|1020-1100||Introduction to WordPress Security||Stéphane Boisvert|
|1100-1140||Once Upon A Time… There Was An API||Steven Cooper|
|1140-1220||Improve Magento Performance To Drive Higher Conversions||Harald Zeitlhofer|
|1330-1345||Writing PHP with React||Jack Lenox|
|1345-1400||Panada Framework, Simple but High Performance PHP Framework from Indonesia||Bagus Aji Santoso|
|1400-1415||Introduction to PHP Stream||Edwin Ong|
|1415-1430||Go Reinvent The Wheel||Sam Yong|
|1500-1540||PHP7, HHVM and Co||Pierre Joye|
|1540-1620||Building a Scalable System for Tracking Shipping Packages||Premshree Pillai|
|1620-1700||Why Your Test Suite Sucks||Ciaran McNulty|
|0900-0945||Extremely Defensive PHP||Marco Pivetta|
|1030-1100||Web Application Security: Winning When The Odds Are Against You||Ben Dechrai|
|1100-1140||Performance Testing for Modern Apps||Dustin Whittle|
|1140-1220||Modernising the Legacy||Marek Matulka|
|1330-1345||PHP Memory & Garbage Collection||Koo Pak Yee|
|1345-1400||Event Driven Application||Prasetyo Wicaksono|
|1400-1415||Building Smarter Applications Using Cognitive Computing||Justin Lee|
|1415-1430||PHP for Enterprise Systems||Sushma Vyas|
|1500-1540||Automation Changes Conversation||Jack Skinner|
|1540-1620||PHP and the Liberal Cloud||Vito Chin|
|1620-1700||The Power of Being New||Jenny Wong|
Singapore, officially the Republic of Singapore, is a modern city-state and island country in Southeast Asia. It lies off the southern tip of the Malay Peninsula and is 137 kilometres (85 mi) north of the equator. The country’s territory consists of the diamond-shaped main island, commonly referred to as Singapore Island in English and Pulau Ujong in Malay, and more than 60 significantly smaller islets. Singapore is separated from Peninsular Malaysia by the Straits of Johor to the north, and from Indonesia’s Riau Islands by the Singapore Strait to the south. Singapore is highly urbanised. Land reclamation has been used to expand the country’s land area.
Go Reinvent The Wheel
We all know how software libraries, packages, modules have made life easier for developers who build software applications and cannot be bothered with what is under the hood. Guess what: chances are getting your hands dirty can help you learn to be a better software engineer and developer. Coding school websites do not teach developers how to pack their code into libraries and manage their own libraries’ user base. It is through building libraries, RTFM and self-exploration that we learn much more.
I’m Sam, a Software Designer and Photographer from Singapore. On my free time, I build and fix leaks on open source software projects, as well as work on photography. My full stack development swords include PHP, JavaSript (backend & frontend), HTML and CSS. Occasionally I bark C# and Java. Right now I am doing my time in National University of Singapore (NUS), majoring in Computer Science. When I am not running around campus or attending lectures, I grow fascinating ideas and write code.
Bagus Aji Santoso
Student, Universitas Pendidikan Indonesia
Panada Framework, Simple but High Performance PHP Framework from Indonesia
Panada Framework is a simple but high performance PHP Framework developed by Iskandar Soesman. It aims to become a framework that doesn’t differ from the native language so people who already knows PHP can learn Panada easily using their current knowledge.
My name is Bagus Aji Santoso, I’m 20 years old. I’m a student of Computer Science Education Department at Universitas Pendidikan Indonesia (Indonesia University of Education). I learned PHP when I was in my 4th semester on Internet Programming course. Today I’m the head of an open source community in my campus, POSS UPI. I’m also a contributor for Codepolitan, one of the most popular programming blog in Indonesia.
CTO in Chief, CTO for Hire
Web Application Security: Winning When The Odds Are Against You
Even the simplest web application has so many vectors of attack, it’s no wonder most people forget at least one. Web applications aren’t stand-alone; they are built upon frameworks, upon platforms, upon core libraries, each of which could suffer from vulnerabilities you’re not only unaware of, you’re statistically unlikely to discover them all. Consider, for example, last year’s OpenSSL “Heartbleed” Bug.
We hear about security vulnerabilities every week, now it’s time to experience them. Find out what the leading concerns are, and the not so common ones too, and experience live demonstrations of how these attacks play out.
This presentation aims to arm you with the mindset, tools and resources to minimise the opportunities for attack, and to reduce the fallout when they succeed. From cross-site scripting and session hijacking to brute force and man-in-the-middle attacks, you’re expected to cover all your bases so the bad guys can’t use a single one.
Ben Dechrai is a technologist, teacher, author, presenter and hard-core privacy nut, but most of all, he is a passionate supporter of gigantic ideas, minds and goals.
An experienced PHP developer, Ben has used, taught and shared experience of the language since 1999, including aspects to security and best practice required to allow PHP to become an engineer’s tool, rather than the scripting language that has earned a poor reputation.
He is or has been an active member of the Open Source Developers’ Conference, Linux Users Victoria, Melbourne PHP Users Group and BarCampMelbourne.
Pak Yee, Koo
Deputy Head, Associate Systems (Engineering), BuzzCity Pte Ltd
PHP Memory & Garbage Collection
Many new developers come to PHP with preconceived ideas on how memory is used in PHP. This can lead to inefficient memory usage that can, in extreme cases, affect scalability and performance. My presentation will present some basic concepts about PHP memory allocation and garbage collection and deep dive to uncover common mistakes made by developers. Using an interactive format, developers will discover the powerful PHP memory management engine under the hood and hopefully write code that makes better use of resources and save the world.
With more than 5 years working experience in programming, I’m responsible for managing the core technologies of BuzzCity Advertising Network for publishers and advertisers. My expertise in PHP programming as well as MySQL helps in meeting the dynamic needs of the online advertising industry and extending BuzzCity Advertising Network to reach greater audiences.
Prior to joining BuzzCity, I developed a part of the chipset validation tool in INTEL Corp. and managed a web-based system for internal payroll in DELL Corp. I earned my Bachelor Degree in Computer Science from the University Malaysia Sabah, Kota Kinabalu, where I was awarded a Book Prize for outstanding achievement.
Senior Trainer, Inviqa
Why Your Test Suite Sucks
Many teams adopt TDD attracted by the promise of a more productive workflow, fewer regressions and higher code quality. Sometimes this goes wrong and these benefits do not materialise, despite a healthy-seeming test suite. In this talk we will look at what the common pitfalls of testing are, why teams fall into these traps, and they can dig themselves out.
In his role as Training Manager at Inviqa and Sensio Labs UK, Ciaran helps teams at all levels of ability improve via training and coaching. He has been a PHP professional since the late 90s and is passionate about TDD, BDD and Agile methodologies. He is lead maintainer of PhpSpec.
API Evangelist, MYOB
Automation changes conversation
As developers and technologists we all love automation. But it’s not just about making our lives easier and quicker – it changes tech and workplace culture. This talk discusses how workflow and deployment automation changed a slow moving and scared-to-change engineering team into a fast paced team who accidentally rebuilt their project thanks to automation.
This talk discusses the culture change experienced by an engineering team after implementing an automation-first approach to development. I share what we did, what changed and what we learned during the process with the aim to encourage and enable attendees to ‘try it at home’.
Jack Skinner is a Senior Web Developer turned API Evangelist who’s been coding over half his life.
During the evenings he’s found organising community tech events & conferences in Sydney, and teaching/mentoring at the University of Technology Sydney.
Jack is passionate about code, PHP and the wider tech community. He organises SydPHP (Sydney’s PHP User Group) and is dedicated to empowering developers to learn and grow their own personal strengths.
Developer Advocate, PayPal/Braintree
Once upon a time there was an API
Ever wanted to know the basics of how the PayPal and Braintree API’s and SDK’s work, and how they can be integrated into your code. In this session i will cover all of the PayPal and Braintree API’s and how they can be integrated. Come see how we can not only integrate but also deal with debugging.
Just to be a little different (and possibly a world first) this will be done with the help of a creatively written fairy tale and with the help of actors, yes actors, who will play the part of the various stages of the API calls from retrieving the token from the PayPal server to the completion of the transaction.
PayPal/Braintree Developer Advocate. The guy at Developersteve.com. A overall full stack geek developer tech-head able to code tall buildings in a single bound.
Developer Evangelist, AppDynamics
Performance Testing for Modern Apps
The performance of your application affects your business more than you might think. Top engineering organizations think of performance not as a nice-to-have, but as a crucial feature of their product. Unfortunately, most engineering teams do not regularly test the performance and scalability of their infrastructure. Dustin Whittle shares the latest techniques and tools for performance testing modern web and mobile applications. Join this session and learn how to capacity plan and evaluate performance and the scalability of the server-side through Siege, Bees with Machine Guns, and Locust.io. We will dive into modern performance testing on the client-side and how to leverage navigation/resource timing apis and tools like Google PageSpeed and SiteSpeed.io to understand the real world performance of your users. We will cover how HTTP2 and modern browsers change the game for performance optimization with new best practices. Take back an understanding of how to automate performance and load testing and evaluate the impact it has on performance and your business.
Dustin Whittle is a Developer Evangelist at AppDynamics where he focuses on helping organizations manage application performance. Before joining AppDynamics, Dustin was CTO at Kwarter, a consultant at SensioLabs, and developer evangelist at Yahoo!. He has experience building and leading engineering teams and working with developers and partners to drive platform adoption. When Dustin isn’t working he enjoys flying, sailing, diving, golfing, and traveling around the world. Find out more at dustinwhittle.com or follow him @dustinwhittle.
Corporate PHP Evangelist, Dynatrace
Improve Magento performance to drive higher conversions
Online shopping has become an important channel for retailers, and lots of businesses are even selling their products only in the web. High availability and performance is essential for user experience and the success of the eCommerce platform.
Magento is the most popular eCommerce platform. Quite a lot of extensions and plugins have been developed and made available to the community in the Magento Connect platform. However, picking all the bricks from the kit can easily result in a website that offers a lot of functionality and looks really cool, but actually performs very poorly, resulting in high bounce rates rather high conversion rates.
In this session I will share with you some best practices learned from a real-life Magento environment, how we identified and removed the performance bottlenecks, and created a stable and successful eCommerce platform.
Harald Zeitlhofer has 15+ years of experience as an architect and developer of enterprise ERP solutions and web applications with a main focus on efficient and performant business processes, usability and application design. As a Technology Strategist in Dynatrace’s Centre of Excellence he influences their APM product strategy by working closely with customers, driving their performance management and improvement at the front line. Harald is a frequent speaker at conferences and user groups around the world.
Design Engineer, Automattic
Writing PHP with React
For the past few years, waves of new front-end tools, libraries and frameworks have been crashing over the web industry.
React has arguably had the biggest impact of all of them. In a relatively short space of time React is now used extensively on an ever-increasing number of high-traffic websites including: Airbnb, BBC, Dropbox, Deezer, HipChat, Instagram, Netflix, Salesforce, Squarespace, The New York Times, Yahoo and Wired. Not to mention, we use it at Automattic with WordPress.com.
And it is no wonder. React is very powerful and allows developers and designers to rapidly build compelling user experiences.
Integrating React into a system built with PHP however remains quite difficult if, for example, the developer wants to incorporate server-side rendering without spinning up a Node server or installing PECL extensions.
This will be a talk covering aspects of combining React development techniques with a more traditional PHP workflow. Jack has had extensive experience of this within the world of WordPress and the upcoming core REST API, due to land in December of this year.
Jack Lenox is a Design Engineer on the Theme Division at Automattic. He has been building websites and web apps since he was 11 years old. He lives in the north of England where he enjoys mountain biking, skiing, appreciating great design and drinking good coffee.
Software Consultant, Roave, LLC.
Extremely defensive PHP
What if I told you that your carefully designed and tested code was fragile? What if I told you that you can trust nobody? What does “fragile” even mean? We are going to look at fragile code, fix it, and lastly learn about various Poka-Yoke techniques that make our code very hard to break.
