Well, I’m finally digging out of the trip to DC for the DC PHP Conference & Expo. The conference could have been better for a few reasons but before I expand on that I should make it clear that the conference was a pretty good success given it was the first year. I’d especially like to thank Robyn Wyrick and staff as they did their best to roll out the red carpet at the classy L’Enfant Plaza Hotel in DC. You can get quick access to my presentation from here.
That said, let me start my constructive feedback with the obvious. You really can’t have a great conference on any internet technology if you don’t provide internet access. That is right, not only was WiFi a no-go, but the speakers didn’t have access to the internet. I don’t pretend there wasn’t significant cost issues but I’d really rather come down in the quality of the venue itself to at least gain access to the web. Or, better yet, charge a few extra bucks per-head on the registration fee. Let’s face it…most attendees have tickets paid for by their employers who would probably also like them to have access to email, etc while away from the office. The real impact on me was really an impact more on the attendees as I could not really do the SOAP/SOA part of my presentation because all my work for that required access to the internet.
My other issue was more selfish in nature but putting the way-out-of-towner in the last time slot on the last day of the conference ended up causing me some travel pains. It started when I got a phone call at 3:15pm on Friday that my flight to O’Hare from Reagan was cancelled. That left me no time to rescedule as my talk started at 3:30pm…or it was suppose to. It actually started late and ending early so I could make room for the panel discussion. Now don’t get me wrong, I was honored to be selected as a speaker for this conference but you don’t chase a guy out early because you need setup time…yes, I know it was Rasmus, et. al in the panel discussion and that I doubt I could entertain the average geek with half as much flare, but if you want a panel discussion and need time to set it up then plan for it.
That aside, I finished my talked and frantically called United who told me I had to get my hind-parts to Dulles which was a two hour dash by train and bus. Of course I made it to Dulles on time to only get to O’Hare where I was told my flight which was to depart for Des Moines at 10:15 was delayed until 1:15am. Long story short, I got home and in bed at 3:30am.
Now for the good parts of the trip. I listened to Mike Naberezny talk about the Zend Framework. I’m not sure how the rest of the PHP community is looking at the Zend Framework but I’m seeing it basically a repository of libraries much like PEAR rather than a true full fledge framework like PRADO or cakePHP. In fact, it is much more in line with what I’ve been doing with the Geeklog 2 Framework…which is the same framework we use here at work. Mike’s slides are available here . I see myself using as much of the Zend Framework libraries as makes sense…I know that is a bit unclear but my main goal is to keep our application dependencies as close to E_STRICT compatible as possible and to date we have used far too many PHP4-based PEAR libraries so making a switch to PHP5, E_STRICT compatible libraries will definitely make the transition to PHP6 easier for us.Probably the person who left the best impression on me at the conference was Chris Schiflett whose name is synonymous with PHP Security…in fact he has written a book on the subject. Listening to Chris you’ll quickly appreciate knowledge in security and that his domain knowledge far outreaches the realms of PHP and is really more focused on Internet Security in the broader sense. PHP’s history has given it much of a bad wrap. Because it is a scripting language, it is easy to learn and as a result you end up with doctors, lawyers and other in non-IT professions using PHP to put together dynamic web content. Furthermore PHP is a great language for the programming novice which explains the scores of high school and college students who learn it. But that strength is also a weakness as few people in those categories really think about the security of their applications because it was not part of thier education. In fact the internet was so knew that I myself didn’t receive what I would hope is getting taught on the subject in our colleges and universities. I’d take some time visiting his blog so you can get edgumacated on security.
From there I tried to pay attention to Eiliot White from Digg.com but I found it hard to relate to much of his presentation. He’s really dealing with problems unique to gloriously high traffic sites and my experience has yet to bless me with those sorts of problems. Regardless, I did pick up a few things…his recommendation on using memcached is one I plan to investigate further. Currently none of the PHP environment I work in have multiple web servers so the benefits of memcached over, say, APC’s share memory simply won’t be realized until we do. I also found his bits on database sharding a bit odd…I mean I guess I see the use of sharding a database but if MySQL simply isn’t keeping up with your site at some point I think you need to weigh the cost/benefits of managing the complexities of the shard versus investing into money a database platform that can handle that kind of traffic. I’m not even sure that an Oracle could even address the data issues that Digg has to tussle with but it might be incorporating this into future discussions should Eli feel it useful.
On Friday I only made only one talk besides the keynote by Rasmus as I had to retrofit my entire presentation to work as smoothly as possible without a working internet connection.
I caught David Recordon’s talk on OpenID and I find it interesting and I plan to see if we might be able to wire in A&A as an OpenID provider should it make sense. User Authentication and Authorization is a focus at ITE and we consciously chose not to use anything out in industry back when we started A&A because the commercial altenatives were too costly and the open source offerings were simply too young or fragile. It appears now may be the time to revisit that whole conversation.
If anybody out there in PHP land enjoyed my talk I would love some feedback and if anybody out there is interested in the slides you can here or you can see it in person at the Zend PHP Conference next week in San Jose.