Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
First of all I should remind you I have read some links and done some research and looked at some old questions but I still have a question.
I want to start a project with codeigniter 3 but I have heard that codeigniter is not secure enough!
I don't know if it is correct or not, so I started researching about it but now I still don't know. Should I start my project with codeigniter or not! I don't know how to work with any other frameworks and I don't have enough time so I want to ask you if I should start my project by codeigniter. Is it really unsafe? and what shall I do to make it secure or is it possible or not?
I know that the security depends on programmer but I want to be sure that codeigniter does not have a big security bug that any hacker can hack my project and destroy it.
what would you do ?
I'm really afraid
Codeigniter is a framework and is not solely responsible for your site's security. Your site's security is truely determined by the code you write with CodeIgniter. An empty CodeIgniter install is very, very secure. Simply because it's not using any user input or operating with any database.
Codeigniter 3 is no longer in beta and has a stable release available here: https://codeigniter.com/download
If your concern is security, make sure you develop the site with security best practices. Typically, if a site is hacked, it's due to a lazy developer and not the framework they were developing with.
along with security are all the million other things that can go wrong on the server or "cloud" which is hosting your application. so -- even if its just you working on the app -- become comfortable with git and version control. i just discovered the phpstorm application for developing php code and it has version control built in, along with other features that makes it easier to maintain more then one working copy of your application.
otherwise to your question - Codeigniter is being actively maintained, has a friendly community, and the code is very fast & stable in production.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 months ago.
Improve this question
I have a legacy project built on codeigniter 3 and we're looking to upgrade to the latest Laravel version. From some of the answers here, I can infer that it is definitely possible, I have multiple questions before starting.
Would it be practical? (would making it work with each other be a huge enough pain to completely rebuild the system on laravel)
Would it work across different PHP versions? (Current: 5.something; desired: 8.1)
If they're both running on the same domain, would session management be an issue? (would I be able to share session variables across the frameworks?)
Thanks for reading
It looks like CodeIgniter uses lots of global variables.
https://codeigniter.com/user_guide/general/common_functions.html
I'm not a Laravel dev, but I'm assuming that as a relatively modern framework, Laravel does not rely on many globals by default. So I suppose there's more opportunity for conflict, but only if someone is abusing Laravel.
(Laravel people: Feel free to correct me on this.)
Regarding PHP 8: CodeIgniter has at least passed this guy's smoke test on PHP 8.
https://forum.codeigniter.com/thread-78091.html
Since minor versions theoretically don't contain breaking changes, you may find success on 8.1 as well.
Regarding sessions: I know nothing about how either framework handles sessions, so I can't speak to this.
As for whether it's a good idea: I'm not sure I fully understand what you're trying to do. Are you going to have a CodeIgniter project running side-by-side with a Laravel project, using a separate subdomain for each? Or are you going to try to make the existing CodeIgniter project live inside of a Laravel directory structure, as the title of the question currently implies?
If the latter, I would say you're in for some tears. It sounds very painful. The former could work pretty well, I would imagine, especially if you're already using your PHP mainly to serve API endpoints and can just gradually move all the endpoints over to the new platform, one at a time.
I hope this helps.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I hope my question fits in stackoverflow, let me explain my problem:
I am using to program websites in Java, Javascript, HTML, CSS and SQL in Eclipse for about 2 years. Now I want to create (alone) a pretty big community website in PHP (this program language is pretty new for me). In this context, I found the framework TYPO3 and try to learn it. After all I must say, that it seems very complicated to me and I can´t find the advantage over programming files strict in an normal editor without TYPO3. I'm in an inner conflict about whether this would be good or bad for my intention to create the website. I can´t find the benefits, but I often read, that they exist. Is Typo3 (or another framework for PHP) worth learning when you already have programming experience?
Note: Your question doesn't meet StackOverflow's requirements as it can produce many equally valid answers, here's my opinion from point of view of long term TYPO3 developer:
TYPO3 is great, well known, stable tool (btw. it's a CMS, not a framework) used for building thousand of sites of different size - from small product pages to big corporate portals. It brings lot of useful techniques and technologies just out-of-the-box, login forms, contact forms, user permissions, ready to use galleries, extensions, etc, etc... so you don't need to touch every single aspect of the web-programming as you get it just right after installing the system. It does matter especially when you are gonna to work alone - when you physically won't be able to concentrate on every aspect in any sensible time. For sure you'll get benefits using it instead writing it yourself - especially with your relatively short overall experience.
But is it best choice for your needs? I don't know, nobody can know it without analyzing your concept. TYPO3 may be to heavy for the task, it's the price for its flexibility, maybe you will need to use some faster framework, i.e. (TYPO3) Flow Framework (PHP, Framework for TYPO3's originally intended successor Neos CMS), Symfony (PHP) or Play Framework (Java) which also gives you great starting point, but requires more work on every element, maybe...
The only way to determine the valid path is to compare solutions yourself or order such a comparison from a qualified agency.
Laravel 5 is my favorite PHP framework. When you do understand this framework, it's so easy to manipulate routing (url), mysql logic, security, etc. I use it for every project with PHP. Try it, there's ton of tutorial out there!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm fairly new to web development and I have only published one website before. With that website I only used some PHP and without framework. Now, I'm planning on using the laravel framework for my next, bigger, website. I'm wondering if there are differences between publishing a website when using a PHP framework? If so, what are the major differences and where can I read about it (googling has not helped me)?
You have countless options. Here are some I am aware of:
1. FTP'ing
Basically, you could just publish your site/app by FTP'ing it up to your server. The biggest issue will be the Database-changes. Here, the main influence is, whether are you able to run migrations or not? You would at least have to have ssh-access to your server with the required prerequisites installed. Otherwise, you would need to keep track of the changes in some other way, and change the db manually (which is not an good option IMO).
2. Automated deployments
There are server-deployment automation-tools, the one i know is capistrano. You can write scripts which do the deployment. These tools are also capable of running migrations, if you tell them to do so, but you would need to have ssh-access for that. Google will tell you the rest, here is a good tutorial.
2.1. Push-to-deploy
If you use SCM for your "bigger project" (which i would highly recommend), you could use push-to deploy technologies. This approarch basically uses Git-Hooks for triggering deployment-scripts. Deeployer could take care of that for you, if you do not want to develop your push-to-deploy-solution from scratch. Other alternatives are Rocketeer (Open Source) or DeployHQ (Paid)
2.2. Using laravel-taylored hosting/deployment/server-management services
Services like laravel-forge or envoyer offer zero-downtime automated deployments. I guess they are also based on push to deploy anyway. If you want to learn more about them, i recommend watching the corresponding laracasts-series (Forge, Envoyer). Be aware that they are not free.
I hope this overview gets you started. Happy deploying!
There is no difference between publishing a plain PHP website and one with a framework. Simple FTP up all your files and it will work, just remember to upload the framework files also.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
So after considering my options, I've opted to go with a database storage system to store applications settings. Given the fact that these settings will ultimately be changed every so often by the user, I decided implementing them into a database versus a config file (e.g. .ini file). What we're thinking of doing is storing these settings in a key/pair manner. The only trouble I'm having is finding an efficient way to access and write settings into the database.
My question is, are there any frameworks that you may use/heard of that helps to deal with this type of scenario? The only thing I've managed to find is endless discussions about the storage methods along with their pros and cons but nothing related to implementation of these methods.
Every framework. But. Why do you even need entire FRAMEWORK to just connect to database? Use native PDO included to every PHP installation. Use SQL libraries or plugins. Or consider using XML/CSV/INI files.
Still wanna frameworks that help with database? Here you go:
Yii
Zend
Symfony
Codeigniter
Laravel
Fat-Free
Kohana
CakePHP
Joomla
etc
"Full" list
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
We are building a new PHP project, and we heard of the new HHVM, we wanted to deploy our application on it, but we are not sure if it is ready for production environments or not?
We have a laravel 4 application with MySQL and MongoDB as the databases.
Our application is concerned alot about performance and speed of requests because it is a financial application.
Is HHVM production ready ? if it is not and we should wait, how easy will it be to migrate to it after we are live when it becomes production ready, will it break our code? and most of all will PHP be on HHVM for a good while after hack is in town ? is there any live examples of it (other than FB)?, We really like HHVMs performance, but we can't risk the whole project goin down after production.
I do not risk moving my current project to it yet, but I plan to enable CI-tests using HHVM (parallel to usual PHP-5.5 tests) really soon. This way I will know when the project is compatible and plan transition
My opinion:
I simply don't trust such a new one (Hack) and can't risk until it's become available or accepted by the community. It's not sure whether it'll gain trust or not. You are going to reduce the support for your project if you need any during the development, not enough resources and fellow developers, AFAIK.
I think, It's risky and you should think again about it. An article about Hack.