After experiencing the inspiring atmosphere of php|tek 2008, I vowed to write a blog post a day to hone my writing skills.
Whoops!
Note: The ZIP on the php|tek 2008 site didn’t have the AIR code in it, so until that’s fixed I’m linking to my locally hosted copied
Clearly the free booze and other gifts provided to the php|arch team is paying off, as two of my talks have been accepted for php|tek 2008 in Chicago. I’ll be speaking on desktop app development with AIR, and the PHPSecInfo project. The full schedule of talks will help you plan on how best to avoid me.
Desktop app dev with AIR has been something near and dear to my heart lately, as I’ve spent a lot of time in the past several months developing Spaz, a Twitter client based on AIR. In the process I’ve learned a whole heck of a lot about Javascript development, and learned intimately what works well in AIR and what doesn’t. Combining PHP on the server side and Javascript/HTML on the client side makes a lot of sense for me, then. Getting the two sides to work together has gotten a fair bit easier with the JSON extension that was added in PHP 5.2.0. With that, exchange of data structures carries a lot less overhead.
PHPSecInfo has been quiet for a while on the development side, but I’m hoping things will pick up a bit with the introduction of public SVN access to the project. The trunk version has some extra stuff in it, like the beginnings of a new view system to output results in various formats. I’ve also added Paul Reinheimer as a contributor, so feel free to guilt him into making updates as well. If you’re interested in contributing patches or updates to PHPSecInfo, drop me a line and we’ll chat.
Maintaining focus has never been one of my strong suits, but I’ve been doing a fairly bad job of it lately even for me. So, I’m finally posting the slides from my two talks a DC PHP:
I think my talks went okay, but not great. Definitely could have been more prepared and presented more useful information, especially in the Inspekt talk. It’s the first time I’ve done a talk on that project, so I still am feeling that one out a bit, whereas I’ve talked about PHPSecInfo a few times before this.
The DC PHP Conference was a nice surprise. It was clearly still in the learning stages, but everyone was friendly and happy to help, and the organizers definitely seemed interested in sorting out what worked and what didn’t. I believe they said the next one will be in July 2008; I hope to be there!
php|works 2007 was last week, and it was a great experience for me. Here are the slides and code from the presentations I gave:
I really enjoyed my trip to Atlanta and the conference experience. Much like php|tek this year in Chicago, ‘works was filled with lots of great content, smart people, and a casual, comfortable atmosphere that makes the whole thing a lot of fun. The php|architect conferences lack pretension, and that’s really nice — it’s about the people and sharing knowledge. And this one was really special for me because it’s the first time I’ve given a presentation to my colleagues in the community. I was very nervous, but it all turned out well.
I’m too lazy busy to write out an extended journal of the whole experience, but here are some memorable moments:
This Friday, I’ll be giving two talks at php|works Atlanta: one on the CodeIgniter framework, and one on PhpSecInfo.
September 14, 2007 @ 1:15 – 2:15pm
CodeIgniter is an open-source web application framework written in PHP. Created by EllisLab, CI is descended from the ExpressionEngine CMS system, and therefore has a focus on real-world needs and solutions for PHP developers. CI is easy to deploy, and works with a wide variety of environments (even FTP-only shared hosting accounts). It offers powerful features like MVC and ActiveRecord without requiring the developer to adhere to strict coding guidelines. It’s easy to extend, and plays well with other code libraries like PEAR and Zend Framework.
In this talk we’ll go over the basics of CI: how to deploy it and writing a simple application. As time allows, we’ll discuss how to extend the framework with other libraries.
September 14, 2007 @ 4:30 – 5:30pm
PhpSecInfo is an easy to use security auditing tool for the PHP Environment. We’ll discuss how to use PhpSecInfo as part of your web app security toolkit, and how to customize and extend it for your specific needs, including using the Zend_Environment_Security module from the Zend Framework.
Hope to see you there!
Ed Finkler is a web application developer, security expert, graphic designer, and dabbling musician. He works for CERIAS at Purdue University, and is a member of the PHP Security Consortium. His opinions expressed here do not necessarily reflect those of either group.
Photo by George Schlossnagle
RSS 2.0