Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Evaluating PHP Applications
Mar 24, 2006 @ 07:20:12

People like simple solutions - they like to go out, find a piece of software that does what they want, and push it out into the wild of the internet on their site. More often than not, unfortunately, they don't take the proper time to really look over the application. They breeze right past that state and install it without a care in the world. Too bad this can lead to bigger issues down the line.

In order to help ease this problem, Harry Fuecks has a post on the SitePoint blog with a few tips on how to evaluate your PHP applications before you even install them.

Now not everyone is a programmer or a system administrator—"normal human beings" rank these highly because they relate directly to the two most pressing problems they're facing: they want a site which is visually attractive and, with limited technical expertise, installation can be a significant hurdle to overcome.

But when it comes to security or maintenance, those requirements rank pretty low down. So here's some different things to think about, following on from this talk (PDF) on page 19, which I'd argue rank much higher when evaluating a project you plan to use (further suggestions appreciated).

The points he mentions include:

  • What's the security record like?
  • What's the code like?
  • Who's using it?
For each, he describes why the step is important and how you can work through it - even if you're not that technical. Personally, I'd start with the last one on his list - "Who’s got an opinion?" - and work my way from there. If there's one thing it's good for, the internet is definitely a great place to get opinions. So, Google the best you can before even considering a piece of software - it might yield some interesting results.
tagged: evaluating applications security scale opinion evaluating applications security scale opinion