SunshinePHP 2015
5 - 7 Feb 2015
at Embassy Suites Miami International
Talk comments
Great talk on PHP QA. I learned about some amazing new tools and concepts to ensure that my php code is the highest quality. Amazing speaker!
Great Tutorial! I have learned a very good tricks.
excellent discussion. i passed information back to my team for us to engage some of the tools and practices.
I always enjoy the talks that Mike gives. Good tutorial, thanks.
Thanks for the talk, some great information and lots to read up on. Thanks for the Docker tips. Chris was clear and clearly knew his stuff. Thanks
Very good speaker.
A bit too crowded (SunshinoPHP next time we need a bigger room!!!).
A ton of good pics.
It's time for some QA!!!
Amazing speaker, He really knows what he's talking about. I have notice a large experience working with PHP and improving crapy 3rd party code. The talk was also great with lot of information and very well explained.
Thanks!
It's a complex topic, so it's hard to go into a lot of detail about everything. But it was a good checklist of things to be aware of.
Wim clearly knows what he's talking about, and I seriously learned a lot, especially in the latter half. He answered questions very well too. But I have to give this talk 3 stars for two reasons: 1. The first hour (of 2.5 hours) was dedicated to code that was clearly ancient. mysql_escape_string() and addslashes()? While yes, we need to know about SQL injection, but manually concatenating SQL strings with unescaped user input is definitely not mainstream anymore. Other code examples appeared to be coming from phpBB or something similarly outdated. Maybe that code is still out there, but is that what we current developers are at risk of building now? I doubt it. How is this relevant, for example, to my REST API using oAuth authentication? 2. More time and detail could have been given to techniques for dealing with a breach after it has already happened. How to avoid it in future? What are some possible consequences long-term? How to convince stakeholders to spend money on security-related infrastructure, etc.