Rasmus Lerdorf

CMS: all

Thursday - 9:00am - Thursday - 10:00am

Description:

Performance and security has been on my mind a lot lately, so that is going to be the focus of this talk. You can't speed up your application unless you know why and where it is slow, so I'll review a couple of profiling tools, Valgrind+Callgrind and XDebug.

And on the security front XSS and XSRF has been a thorn in the side of the web for years now. The new Filter extension in PHP is one approach to alleviating this pain point, but there is much more to it than that. I'll show some very common mistakes people make and tie it to the real world by showing a vulnerability in each of the projects represented at OSCMS this year. If I can find one in each, that is, we'll see.

Lead by: