There’s nothing as universally controversial in this world as change. Change can be (in aggregate) for the better or for the worse, yet people will always be split down the middle. Some will believe that the change is a good thing, and others will see it as a bad thing. Often your view points will be dictated by your perspective and how the change will directly effect you. When it comes to software projects and change, what’s the right thing to do?

Almost two years ago I had stumbled upon a pretty significant vulnerability in the StackExchange network. I say stumbled, because I wasn’t actually trying to attack the site. Circumstance just showed me a door. The actual attack is pretty interesting, and it holds a lesson for everybody who builds or maintains websites or server infrastructure. So here’s the story on how I hacked StackOverflow…

Last weekend I was at the True North PHP conference in Toronto, Canada. Aside from being an incredible experience (really, it was an incredible conference, huge props to Chris Hartjes (@grmpyprogrammer) and Peter Meth (@mrpmeth)), it was an inspiration. I was particularly inspired by both of the keynote speakers. They both really took really unique spins on programming and how the culture of open source inspires, enables and empowers programmers to do cool and important things. The problem with all of this is that I hate the term programmer. I think it unfairly paints a picture of what we do. Let me elaborate.

This afternoon, I gave another talk at TrueNorth PHP. The talk is a version of a previous talk that I gave on Object Oriented Design. I’ve changed it significantly, so here are the slides.

This morning, I gave a talk at TrueNorth PHP. The talk was aimed at explaining the basics of Cryptography as needed for the average developer. It is intended to give a high level understanding of cryptography and cryptographic techniques. So, with no further adue, here’s the slides:

Last week, I was at PHP North West. The conference was incredible to say the least. One of the best I’ve been to in a very long time. But to the point of this post, I did an unconference talk about password hashing in PHP. Since I had my camera with me, I also took video of it. So included in this post is both the slides from the talk, and the video of the talk. So, with no further adue:

Well, I know it’s been a while since my last post here. I’ve been keeping busy (but also working on some cool stuff for you all, when the time is right). I figured that it was worth while pointing out a few upcoming talks that I’m going to be giving and conferences that I’ll be attending.

In recent months, a number of new frameworks have cropped up for PHP as PECL extensions (Including YAF and PhalconPHP). They promise to provide huge performance gains and lower resource usage for PHP applications. On the surface, they appear to be incredible tools for improving development. But they aren’t all they are cracked up to be. In fact, I would argue that they are actually not necessary at all.

Yesterday, I got in an interesting conversation on twitter about object scopes and what constitutes a global scope. The discussion started around a piece of code that I stumbled upon from Fuel 2.0. I am a firm believer that service containers are not a form of Dependency Injection, and are only slightly better than global variables. That led me to make a few comments that elicited a reply from two Fuel developers. That led to a rather interesting debate that just couldn’t fit into 140 characters… So I’m going to go into topics that are tightly related: variable scoping and service locators.

I had the pleasure of attending the North East PHP conference this weekend. I’ve attended a lot of conferences over the years, but I found this one to be one of the most enjoyable ones that I’ve ever attended. On my drive home (4.5 hours in a car gives you a lot of time to think), I was thinking about what made it such an enjoyable time. Here’s what I’ve come up with goes into making a good conference.