Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Kathmandu
    Posts
    20
    Rep Power
    0

    Which PHP framework would be best?


    Hello mates,

    I would like to develop small or medium scale web application for my company. For that, I wanted to know which PHP framework will be best suitable. And, please consider adding a sentence why would it be beneficial.

    Would be very much thankful for your help.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2008
    Location
    Auckland
    Posts
    93
    Rep Power
    24
    Choosing framework depends on your project subject , size , scale. There are lots of frameworks available in PHP ; but "CodeIgniter" and yii stands out in lightweight section.
  4. #3
  5. A Change of Season
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    2,671
    Rep Power
    171
    Originally Posted by Sanzay
    Hello mates,

    I would like to develop small or medium scale web application for my company. For that, I wanted to know which PHP framework will be best suitable. And, please consider adding a sentence why would it be beneficial.

    Would be very much thankful for your help.
    Codeigniter is nice and easy but security-wise it's not the best.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    48
    Rep Power
    3
    I've read a lot of articles that advocate Laravel as the best current PHP framework. Having used it for a few months now myself, I'd have to agree. There's so much to love about it.
    Laterna Studio - Animation, Web Design, Video Production and Print Design

    Psalm 73: 25-26
  8. #5
  9. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    I've recently switched to using Laravel as well.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,998
    Rep Power
    375
    Originally Posted by zxcvbnm
    Codeigniter is nice and easy but security-wise it's not the best.
    as you have recently found out, thanks to jacques! (dont worry i am a CI user as well )
  12. #7
  13. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,661
    Rep Power
    4123
    I've yet to find one I like. I've just started to refactor my own, which I hope to open source one day.

    I have three major points I don't like about current frameworks:

    In a PHP project I don't see the point of having something require me to define things using something that is not PHP (eg JSON, YAML, XML etc). All such configurations and dependencies can be done using native PHP - so why waste resources reading and processing other formats?

    I also stay away from templating engines, so a framework which includes a templating engine is a no-no for me. PHP is a templating language at it's heart, and with popular MVC like architecture the templating for native PHP & HTML (or any other output medium) is abstracted out anyway. Why bother with the overhead of something like smarty/twig/other?

    Thirdly - the database part of the app, most frameworks come with some sort of ORM abstraction. I like SQL and am getting better and better at writing it. I think having native SQL and having the app treat data as native data is more flexible and more responsive than ORM implementations [although I have heard of one proprietary ORM system which sounded quite good and crossed over with ACLs/permissions which would be nice in my current project]

    As some have already said, there is a security concern in CI - and it's not realistically feasible to go through all of a frameworks code base to make sure there aren't any holes or strange logic in there that's going to scupper your business application.

    Comments on this post

    • dmittner agrees : Agreed. Except for the Templating engine part.
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]
  14. #8
  15. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    I mostly agree with Northie.

    I've been developing PHP for a decade and taught myself from the ground up, never needing a framework. And the journey has taught me a lot about PHP that you'd never learn when being abstracted away from the core language, which frameworks often do.

    From a business perspective I also dislike frameworks. They divide the PHP community to the point that many become specifically familiar with one framework, and on the reverse, companies begin to look for people with experience with the specific framework they've chosen. That's just silly. If you learn and know core PHP, it's a lot easier to learn and to hire.

    But if you don't use a framework, make sure to establish a good code structure and define coding standards, which will be shared with future coworkers. And those standards are something they should be held to following as part of their performance reviews. That's true whether you use a framework or not and once done, much of the benefit of a framework disappears, IMO.

    Last but not least, I dislike frameworks because it makes you very reliant on the developers of that framework. You either customize it and lose your ability to easily accept updates from them, or are stuck waiting on them to provide updates. Or worse, they discontinue support and you find yourself having to rewrite your entire application for a new major version or to switch to another framework. It just doesn't make sense to adopt such a critical dependency if you don't have to.

    It's getting more into coding standards than anything, but I disagree with Northie when it comes to a templating engine. Having an abstraction between business and presentation logic really helps divide the work into separate roles, making it easier to maintain separate programmers and designers in your company.

    If you have to work with a third party web design firm, they might also be familiar with the Smarty syntax and provide you with .tpl files directly, where they wouldn't be as savvy with PHP (and you'd probably not want to share with them your PHP-scope variable names).

    I've used Smarty for years and now can't stand to see PHP intermingled with HTML. A programmer shouldn't have to know HTML and a designer shouldn't have to know PHP. Separate layers for separate roles.
  16. #9
  17. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,661
    Rep Power
    4123
    I fully agree with separating presentation from business logic but I don't see the point of things like smarty. It's just a set of pseudo code that gets turned into php anyway. I also disagree slightly with the separation of roles. My designers can't even code html so it's always the dev team who do the HTML anyway. Other places are different, I know that. We're a full service agency, so there's never a third party either.
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]
  18. #10
  19. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Originally Posted by Northie
    I fully agree with separating presentation from business logic but I don't see the point of things like smarty. It's just a set of pseudo code that gets turned into php anyway. I also disagree slightly with the separation of roles. My designers can't even code html so it's always the dev team who do the HTML anyway. Other places are different, I know that. We're a full service agency, so there's never a third party either.
    Well, when I helped hire web designers in the past they knew web languages.

