Just got back from the City of Ginormous Escalators, aka Washington, DC. I was there for The 2006 DC PHP Conference. To the right is picture of a typical escalator to the Metro subway system.
The conference was pretty small; about 80 people; in two small-ish conference rooms in the hotel. But everyone was great. Conferences are all about the people anyway. With the small crowd, it meant being able to spend time with a significant percentage of the people there. It was a mix of PHP thought leaders, everyday PHP programmers, and, since it was based in DC, a lot of folks focused on the unique industry that is DC - government.
Here's some notes ...
Writing Maintainable Code with PHP by Laura Thomson of OmniTI. Pretty much standard fare for an old programmer like me, but good info for new folk. And it never hurts to hear this stuff again. Recommended the PEAR coding standards; arghhh ... spaces instead of tabs ...
PHP Security Testing by Chris Shiflett of OmniTI. This was good; I don't think I've ever really thought about using a test framework specifically for security testing, but it obviously makes a lot of sense. I mean, we always test for cases we know will fail, or are likely to cause problems, as well as for cases we know will succeed. But I've never specifically thought about testing for security. Mentioned Selenium, which I've heard of but know nothing about. Note to self, check it out. Chris also gave a talk on general security vulnerabilities and attacks against them, which I couldn't attend.
ext/soap with eBay Web Services by Adam Trachtenberg of eBay. Fascinating. Numbers: 59% of eBay listings are created from their WS APIs rather than through the web ui. One million WS requests a day. 100K sellers using 3rd party tools that use the WS. eBay wsdl file is 3Mb (the huge wsdl contains human-consumable documentation on the APIs (like JavaDoc)). New version of the APIs roll out every week, and each lasts a year or so, and there are separate APIs for different parts of the world; meaning hundreds of versions of the API are available simultaneously (but they don't change all that much). Showed how to build https://www.dudewheresmyusedcar.com/. This was the first positive thing I've heard w/r/t WS-* in a long time. That's great. It's good to see people using this stuff in practical ways. I'm still not convinced it's the best answer though. Side note: Adam asked early on how many people have sold stuff on eBay, and I was embarassed to not be able to raise my hand. So I found something to sell: A pre-owned Metro FareCard.
High Volume PHP & MySQL Scaling Techniques by Eli White of digg. Went over typical clustering techniques, most of which I'm basically familiar with, although memcached, I'm not. Talked about database shards, a term I've not heard of before, but the concept I'm very familiar with. None the less, I can't help associating the term "shard" with a scene with Philip Seymour Hoffman from Along Came Polly; discretion prevents me from explaining more. Eli also presented Top PHP Feautures You Didn't Know Existed, but I was sitting in the virtual parking lot that is I-95 South in Northern Virginia on a Friday afternoon instead of attending. Like my eBay n00by-ness, I don't read digg much, so I just added it to my blogroll. Gotta keep up with the kewl kids!
Rasmus Lerdorf did two presentations in one; one was "Yes, PHP is ugly, get over it. Go solve some problems." The other was the Getting Rich with PHP 5. The first was definitely a pep-rally speech, but you know, I need one of those every now and again with PHP. The second one talked about valgrind/callgrind. Need to look into these.
Enabling Digital Identity by David Recordon of Versign. This was great; I knew almost nothing about OpenID before, and now I know ... something. Anything to get the nastiness of maintaining an authentication system yourself is a big win, as far as I'm concerned. Went ahead and created an account at https://pip.verisignlabs.com/, now I just need to figure out what to do with it. Also need to look further into Yahoo's Browser-Based Authentication thing.
- General non-interest in frameworks
- Too much PHP, not enough C code (performance issues)
I was in total commiserate mode on this. Good frameworks are great, but they take a while to become good. Before that, they're not so good. Do stuff you don't want. Hard to debug. etc, etc. Maybe I'm just frameworked-out at the moment. There's also some confusion in the air; people call Zend Framework a framework, but it's really just a bag of useful classes and functions. CakePHP and symfony and RoR are frameworks.
- Hard to hire good PHP programmers
I think this is true in general, it's hard to hire good programmers; but PHP has a special problem in that the language is so approachable that lots of people can 'learn' it, or enough of it to be dangerous, and not really be ... programmers.
- REST payloads are XML.
I saw this in multiple presentations; REST and XML in close proximity to each other. That's too bad, since adding XML to the REST story just unneccessarily complicates things. JSON == good.
- Web services are only for server-to-server communication.
Not sure what web browser-to-server communication is, if it's not web services, but there you have it. I was really dumb-founded by this. What is XmlHttpRequest if not a web service? It's time for some serious head-shaping, if people think they can't reuse what they're using between clients and servers, for what they're using between servers and servers.