Code development track

Overview
MySQL is a popular open source database system and often used as the backend for Drupal installations. This session will give an overview about different solutions and technologies available to make a MySQL Server system highly available.

After the theoretical part, a practical demonstration of a HA cluster for Drupal will be performed. With the help of Red Hat Cluster Suite, we will build a HA solution using MySQL replication. If time permits, we will then extend the solution to use shared storage device.

Agenda

• Introduction to HA, Terminology and general concepts
• Overview: MySQL HA solutions
• Replication: Topologies
• Heartbeat, Block device replication (DRBD)
• Shared storage/SAN
• MySQL Cluster
• MySQL Proxy
• Open HA Cluster
• Red Hat Cluster Suite (incl. practical demonstration)

Goals
Attendees will gain more insight into how MySQL Server setups can be made more fault-tolerant and how to ensure high availability. The practical part will provide an insight into how the RHEL Cluster Suite works, what you need to build a High Availability solution and configuration basics.

Overview

Panels2 is a powerful system for organizing and marshaling drupal sites, but the API has a steep learning curve. This session is about breaking the API down into manageable pieces. So, if you've ever wanted to:

• 'Panelize' your modules, like what og_panels has done,
• Extend Panels by writing new plugins that add new pane types, new styles, new layouts, new contexts, etc.,
• Get an authoritative overview of all the ways your modules hook into and take advantage of the Panels API,
• Toss some of your Panels-implementing ideas out and get feedback on them right on the spot,

then this may be the session for you! We'll divide the 90 minutes into two parts:

In the first half, Sam Boyer (sdboyer) will provide a fast-but-structured overview of how the Panels API works, and where your module can plug in.

In the second half, participants will be free to ask questions about techniques and approaches to implementing the Panels API; Sam (and/or other participants) will respond with comments & suggestions on how to bend Panels to your particular module's need.

Agenda

• Provide and quickly run through handouts that overview the Panels API. Lots of space for notes!
• Quick overview (with visuals) of how the Panels API handles editing and rendering.
• Overview of the general logic behind the Panels plugin system. We'll also cover panels-specific hooks.
• Open it up for questions.
• When we're down to 5 minutes, Sam will stop the action and record any questions that haven't yet been answered; we'll do our best to answer those questions in public & online later on.

Goals

Panels is a complicated beast; trying to cover the API in detail would be an exercise in futility. Instead, this session should provide participants with a framework for approach Panels in a productive way. Each half of the session should do that in a different way:

• The first half will provide a working understanding of Panels' various moving parts, and when and where you can hook in.
• The second half will provide concrete examples of how people are thinking of implementing Panels, and Sam's answers will suggest how to go about approaching each of those ideas.

Ideally, the combination of the two should provide all participants with a decent grounding in how to 'Panelize' drupal.

Resources

The only thing people need to bring is IDEAS! The second half will crash and burn if people don't bring big thoughts on how to implement Panels in new and different ways.

Important Note: this session is primarily geared towards developers writing modules that are or will be kept in the official Drupal CVS repository. If you have client-specific Panels needs that are unlikely to be genericized for use by the whole drupal community, please find another venue to raise those questions.

Overview

User experience (UX) can be defined as “the overall experience and satisfaction a user has when using a product or system.” A product’s UX affects a user’s interest, ability, and enjoyment when using a product. If a product’s UX sucks, people will not use it if they have a choice or hate using it if they do not.

Well, programmers are people, too. When creating a software product like Drupal that is intended to be used by other developers, the UX includes the experience of those developers as they write code for the product.

Since developers face different kinds of issues than the end users of the product, it is useful to consider Development Experience (DX) distinctly from UX. DX might be defined as “the overall experience, satisfaction, and efficiency a software developer has when using a software development platform.”

In this workshop, we'll brainstorm about ways that Drupal's Developer Experience can be improved.

Agenda

* Why Developer Experience matters
* Open discussion of how Drupal's DX can be improved.

Suggestions I'll bring the workshop include using defined names instead of anonymous constants, abandoning anonymous arrays in favor of typed data structures, and replacing form submit handlers with API functions. Please bring your own!

Goals

We'll come up with a list of proposed coding style directions or improvements for Drupal 7+ and contrib modules that will make Drupal a much more enjoyable and efficient platform for which to develop.

Resources

Anyone familiar with Drupal development is qualified and encouraged to attend. In many ways the less experienced you are, the better, as you will not already be indoctrinated into The Drupal Way of doing things.

Overview

Most Drupal security vulnerabilities are discovered via manual code reviews or by accident. This session will introduce two automated approaches to detecting Cross-Site Scripting (XSS) and SQL Injection (SQLi) security vulnerabilities and present progress to date in applying them to Drupal.

Dynamic Analysis, or "data tainting," involves tagging actual data within a running program received from untrusted sources as "tainted," propagating the taintedness to any data derived from tainted data, and detecting when tainted data is used in dangerous circumstances. For example, data tainting would detect when any data derived from unsanitized GET request parameters is outputted within HTML.

Static Analysis involves performing data-flow analysis directly on source code to detect when certain kinds of security vulnerabilities are possible. Like Dynamic Analysis it uses a data tainting model but instead of operating within a live running program on real data it studies all possible code paths within a program to identify potential problems.

Agenda

* Conceptual introduction to Dynamic Analysis and Static Analysis
* Advantages and disadvantages of each approach
* Current progress and results with Drupal
** System-wide data tainting using Taint PHP
** Using the Schema API for accurate database tainting
** Development of Taint Trace for easier debugging
** "Run-time static analysis" of Drupal Input Formats

Goals

Attendees will learn how Static and Dynamic Analysis can work to improve program security by automatically detecting XSS and SQLi vulnerabilities.

Resources

This session requires only basic PHP development skills. All Drupal module developers are qualified and encouraged to attend.

Overview

This session is made for folks that are new to coding in general or new to Drupal coding in particular. We'll start off with some basic discussion about working with Drupal as a framework and what that even means. Then we will go through an overview of how Drupal's framework is set up and the various APIs and systems you can work with. This is specifically targeted at people who do not know what FAPI or a "hook" is and are trying to wrap their head around these new concepts. We'll finish up with community resources to help you on your coding journey. The only prerequisite is a curious mind. You don't have to be a l33t hax0r.

Topics to be covered

- How is coding with Drupal different from plain PHP/MySQL?
- Overview of Drupal code base
- What is a hook?
- What is the theme system?
- What is FAPI?
- What is the menu system?
- What about database stuff?
- Coding standards
- Security
- How to learn/get help

Goals

Give people a strong foundation in Drupal concepts from a code perspective as well as pointers to good resources for continued learning.

Overview

The Drupal 6 menu system has a fundamentally different architecture from what was present in Drupal 5. This session is designed to highlight the key features of the new system, and give some code-level examples of how to use them well and what to avoid.

Agenda

* How does Drupal 6 serve paths and render links
* When are the menu hooks called
* When to define a router item
* Examples of bad code
* Examples of good code
* Advanced tricks and tips

Goals

By the end of this session I hope you will have thrown off the shackles of your Drupal-5-based thinking about the menu system and be ready to use the features and be aware of the limitations of the Drupal 6 menu system.

Resources

You should be familiar with writing a hook_menu implementation and preferably the {menu_router} and {menu_links} tables to get the most of this session

Overview

So now that you understand the basics of testing, it's time to put that knowledge to the test (heh, heh) -- and win awesome prizes!

This session is a working session for all developers to come and have fun writing tests. If you know any PHP, this session is for you!

Agenda

* All attendees break into pairs.
* Hand-outs with testing instructions will be provided, and experts on hand to run around answering questions.
* Index cards are provided with a list of Drupal core functions on them that lack tests.
* Run up, grab a card, sit down and write a test with your partner.
* When it's done, submit a patch, grab another card.
* Dorky prizes will be given away for things like most tests written, most well-written test ;), craziest function that had to be tested, etc.

Goals

The goal of this session is to provide a fun environment for people to learn the ropes of testing and contributing to core, to work directly with some of the big names in the Drupal community, and possibly to even get some actual work done! ;)

Resources

While not mandatory, you'll have an easier time in this session if you're familiar with the basics of testing. Luckily, Testing, part 1: Intro to testing will give you all the tools you need. :)

Overview

Testing saves time, allows you to provide code-level checking for your clients' crazy requirements, documents how your code is supposed to work, frees you to refactor your code without fear of breaking things, and ensures you never get the same bug twice. Sounds great! But how do you get started?

This session will provide an intro to testing for developers who've never touched it before, in preparation for Testing, part 2: Crazy testing party!

Agenda
* What is testing?
* Why is it awesome?
* What tools do I need?
* How does it work?
* How do I write tests?

Goals

Attendees will leave this session with an understanding of how testing works at a broad level, and how to write a basic test. They'll be provided with hand-outs with more detailed information.

Resources

* http://drupal.org/simpletest
* http://www.lullabot.com/articles/introduction-unit-testing
* http://cwgordon.com/how-to-write-automated-tests-for-drupal

Overview
This is the first of two sessions on the use of jQuery in Drupal and will cover basic jQuery syntax and usage. It will also answer questions such as "Why jQuery?", comparing it with other popular js libraries, and provide visual demonstrations of what can be done with it in Drupal modules.

Agenda
* What is jQuery
* Showcase of jQuery functionality
* How do I use it?
* Debugging JavaScript with Firebug

Goals

By the end of this session, attendees will have an understanding of the power of jQuery to enhance the web experience as well as a thorough grounding in the fundamentals of its syntax and usage.

Resources
No prior knowledge of jQuery is needed for this session but an understanding of JavaScript fundamentals would be advantageous.

Overview

Drupal is often compared with other CMS products, but the true power of the platform is realised when you compare with web application development frameworks. Drupal, as a set of APIs, is a viable choice as a framework for developing powerful web apps.

Agenda

* Web Framework features overview
* Drupal APIs and Modules for Web Application development
* Case studies: present two web apps developed using Drupal

Goals

Explore Drupal as a framework for Web Application development with a couple of Case Studies.