www.webdeveloper.com
Page 7 of 14 FirstFirst ... 56789 ... LastLast
Results 91 to 105 of 198

Thread: My questions thread.

  1. #91
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    Is the CI framework the one most liked by developers?

    Hmm, I wonder which one is most hated
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  2. #92
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,157
    Usually the best-liked one is whichever one you've learned. Some prefer Zend for its wealth of features and ability to pick and choose which parts you want to use. Some like Lithium for its support of all the latest PHP features and language constructs.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #93
    Join Date
    Jul 2012
    Location
    Vancouver
    Posts
    61
    Depends on the developer, if they want lightweight and near complete control barebones with rapid development, security, scalability.. yes.

    If it's basically a clone of most CMS, codeigniter may not be the best decision because it takes longer to develop cookie cutter websites with.

    Right tool for the job, most custom applications CI is great. If you're looking at more common CMS - ExpressionEngine is great, which is also built off of CI. It's like a professional level wordpress. Greater speed, security, better quality support. It costs $$ but is worth it.

    CakePHP, Joomla and those type of frameworks are a lot more bloated feature packed and in a sense restricted. I find there are more 0day exploits, lesser quality developer community (in average sense.. not saying everyone is bad.. some of the best work with those aswell). You'll find those are used on medium sized websites with lower $$ investments and need for extreme development speed, and no care for hardware required to deploy.

    I tend to combine frameworks and cms into 1 for some strange reason when I shouldnt. I consider EE a framework *shrug*
    Last edited by mistin.ca; 08-22-2012 at 01:18 PM.

  4. #94
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    Quote Originally Posted by mistin.ca View Post
    Depends on the developer, if they want lightweight and near complete control barebones with rapid development, security, scalability.. yes.
    That sounds like me I like to build sites from scratch because I am so darn fussy and want to design it MY way, but I can give up a little bit of that to a framework if it's going to help me put sites together in a faster and more organized fashion, with less worry of having the shiz hacked out of them. I hope when I'm coding for money I can mostly make sites from start to finish, or it might suck, just a bit. I don't like deciphering walls of code that I didn't write >.>
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  5. #95
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    Hmm, I'm wondering a few things about CodeIginter:

    1) If you use Active Record's update() and delete() methods, and forget to use a where() before doing so, will it update/delete your entire table or are there safeguards put in to prevent this?

    In the 4 years I did PHP, I was writing MySQL queries by hand, and I never accidentally did this, but it might be in the cards :P It only takes one screw up and there goes a whole table. You can restore to a backup, sure, but you lose what was changed between the backup and the catastrophe.

    2) I think I am going to really dig method chaining for database queries. The code you construct looks similar to hand written queries, which is what I'm used to. What is you guy's opinion on doing this? Any drawbacks?

    3) Looking through the system files, CodeIgniter appears to use PDO, however, is this just an option or does it use mysqli_* too? I prefer PDO but I'm curious about this.
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  6. #96
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,157
    Most likely PDO is actually using MySQLi (when using a MySQL DB, that is), in that it probably uses the same MySQL API that the MySQLi extension uses.

    While I found Active Record interesting and possibly useful, it always ended up feeling like it took me more time/effort to use it than just writing the darned SQL, so I never really got fluent with it and just continued to write the queries myself.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  7. #97
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    But then wouldn't you have, had to sanitize the external inputs yourself? Wouldn't that take extra time too? From what I understand, Active Record does this automatically (unless you tell it not to.)
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  8. #98
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,157
    Using prepared statements with bound parameters (such as you can do with PDO or MySQLi) take care of the SQL escaping issues.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  9. #99
    Join Date
    Jul 2012
    Location
    Vancouver
    Posts
    61
    ^

    You can still make PDO insecure, it's the prepared statements or bound parameters that sanitizes it.

    $this->db->query("INSERT INTO table SET var='$var'"); isn't safe..
    $this->db->query("INSERT INTO table SET var = ?", $var); is.

    or
    $this->db->select("stuff, here")->from("table")->where("var='$var');
    is insecure. whereas ->where("var",$var); is safe

  10. #100
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    NogDog: I'm confused. You still had to take the time to prepare the statements before using PDO::execute() right? Does using Active Records takes longer than this?

    Mistin: Are you talking to NogDog or me?
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  11. #101
    Join Date
    Jul 2012
    Location
    Vancouver
    Posts
    61
    I was confirming what he said and talking to you

    CI's activerecord takes care of everything for you, exectute is the equivelant to get() in ar. Each attribute or chain has to be set properly... it's all in the documentation very clearly

  12. #102
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    I've been trudging through the CI Documentation. So far so good. I haven't seen anything about making queries secure but I guess I'll get to it eventually.

    I'm still confused, though, about why NogDog felt like using Active Record wasn't worth the effort. My only experience with them is what I read in the documentation, so I don't know much. I guess I should just wait and see when I start using them? I almost feel ready to try and code something. I just want to read the documentation a bit more.
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

  13. #103
    Join Date
    Jul 2012
    Location
    Vancouver
    Posts
    61
    http://codeigniter.com/user_guide/da...ve_record.html

    and I do my insert queries (most likely nog aswell)
    http://codeigniter.com/user_guide/database/queries.html
    at the bottom-query binding.

    Activerecord has its benefit in certain areas - but like mentioned for run of the mill queries it takes more time

  14. #104
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,157
    Once you've written a few hundred (thousand?) queries, it doesn't really take very long to just type out the SQL, just as once you've written a few hundred (thousand?) PHP foreach() loops, you'll be able to write those while watching TV and eating popcorn.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  15. #105
    Join Date
    Jun 2006
    Location
    Under your bed
    Posts
    357
    Oh, ok, I see what I missed. I had read the "Active Record" page but not the "Queries" one.
    The better I get at programming, the more I appreciate arrays. Handy dandy things they are.

Thread Information

Users Browsing this Thread

There are currently 5 users browsing this thread. (0 members and 5 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles