Sessions at WordCamp San Francisco 2011 on Saturday 13th August

Ian explains just what the heck WordPress Post Formats are and why they’re so awesome. Come and find out how to take advantage of that awesomeness and how easy it is to save your WordPress Themes from boring monotony.

All software has bugs. What sets a great developer apart is how effective they are at tackling them. But even the best can get tripped up, spending hours searching in vain for a bug, and even longer contemplating the proper fix. In this talk, learn the best tools and strategies for finding and fixing bugs in plugins, themes, and even core. We’ll discuss what the common pitfalls look like so you can learn to avoid them. They say that with enough eyes, all bugs are shallow — but if you don’t know where or how to look, you’ll never break the surface.

There is no single correct way to write a web application. For WordPress core developers, few (if any) decisions are trivial. Balancing feature development, iteration, and deadlines (everyone’s favorite) is rocket surgery. Our code runs on a large stage — with tens of millions of users and tens of thousands of developers, we consider every change carefully.

We’ll discuss the factors that inform WordPress core development decisions, and development principles that can improve your own web application.

This talk will discuss how designers can take control of their designs with version control. It will give an overview of popular version control systems, why designers should start using version control, and when and how designers will need to use version control in the WordPress community.

Improved browser support of CSS3 has allowed us to build a richer web with visual treatments like rounded corners, animations, transformations, gradients, transparency and drop-shadows. But with great power comes great responsibility. Just because you can add a skewed animated rainbow with drop shadow to your site doesn’t mean you should. In this session we’ll look at what’s really cool (pun intended) in CSS3 by making snow with CSS3. You’ll have to restrain yourself, though. Yes, we’ll cover transitions, transforms, keyframes and more. But just because you can, doesn’t mean you should.

The web is replete with “widgets” embedded into sites but hosted by external parties (witness: Google Maps, Facebook Social Plugins). Some of the best uses of these widgets require the various widgets to communicate with the embedding site or even with each other. Without a secure communication channel, though, these widgets can expose sensitive information or capabilities to malicious parties eavesdropping, spoofing, or manipulating that communication.

window.postMessage() [1] gives modern browsers a secure and convenient communication channel. Unfortunately, a significant portion of internet users are browsing with non-modern browsers [2].

The traditional method of communicating between iframes is via updating the target frame’s URL fragment (a.k.a. #hash). This method can be made secure, but naive implementations (of which there are legion) are open to spoofing and eavesdropping.

This talk will describe the Needham-Schroeder-Lowe protocol, a well-known security protocol, and show the protocol’s ability to secure the traditional #hash communication channel against spoofing and eavesdropping attacks.

The information in this talk is based on research by Adam Barth, Collin Jackson, and John C. Mitchell of Standford University’s Web Security Group [3].

[1] http://www.whatwg.org/specs/web-...
[2] A brief flip through Wikipedia suggests about 10% of the web browsing population uses Internet Explorer 6 or 7.
[3] http://seclab.stanford.edu/webse...

You could say that 2010 was the best year yet for WordPress themes — a banner year in an already explosive marketplace. Entire companies are building their lives and businesses around selling themes, and they’ve flourished along with amazing growth of WordPress as a platform.

In 2011 the commercial themes landscape is even more innovative, fun, and crowded than ever. With this panel we’ll meet three industry leaders and discuss their experiences selling themes, providing customer support, and growing their theme business in these fast and
furious times.

The format will be a Q and A between the moderator and the panelists, but we’ll be sure to leave plenty of time for you to ask your own questions.

Could your plugin be the cause of a WordPress site being hacked? WordPress security experts Mark Jaquith, Jon Cave, and Brad Williams will be performing live security reviews of submitted plugins on Saturday as well as providing tips on security best practices in plugin and theme development. Standard coding techniques and patterns to defend against attacks such as XSS, CSRF and SQLi will be taught by example. If that previous sentence makes no sense to you, you really need to attend this session!

A conversation about methods of contributing to WordPress and the community, why you should do it, and how it benefits everyone – including you.

Enter Responsive Web Design. A term coined by Ethan Marcotte. Many experts aren’t leaning on one static design anymore, but on structured content that adapts to its given environment. We are going to take a look at responsive web design techniques out there including: progressive enhancement, flexible grids, media queries, flexible images & video, & other methods that you can implement to make your WordPress theme “Responsive”.

What if for every HTML element on the page, you got two free ones? That’s what you get with the CSS pseudo elements ::before and ::after. You can use them as canvases to do all kinds of neat and practical design effects. We’ll cover how to use them and loads of real world examples.

I will explain why would we want to write tests, how to write them (in WordPress and a plugin setting) and how this changed my life. I have experience with unit-testing (WordPress, GlotPress, before), and I am one of the maintainers/committers in the current test framework.

Javascript is often thought of as the scripting language for the web, but it is in reality so much more. One part of javascript that is often ignored is its ability to be used as a part of testing. This talk will go over current options for javascript unit testing, tools for headless testing, and other ways that you can use javascript to test your web application.

How do you get a point across within 10 seconds? Comics are a unique way to communicate, using both image and text to effectively demonstrate time, function, and emotion. Just as vividly as they convey the feats of superheroes, comics tell stories of your users and your products. Google used them. The US Postal Service used them. Adaptive Path used them. The US Navy used them. Business author and TED speaker Daniel Pink used them. It seems comics are in use everywhere lately. In See What I Mean, Kevin Cheng, OK/Cancel founder/cartoonist and author of the soon to be released Rosenfeld book by the same title, will teach you how you can use comics as a powerful communication tool without any illustrator skills.