Marco “Ocramius” Pivetta is a software consultant at Roave.
With over a decade of experience with PHP, he is part of the Zend Framework CR team, Doctrine core team, and is also active in the community as a mentor and supporter.
When not coding for work, he usually hacks together new concepts and open source libraries, or simply provides Q&A on IRC.
Software Engineer, BuzzCity Pte Ltd
Introduction to PHP Stream
PHP Stream is the underlying abstraction of many PHP protocols. People unknowingly use Stream whenever they open a file to read/write in PHP. A deeper understanding of Stream will help programmers in many of their common tasks.
I am currently a Software Engineer at BuzzCity where we use PHP extensively to serve over a billions ads all over the world daily. Being part of the Publisher Platforms team exposes me to the best technology in web and cloud computing. I obtained my degree in Mathematics and Economics from Nanyang Technological University with honours. In addition to coding, my area of interest is in software development methodologies such as Agile and DevOps.
Software Engineer, php.net / Microsoft
PHP7, HHVM and Co
PHP 7 is on track, 1st test releases are out, everyone work hard to get the next php major version out. Dozen of patches have reached the branch,amazing RFCs have been worked on and committed. Are you ready to migrate? Hopefully yes! If not and you still need to improve performances, then let take a look at the alternatives. Be full stack alternative PHP implementations like php or small additions to speedup the critical parts of your apps.
Pierre Joye is a PHP Core Developer and OSS contributor since more than a decade. He leads the PHP Windows support, main developer from LibGD and works on many OSS projects. After many years as Freelancer, Pierre works now with the Microsoft OpenSource technology Center in Redmond and in Germany.
Head of IT Dept., PT. Zion Internasional Niaga
Event Driven Application
In this talk I want to present Event Driven Application by using mediator pattern. It would help decouple your code but beware there are some cons by using this pattern such as hard to track if your apps grown bigger.
My name is Prasetyo Wicaksono, 23 years old from Indonesia. I’m ex-cracker (reverse engineer) under nick “Jowy”. I become an independent software security advisor early in my career. I learned PHP when I was in high school and I was truly starting to fall in love with PHP because it was easier to use compared to C or Assembly that I have learned before. In 2012 I was joined in company as the Head of IT Dept., in PT Zion International Niaga. I’m also founder and organizer of MalangPHP User Group.
Sr. Software Engineer, Etsy
Building a Scalable System for Tracking Shipping Packages
At Etsy, we track millions of packages daily that get shipped through several shipping carriers worldwide like USPS, FedEx, DHL and several others. Daily updates, from whether a shipping label has been created to whether a package is out for delivery — are in the order of millions.
Our goal with providing shipping tracking information to our members — both sellers and buyers — is to provide accurate, timely tracking data that answers the question “where is my package right now?”
Tracking packages is an example of a general class of problems that require getting frequent updates for large amounts of data. More importantly, as the Etsy marketplace grows, this data set becomes increasingly larger, posing the challenge of being able to flawlessly manage long term and sustained growth.
Using a combination of data sharding, sql, asynchronous processing, faux-queueing and batch processing, we’ve created an efficient, scalable, and resilient system built on existing infrastructure that needs minimal maintenance.
In this talk we will walk you through the problem definition, the architecture we built, and the metrics we use for monitoring the system.
Premshree Pillai is a senior engineer and has worked with Etsy for over four years, working on various infrastructure projects. In the past he helped build several products at Yahoo!, including Live, 360, and International Blogs.
Outside of work, Premshree loves to cook, take photos, read philosophy, travel, and understand history.
VIP wrangler, Automattic
Introduction to WordPress Security
We will go over some of the most common attack vectors in code and how to protect against them while you write or edit a theme or plugin.
- Escaping in WordPress
- SQL and Data sanitization
- Using Nonces to protect against CSRF
- WordPress and PHP Security Gotchas
Stéphane works for Automattic, the company behind WordPress.com as a VIP Engineer helping sites stay secure and optimized. He was formerly senior advisor for the Federal Liberal party for 4 years leading the party growth in online data acquisitions and donations.
Senior Software Engineer, SensioLabs UK
Modernising the Legacy
No one likes to work with the legacy projects – it’s not fun. There are no tests, the code base is a mess and you’re afraid to touch it. The customer may not have time or budget to spend on rewriting it from the scratch, but is likely to keep asking you for bug fixes and new features.
Learn how to work with the legacy code, how to add new features without breaking existing ones. Learn to use Symfony components to support building sustainable features.
Software Engineer at SensioLabs with over 10 years commercial experience building solutions with PHP and Symfony. TDD/BDD practitioner, DDD explorer.
Director, Ranosys Technologies Pte Ltd
PHP for enterprise systems
PHP can be of immense value for end-to-end enterprise applications – be it BPM solutions, SCM, eCommerce or Product Development. Robust, scalable and with varied frameworks and support, PHP offers rapid development and multiple advantages that make it ideal for enterprise systems. With faster development cycle and lesser time-to-market, PHP can facilitate lower total cost of ownership for businesses and build a competitive edge over others. In this talk, we shall explore how PHP can help you tackle the complexities of real-time business without compromising on performance and security.
Having studied business from University of Bradford and a PMP certified professional, I currently head business development at Ranosys Technologies Pte Ltd. As one of the founding members and Director of Ranosys, I have been an integral part of Ranosys’ journey from an exciting IT start-up to one of the leading IT solutions provider in Singapore. At Ranosys, we carry extensive experience in providing custom developments as well as off-the-shelf applications for enterprise-level systems and cover a vast arena of technologies for both. PHP is one of our core focus areas and I believe I can add significant value to the audience of the PHP Asia conference by drawing from our rich expertise in PHP. In my capacity as the business development head of Ranosys, I am largely involved in dealing with clients and securing business relationships across APAC, US, UK and Middle East. I understand the pulse of the customer, their unmet needs and pain-points faced in business and translate it into technological requirements. I recommend solutions to their problems and help them visualise how technology can conquer their challenges faced. Armed with this knowledge of the global business perspective, I know how PHP can be used in real-time business scenarios to help enterprises grow.
IBM Cloud Technical Evangelist, IBM
Building Smarter Applications Using Cognitive Computing
Cognitive computing can be broken down into several sub-classes, like machine learning, natural language processing, reasoning and decision making, big data analytics, etc., allowing the system to learn, reason and engage in a more natural personalised way.
Developers can now create smarter applications using a subset of these cognitive computing capabilities through services from Watson, reasoning on a corpus, and suggestion an answer that is “best” rather than “right”.
This talk will go through the basics of cognitive computing that can supplement your applications, and provide you with an insight into some interesting ideas that can be possible through these services.
Lead, Development & Test, SingTel
PHP and the Liberal Cloud
In the talk, I explain what it means to have a liberal cloud, its benefits and means to achieve it from a PHP perspective.
A liberal cloud is one that is vendor agnostic; where your application, workload and data can reside on any cloud vendor or multiple cloud vendor at the same time.
The direct benefits stemming from this liberty includes cost-efficiency (via the ability to move application, workload and data to the cheapest available public cloud vendor), improved resilience (the survivability of your application, workload and data does not depend on the SLA capability and commercial viability of any specific cloud vendor) and choice (you are not locked-in to a specific vendor, geographic location or proprietary tooling for any technical reason). The indirect benefits stem from the DevOps improvements made within your development, deployment and operations process to enable the use of the liberal cloud.
The liberal cloud is an approach to cloud computing where you package your source code or applications into small atomic units that can be executed with open-source, normalizing platforms. Data is stored on distributed databases. The liberal cloud can be achieved today using open-source means. The talk will go through a few of these tools using a simple PHP application as an example: HashiCorp’s suite of tools, Cloud Foundry & Puppet. The cons and pros of each tool will be made visible in the practical demonstration within the talk.
I am interested in software and cloud businesses. I currently lead the development of Singtel’s next-generation heterogenous cloud tools.
Academically, I hold a First class honours degree in Software Engineering (Sheffield) and a MBA (Imperial College).
I am the lead maintainer of Gmagick, a PHP extension and am really happy to walk around in slippers on a hard-earned weekend.