    But even for myself the separation helps. It helps me shift my thoughts and focus from one area to the other. HTML/JS/CSS is a whole other kind of environment with its own frameworks (I actually do support Javascript frameworks), coding standards, etc.

    Trying to shove all that in alongside full PHP syntax is just... bleh. Too much.
  20. #11
  21. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    This often-heard claim that PHP already is a template engine and that we don't need things like Twig or Smarty is just nonsense.

    PHP did start out as a template engine -- 18 years ago. And many features like the embeddable code still remind us of the "good" old times of the "Personal Home Page Tools". But PHP is a full-blown language now (don't you guys keep telling me this?). Like every programming language, you can misuse it as a primitive template engine, but this comes with security issues and poor usability and blurs the line between presentation and application logic.

    When you use PHP for templates, nothing restricts you to the typical template functionalities like loops, variable insertion etc. You could do anything. You could modify the database, write files, open network connections, whatever. The only reason not to do that is convention. At the same time, PHP lacks all advanced template features like inheritance. So 99% of the language is unusable (or should be), and the rest only covers some of the requirements. We have a name for this: You got the wrong tool.

    On the other hand, actual template engines are made for templates. They do exactly what they're supposed to do and only that. There's no confusion about their purpose.

    I mean, I can understand that you PHP people don't value template engines: You simply don't have any good ones. If it's all just spaghetti code with some special tags floating in HTML markup, well, you probably see no reason for giving up the PHP spaghetti code. But look at how other programming languages like Ruby do it. Look at Slim or Haml. This is what template languages can be: very compact, very lightweight DSLs optimized for exactly one purpose, writing templates.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  22. #12
  23. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Originally Posted by Jacques1
    I mean, I can understand that you PHP people don't value template engines: You simply don't have any good ones. If it's all just spaghetti code with some special tags floating in HTML markup, well, you probably see no reason for giving up the PHP spaghetti code. But look at how other programming languages like Ruby do it. Look at Slim or Haml. This is what template languages can be: very compact, very lightweight DSLs optimized for exactly one purpose, writing templates.
    Egads... a few minutes looking at Haml and I think I'll have nightmares. Looking at HTML is easier on the eye than looking at their syntax, and their syntax looks like an entirely other language--all but making it impractical to get HTML from a third party (you'd have to convert it all to Haml).

    Smarty might not be perfect, but at least the bulk of what you see is HTML.
  24. #13
  25. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,661
    Rep Power
    4123
    Ive bever hired s web designer. The designers were amready there when i started as the first in house developer. They're good at design, so they keep their job.

    Now, if HTML was a presentation language and DOMDocument had a nicer interface we could get really interesting.

    But what we have is a mixture of several technologies nine of them serving their original purpose. To the point where the lines have to be blurred at some point. How this blending takes place is important

    How is smarty different from spaghetti code? Really? You have a mix if HTML and smarty syntax. The very fact that this is accepted shows there's no need for it. Now, if php could support permissive functionality based on the context of the file then at least the security issue coyly be solved - but we're not there yet.

    I ca see the use of template engines in some situations (see my post about the MODx CMS - IMO this had the best template engine I've seen). But for most bespoke projects? A judgement call had to be taken and I judge that for the tiny amount of HTml used in my modern web apps that a PHP template engine is not needed. Instead I use a client side template engine and feed it with JSON from the server.

    If you're just building a web site use a CMS. Given the available CMSs then only custom web apps really need a framework of any kind
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]
  26. #14
  27. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,661
    Rep Power
    4123
    The iPhones spell check, auto correct and keyboard responsiveness diminishes greatly when you have very little battery left!
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]
  28. #15
  29. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Originally Posted by Northie
    How is smarty different from spaghetti code? Really? You have a mix if HTML and smarty syntax. The very fact that this is accepted shows there's no need for it. Now, if php could support permissive functionality based on the context of the file then at least the security issue coyly be solved - but we're not there yet.
    PHP

    PHP Code:
    <?php foreach ( $list as $item ){ ?>
    <div>
      <?=htmlspecialchars($item["name"]); ?><br/>
      <?=htmlspecialchars($item["description"]); ?>
    </div>
    <?php ?>
    vs. Smarty

    Code:
    {section loop=$list name=item}
    <div>
      {$list.name|escape}<br/>
      {$list.description|escape}
    </div>
    {/section}
    Smarty syntax is a lot less intrusive than constantly having to "<? ?>" in and out of PHP. It also simplifies array syntax.

    And you can hand access to those files off to designers without worrying about them accessing the whole of the PHP language; what can be done in templates can be customized. And custom plugins can be created to give designers more capabilities, all the while keeping them in their controlled environment.

    Simply take a heavily dynamic HTML page and compare the changes you have to make to embed PHP directly, or to embed Smarty. Smarty comes out looking a lot cleaner and more succinct.
    Last edited by dmittner; July 8th, 2013 at 05:38 PM.
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo