This is the first day of conference coverage. Day 2 is available here.
This morning the conference opened with a Keynote from Dick Griffin who leads a company called The Griffin Method. His whole point was working to convince the crowd that there are a huge number of technology purchases by the Feds that are predominantly the domain of closed-source, proprietary applications and standards. In light of the numerous interoperability, information sharing, and collaboration guidlines, this simply doesn't make sense and actually requires more work (aka Tax Dollars), more effort (aka Tax Dollars), and often multiple implementations (aka Tax Dollars). Therefore, he pointed out that by making inroads with software and tools that can be shared among organizations, we can decrease the cost of government and make some money in the process.
The first session was Mike Naberezny's desciption and some simple usage of the Zend Framework (slides available here). What I found interesting was that ZF is not currently a framework in the QCodo, Cake, or Symphony, it's more of a “toolbox” with quite a few common functions like Web Service handling, PDF creation, etc that are included out of the box. The overview of components was useful, but I would have loved to have seen some code samples and a demo or two. There is some MVC-stuff in the lab area (not for release), but there is nothing in the core contribution. I was at Zend last year when they started pushing it but have not had a chance to look at it… looks like I need to make some time now.
Next, we had Laura Thompson from OmniTI presenting on “Writing Maintainable Code”. Laura laid out a relatively straight forward strategy on how to deal with coding standards, a few design principles and libraries, and even the occassional huddled-under-the-desk-developer. Her delivery was excellent and had the entire crowd rolling during her DailyWTF-worthy code samples and stories. It was well worth it. I'm already looking at implementing automated coding standards using PHP_CodeSniffer and I think she provided a great case for doing so. The most interesting point was that she claimed OmniTI doesn't do Unit Testing. Maybe I misheard the question, but I was shocked at that one.
Update from Laura (direct quote):“To clarify re unit testing: we do it, but we don't do enough of it (does anybody really). On the product side everything is unit tested, and quite a bit of the consulting work. Some of the consulting work consists of large legacy codebases, and it's hard to retroactively implement a complete set of unit tests for something like that, which was the point I was trying to make. Projects we have worked on from scratch have the best unit test coverage, and ones we inherit – or fly into to fix a particular problem – vary a great deal.”
Lunch was a good selection and I sat with a good collection of speakers and attendees. Most people were telling how or why PHP has started showing up in their organization and what it's currently replacing. In some cases, PHP is replacing cgi, perl, or even 16 Rolodexes. No, I'm not kidding. One pair of developers told about their multi-year effort to take osCommerce and make it a useful application. It included implementing security, Smarty templating, and generally making it useful. I also met a few dotProject users and was able to talk about some of the new development and direction of the project itself.
Next, we had Chris Shiflett also from OmniTI giving a walkthrough of some common security vulnerabilities and a number of ineffective and effective ways of detecting and closing them. Unfortunately, I missed about half of his presentation due to a couple different calls. I'll have to catch his presentations at ZendCon in a couple weeks.
Next, Adam Trachtenberg talked about Ebay's SOAP services and how he did a simple mashup between Ebay's Used Cars and Google Maps to create “Dude, Where's my Used Car?” The information and functionality was pretty nifty and helped demonstrate just one of a variety of ways that mashups can manipulate data to make more and bigger things. Did you know that nearly 60% of the products sold on Ebay have been posted via their Web Service API?
Next, we had Elliott White III (Eli) one of the lead developers of Digg.com who focused on large-scale PHP deployments and strategies for improving them. Most of his focus was spent on optimization of caching and database layers as opposed to optimizing code. It was an interesting discussion which was completely relevant to a few of the gov-types in the audience who need to support tens of thousands of users… similar to Digg. He laid out a huge number of little improvements that can quickly add up to a more robust solution all the way around. Eli also had a few free copies of his book available.
The final presentations of the day were me presenting opposite of Chris Shiflett on “The Truth about XSS”. Unfortunately, I couldn't attend both. 😉
I presented on REST Web Services (slides available here) and gave a background on what Web Services are, how SOAP went and made things wildly complicated, and how REST simplies things and makes them useful again for 80+% of the cases. To help demonstrate my point, I implemented a simple “getProjects” function in both SOAP and REST for dotProject. The SOAP example required two characters of request for every character of response. The REST example was a url. Don't worry, this is all in the slides. To support the read-only aspects of dotProject for the first three modules, it took 85 lines of code. The bulk of the effort was moving dotProject functionality into the proper classes, not actually implementing the REST aspects. It couldn't be much easier.
We wrapped up the day with a happy hour (open bar!) and a nice dinner. I had the opportunity to talk with interesting people ranging from small one-man application shops to a few representatives from IBM. PHP is making inroads in many of these organizations and is the standard in the rest. Overall, it was a tiring but fascinating day.
* A few more pictures are available here: 2006 DC PHP Conference on Flickr.