PHPDeveloper.org

Community News: Too Many Frameworks? (Andrei Zmievski and Clay Loveless)

Mon, 19 Feb 2007 09:36:00 -0600

As both Andrei Zmievski and Clay Loveless mention in new blog posts from each, things in the PHP framework scene are getting a bit out of hand.

Andrei's comments:

I know you might be lusting after Rails for some reason and want to have the fame, the glory, and the dancing girls of DHH, but are we not going to be satisifed until Sourceforge is filled with the object-oriented diarrheal remains of our overblown egos and delusions of grandeur?

And Clay's thoughts:

Build a cool app. Forget about your own personal stamp on the framework world; you missed the boat on that one. But, if you want to make a mark, the world is wide open for new and cool applications. Pick an existing framework, start building your app, and contribute fixes back to that framework's community as you find shortcomings in your needs for your app.

They're both in agreement, and on more that one point. They recommend the best course of action for anyone out there with "the itch" to really work with a framework - fine one of the already established ones and dive right in. It might not be your own code, but you can contribute your own functionality and thoughts into the project and establish your own little niche.

SitePoint PHP Blog: Tim Bray on PHP

Tue, 21 Feb 2006 06:53:06 -0600

Harry Fuecks has posted his brief opinion on the comments that Tim Bray made recently about PHP over on the SitePoint PHP blog.

Tim Bray kicked off a big blog debate on the pros and cons of PHP (see links in his post to everyone who commented). If you've been around PHP for a while, there's basically nothing new here but you might find cause for optimism in how things are being said'"there's far more informed discussion happening than you might have found even two years ago.

Harry also mentions that there's not much more he wants to add other than a comment on the "PHP is too easy" comment Tim made. Be sure to check out the comments on this post for some great opinions.

Chris Shiflett's Blog: PHP Insecurity

Tue, 24 Jan 2006 06:34:00 -0600

Chris Shiflett's latest post mentions this criticism of PHP's insecurity as made by Andrew van der Stock.

Andrew van der Stock has written a strong criticism of PHP's insecurity. Andrew is a seasoned security expert and a major contributor to OWASP, and he states:

"After writing PHP forum software for three years now, I've come to the conclusion that it is basically impossible for normal programmers to write secure PHP code. It takes far too much effort."

He continues, citing specific areas where he thinks PHP is weak and asserting that "PHP must now mature and take on a proper security architecture."

Chris also mentions that some of the reasons Andrew mentions include register_globals, magic_quotes_gpc, and safe_mode - all due to be removed in the latest PHP version (6). Also, be sure to check out the comments on the post for a good bit more information and discussion...