For information on exhibition and sponsorship opportunities at the convention, contact Sharon Cordesse at email@example.com
Download the OSCON Sponsor/Exhibitor Prospectus
View a complete list of OSCON contacts
Most of the time, auditing PHP code is done manually. One need to read the code to understand it, and find flaws (security, business, quality…)
Static analysis takes over manual auditing by providing means to search all the code, without leaving a stone unturned : it still needs to do this according to direction.
During this session, we’ll cover the use an open static analysis tool, also known as cornac, that will provide us invaluable information such as : PHP 5.3 compabitility, security flaws, inclusion tree, unused variables and arguments, GPC manipulations, stange names and classes inventories.
This is the best way to take a look at one’s code with hindsight. We’ll share with the audience code metrics and must-check structures of code.
Damien Seguy is a LAMP consultant.
Damien coaches large teams about industrialisation and security. He works actively in the field of performances and technology study to startup and large institutions in France. He is also co-author of several books, Zend Certifications, phather of the elePHPant plush toy. He founded AFUP and PHP Québec.
Comments on this page are now closed.