PHP Frameworks

flippakitten said:
I haven't found that and some people think it's easier. I have no preference but liking Rails so far I guess cause it feels like cheating.
Click to expand...

I would also recommend Rails if starting out with web development. In my opinion the name says it all.
 
Thor187 said:
Okey guess I'm wrong then
Click to expand...

Not really PHP is certainly easier for beginners, but in the long run you'll be happier with Ruby/Rails.
Personally I'm not a fan of either.
 
[)roi(];18100134 said:
Not really PHP is certainly easier for beginners, but in the long run you'll be happier with Ruby/Rails.
Personally I'm not a fan of either.
Click to expand...

Ahh because yea that's why I started dabbling in php everyone said noooo ruby is this and ruby is that.


Something I am only now starting to try and learn/understand is OOP php.

Eish gone are the days of menu's including and echoing everywhere
 
Thor187 said:
Ahh because yea that's why I started dabbling in php everyone said noooo ruby is this and ruby is that.


Something I am only now starting to try and learn/understand is OOP php.

Eish gone are the days of menu's including and echoing everywhere
Click to expand...
Lol yeah there's is no definitive answer... best to stick with your decision and complete your growth...
... but then nothing really prevents you from learning another language.
 
koeksGHT said:
The majority of exploits I have found from clients are generally "large" projects like Joomla and such where exploits can be developed to scan many sites where custom projects have to be manually explored for weaknesses and have had no issues.
Click to expand...

[)roi(];18066676 said:
Using a framework is certainly no guarantee to avoid exploits: http://heartbleed.com
Just how many developers ever validate the code of the frameworks they use?
Click to expand...

Sure, a framework doesn't mean it's free of exploits, in the same way that an operating system isn't free of exploits. The difference is that when a problem is found in a large framework, it is usually identified and fixed within a couple days (sometimes within a couple hours with the Linux community) assuming you are going to do the update as soon as possible. If someone found an exploit in your website, how much time do you think it would take for the average web dev to single-handedly find what the issue is, come up with a solution, and implement it?
 
giggity said:
Sure, a framework doesn't mean it's free of exploits, in the same way that an operating system isn't free of exploits. The difference is that when a problem is found in a large framework, it is usually identified and fixed within a couple days (sometimes within a couple hours with the Linux community) assuming you are going to do the update as soon as possible. If someone found an exploit in your website, how much time do you think it would take for the average web dev to single-handedly find what the issue is, come up with a solution, and implement it?
Click to expand...

I think you missed this...
[QUOTE='[)roi(];18069470'I'm certainly not against frameworks; but their use certainly doesn't make any site bullet proof. In that regard there is a counter argument i.e. exploits in an open frameworks would typically expose all, whereas a custom build limits exposure. There is however a middle (or better) road: where you can have your cake and eat it -- just don't rely on only one way to secure your portfolio.[/QUOTE]Either way you're still taking a risk with dependencies, but it's one that can be managed; personally I prefer to complete a code review before checking new dependencies & occasionally I fork some of the repositories as a way to manage the change; it really depends on the repository; some are not so good at release management. The point is app integrity / security is not something to be take for granted.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X