Code development track

We seem to be addicted to complexity and often fail to find the simple and obvious solutions to problems. This hurts performance, scalability and security and perhaps other things too?

Overview

Relational databases store, index, and retrieve data using using predictable patterns. Indexing data well -- but not excessively -- requires understanding indexing overhead and usage by query execution planners.

But, even the perfect indexing plan layered on top of existing tables cannot satisfy all needs: relational databases have significant limitations for indexing data. Particularly, they cannot index data across multiple tables. While Oracle and Microsoft SQL Server provide some in-built tools (materialized views and indexed views) for alleviating this limitation, users of open-source databases like MySQL and PostgreSQL must consolidate and preprocess data to scale popular services.

The Denormalization API streamlines the process of consolidating node data into tables structured for radical scalability.

Agenda

* How is Drupal data stored?
* Overview of indexing tables
* Index data structures
* Query execution plans and indexes
* What is denormalization, and why is it necessary?
* Typical hurdles for implementing denormalization
* Using the Denormalization API

Goals

Attendees should leave with an understanding of the benefits and caveats of indexing and denormalizing data. And, if they choose to denormalize, how the Denormalization API can streamline the work.

Resources

Attendees should be familiar with Drupal's node system, SQL, and basic database administration.

Overview

Analysts estimate that 75% of attacks against web servers enter at the application, not the network level. And as many as 15% of these attacks are due to poor coding practices. With the help of well known security firms, We'll discuss ways to secure your Drupal application.

Agenda

* See For Yourself - demonstrations of application attacks
* Case Study: Secrets to Securing a Social Network
* Key Habits of Secure Drupal Coding
* Vulnerability Detection to Remediation
* Security Resources for Drupal Applications
* Discussions

Goals

You will learn best practices you can employ right now to build secure Drupal Application code that meets security compliance standards and maintain customer confidence.

Overview

In this second session on jQuery we plan to focus on Drupal-specific usage and also on more advanced topics such as effective debugging of js code and adding AJAX functionality.

Agenda

* How Drupal and jQuery relate to each other
* The Drupal js object
* AJAXifying Drupal with jQuery
* AHAH and Drag&Drop

Goals

By the end of this session, attendees will understand the fundamentals of how jQuery and Drupal work together; they will have learned some best practices regarding the use of jQuery in Drupal and be able to add AJAX, AHAH and Drag&Drop functionality to their modules (the latter two for Drupal 6 only!)

Resources

Prior knowledge of jQuery basics or attendance at the first session recommended. Attendees should also be familiar with basic Drupal module development.

Overview

Drupal is very modular "horizontally". You can add modules that inject themselves all over the place to add to the workflow of the page request. However, too many subsystems are inter-related, making it very difficult to separate out and modify one part of the system. Drupal is simply not as modular as it could be, nor as it needs to be.

Better separation between systems would allow for more rapid development, easier testing, greater flexibility, and at least 23% more awesome per square meter.

This hybrid lecture/brainstorm session will examine one proposal for further modularity, Handler objects. Working module code will be included.

Agenda

* Discuss the benefits and limitations of Drupal's hook architecture.
* Introduce a new extension mechanism, handler objects.
* Demonstrate existing uses for handler objects, including inspiration from Views and Panels.
* Discuss a broader vision for where Handler objects could go to transform Drupal.
* Open discussion.

Goals

This session is essentially a meat-space RFC. If all goes well, attendees will come away with lots of new ideas and the presenter will come away with lots of feedback. Best case, we'll have an awesome new roadmap for Drupal architecture. Worst case, attendees will get to see a nifty new module they can use.

Resources

Handlers as discussed in this session are an evolution of the concept documented in this article, after further discussion with other Drupal gurus. Familiarity with that writeup is encouraged, but not required.

The module is now available if you want to look it over before the session!

Overview

Drupal module development is a bit like playing Zork. Anyone can play the game, walk around a while, score some points, get eaten by a grue, and try again. Even the most stalwart adventurer will need some help if he is to seriously improve his game. Otherwise, he'll get fed up with Zork and return to playing Duck Hunt.

So it is with module development. You've setup a Drupal site. You've used some contributed modules. You've tweaked some to your liking and even written a couple from scratch... but you need to know how to improve your game before you get frustrated or waste all your time making the same mistakes. Yes... there are plenty of mistakes to be made, and we've made quite a few of them ourselves.

Expect more classic gaming references in this session, but more importantly expect to learn about the things we've done wrong and the things we're starting to do right in our Drupal module development (primarily Ubercart).

This session will be geared toward beginning and intermediate Drupal developers looking to learn more about the module development process and "best practices" that go beyond (but certainly include!) simple adherence to coding and security standards. We will cover the tools we use, the module structures we like to stick by, and how we make the most of our first pass at a module. More importantly, we'll look at code that works with some of the harder to understand parts of the Drupal API, and we'll look at writing modules that integrate not just with Drupal but with other contributed modules like Ubercart and Views.

