php|tek09: Day #1

Tutorial day at php|tek! The day begun with a PHP Breakfast, where I met guys like Matthew Weier O’Phinney and saw the guys from yesterday as well. After that I moved on to registration and got my tek swag on!

The first session I attended was a Security Bootcamp by Christian Wenz (@chwenz) where we analysed some security issues and sample applications, going over some of the basics of PHP security and look at some of the most active players today like XSS and CSRF. It was interesting and refreshing, an overall great tutorial for people looking for the light at the end of a security tunnel, or at least to learn what holes to look for in their applications.

After that we had lunch, cortesy of MTACon. And the afternoon was ready for a kick off with a awesome session, PHP Code Review with Sebastan Bergmann, Arne Blankerts and Stefan Priebsch. This session was an eye opener and loads of fun. Basically we pickup php frameworks and apps, like Habari, Magento and such and look at the code to find the bad, the ugly and the down right down outrageous. The kid of stuff we found in some apps was simply amazing, from major security issues in Habari to insanelly pointless code in magento. This session was very interactive and pointed out a whole bunch of things we should avoid on a daily basis.

After the sessions we headed over to get some official and famous Chicago Stuffed Pizza at Giordano’s, it is definativelly aproved! So dinner with 40 PHPers ended up back in the hotel fomr some Hockey and Basketball surrounded by PHP talk.

Ready for the first oficial day of php|tek. By the way… we got some great shirt swag at the conf.. bring money! buy shirts!

Pictures on Flickr:

Update: Seems the security issue is not major, as it occurs only during installation. It is however still a security issue and a violation of the “filter all input” mantra.

comments powered by Disqus

Related Posts

Estendendo o Smarty: TinyMCE

Estendendo o Smarty: TinyMCE

  • March 12, 2007

(Nota: sim estender não extender)

Uso, e recomendo, a utilização do Smarty em qualquer projeto PHP. Porque?

Bem tenho inúmeros motivos para fazer esta recomendação, mas neste post vou me limitar a apenas citar alguns, pois não é o objetivo.

  1. Separar PHP e HTML: código limpo, manutenção fácil
  2. Code e Layout em paralelo: agilidade no trabalho em equipe
  3. Funções de maquiagem: formatar data, wordwrap, funções que dizem respeito a visualização, ficam na visualização
  4. Funções customizadas: estender o Smarty é simples e útil

É neste ponto, o número 4 que vou focar este post, utilizando o tinyMCE como exemplo.

Read More
PHP Conf Brasil 2006: Entrevista

PHP Conf Brasil 2006: Entrevista

  • December 22, 2006

Foi publicada hoje no site da ProPHP a entrevista que dei para um dos membros da organização do evento, o Ricardo Striquer.

Read More
PHP5 - 5 curiosidades

PHP5 - 5 curiosidades

  • July 26, 2006

Gregory Szorc postou no seu blog um artigo curto mais interessante sobre PHP.

Read More