifecycle, but it's also widely misused. In this talk Ciaran will explain what BDD and Behat involve, and show the best practices including writing good scenarios, driving service development from scenarios, and techniques for fast UI testing.

Details coming soon!