PHP NW – 2008 Post Conference Report

As an SEO specialist, I tend to do a lot of on-page optimisation with dynamic sites and the language of choice is usually PHP. I was lucky enough to attend the PHP North West 2008 conference where there was an interesting line-up of seminars, discussion and exhibition stands all devoted to the scripting language PHP.

The highlights of the day were talks on usability the Zend framework, which is essentially a modular coding system which allows you to write complicated applications in PHP without having to rewrite modules for essential tasks. The Zend framework has components for managing databases, authentication and session management, mail management and many core components including cache, debugging and validation.

The next session I attended was about what is new in PHP 5.3. I am just getting to grips with PHP 5.2! However, while a lot of the minutia of the discussion went above my head, the hard-core programmers seemed to be very excited at the prospect of namespaces and PHAR files.

After lunch, I went to two half-hour seminars on the using Drupal, a content management system, where the presenters changed a static web site into a drupal powered web site to show the versitility and power of Drupal.

The second half-of the hour was a talk on HTML 5 and how it is going to improve the web by bringing greater standards but still rendering the existing 90% of poorly coded web sites in a consistent fashion. At present each browser makes its own attempt at what the code should mean if it is poorly written. In HTML 5 browsers will render the mistakes in the same way.

For me the final talk was the most interesting and it was certain the most packed, with many people standing. It was about how PHP can be used to test web sites for security. It went into a lot of detail about common methods that hackers use exploit PHP to attack MySQL databases, create denial of service attacks by making the server do a lot of extra work and how using the shell to gain control of the server which would essentially mean you can do what you want with it. While extremely insightful it also showed how php can be used to defend against these exploits.