Sounds like a lot, eh? We think so, too. However, we'll be presenting the information in the following format to try and disseminate as much knowledge as possible:

A Hands-On Guide to Module Development will be an informal lecture session where we say our opening words and move into a time of hands-on learning. Those with laptops can follow along with code examples as we work through the development of a module that demonstrates the topics mentioned above. We'll be accepting quick questions as we go along and use any time at the end to take more questions and hopefully provide some helpful answers.

As always, if we can't get to you in the session, feel free to stop us in the halls or find us around Drupaltown and get your learn on.

We're open to collaborators interested in the topic and the format. Interested developers should contact Ryan or Lyle (Island Usurper). If you just want to contribute your module development best practices, we'd love to have a nice happy list for folks to use as a reference coming out of this session.

Agenda

* Introductory words
* Getting ready to code - think first
* Where to start with a blank file
* Writing those first hooks and callbacks
* Writing smart functions
* Documenting as you go!
* Grokking some more Drupal hooks:
   - hook_form_alter()
   - ... (to be determined)
* Hooking into contributed modules:
   - Ubercart
   - Views
   - ... (to be determined)
* What to do when you're "done" ; )

Goals

Attendees should leave with a greater sense of what it takes to develop Drupal modules successfully. There's no way to pass on a comprehensive understanding of what we know or get to cover, and that is a subset of all there is to know about module development. However, every little bit helps, so we'll try to pass on as many little bits as we can!

We want to help move as many beginner developers as possible toward the intermediate level and entice those intermediate developers to become the experts we know they can be.

Resources

* Drupal 6
* http://api.drupal.org
* http://drupal.org/project/ubercart
* http://drupal.org/project/views
* http://www.infocom-if.org/downloads/downloads.html

We will include a downloadable zip of code examples for session attendees to use to follow along as we write the module, discuss the code, and discuss how we got there.

Overview

This session, run by the authors of Organic Groups and Domain Access, will give an introduction to the workings of Drupal's node access system.

Agenda

* What is Node Access?
* How does it work?
* What modules provide node access?
* Exploring the current API
** Enabling node access
** Defining access realms
** Defining access grants
** hook_node_access_records()
** hook_node_grants()
** db_rewrite_sql()
** Changes from D5 to D6
* Common problems and issues
* Best practices for using node access

Goals

New users should come away with an understanding of the features and limitations of the node access system. Programmers should come away with the ability to write a node access module, using the existing API. Everyone should come away thinking about how to make the system better.

Resources

See the node acccess example module for background.

Overview

The Code Review module (aka coder) is a useful tool for module and theme developers. It allows developers to ensure that their code meets the Drupal coding standards and also assists them in upgrading to newer versions of Drupal. If you write or maintain code (mostly modules, but themes too), you should be using this module.

Agenda
* Discussion of Common Style Problems that Coder identifies for you.
* We’ll run Coder on a module.
* We’ll show how to setup Coder to run it on ALL your modules.
* Overview of using Coder for upgrading modules to Drupal 6, including some examples.
* How to submit coder rules and help make Coder better.
* Floor Discussion on the direction Coder should take.
* Q&A session.

Goals
By the end of this session, attendees will have a good grounding in what the Coder module does and how they can use it to improve their modules / themes.

Resources
Attendees should already be familiar with basic Drupal module development.
* Coder project page - http://drupal.org/project/coder
* Drupal Coding Standards - http://drupal.org/node/318
* Converting 5.x modules to 6.x - http://drupal.org/node/114774
* Writing Coder Rules - http://drupal.org/node/144172

Overview

Tuning the Drupal stack continues to be an exciting combination of science and art. New options for cloud computing and infrastructure services like content distribution networks allow performance load to be distributed. The art of offering your users the right combination of features without creating a performance impact is a design challenge.

Agenda

* Performance tuning the Drupal stack
* Tuning images, CSS, Javascript for front end optimization
* Outsourcing your performance load
* Performance load testing
* Scalable architectures for peak loads
* Performance improvements in Drupal 6 and Drupal 7

Goals

The goal of this session is to learn best practices from a panel Drupal performance experts. We will review the latest tools, techniques, and architectures for ensuring your Drupal site stays fast and can scale under a variety of of loads.

Resources

http://groups.drupal.org/high-performance
http://groups.drupal.org/node/12823

Overview
The MySQL Server is a very widely used open source database system and often used as the storage backend for Drupal sites.
Creating backups and maintaining a secure installations are two very common tasks for any Drupal administrator.

In this talk, Lenz will provide useful hints and suggestions on how to improve the security of a MySQL installation and how to properly perform backups of the databases and tables. The session will cover both tools that are included in the MySQL server/distribution as well as common tools/facilities provided by the operating system (Linux in particular).

Agenda

• Improving MySQL Server security
  • On the server side
  • On the OS level
• MySQL Backup methods
  • Logical
  • Physical

Goals
Users attending this session should take home some useful hints on how to secure their MySQL installations and how to perform proper backup.