• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Amass forum software

Pekka

New member
#4

RickM

Well-known member
#5
Surprised you've gone for such old programming practices.. How come you've not gone for an MVC structure, or friendly URL's? Please tell me you're at least using an ORM, for the sake of your members security if nothing else.
 

Pekka

New member
#7
Surprised you've gone for such old programming practices.. How come you've not gone for an MVC structure, or friendly URL's? Please tell me you're at least using an ORM, for the sake of your members security if nothing else.
Well, as you apparently have not coded your own forums so as there is no common frame of reference I can not discuss that with you :)))
 

Pekka

New member
#8
The old site was vb3 (was not changed at all in several years) and so this new one had to initially look similar and have total URL compatibility to ease the change pains of the oldies. The internals are very modern, though, so what you see is only about 10% of what you will get :)
 

SilverCircle

Well-known member
#9
Surprised you've gone for such old programming practices.. How come you've not gone for an MVC structure, or friendly URL's? Please tell me you're at least using an ORM, for the sake of your members security if nothing else.
What exactly has an ORM to do with security? It's a myth that you cannot write safe code with plain SQL. Prepared statements combined with type safety are really all you need, and even without such helpers, it's perfectly possible to write secure database code. It just requires more knowledge, but that isn't necessarily a bad thing. Been there, done that. No ORMs back then.

Besides, MVC is not the holy grail nor is it a requirement for a modern web application. It just reduces the work and simplifies things, but usually adds overhead through the framework. I would recommend to any programmer to begin with *simple* patterns and keep fingers off frameworks, because frameworks hide way too many essential things. Seen lots of programmers who don't even know how to write a single PHP page without using 5MB of framework code behind it.
 

RickM

Well-known member
#10
Well, as you apparently have not coded your own forums so as there is no common frame of reference I can not discuss that with you :)))
Actually I have, many many moons ago :) in the days before frameworks. I've been using PHP daily for over 10 years now.

Apologies, reading my last comment back I came across as a bit of a **** - didn't mean it that way at all. It's awesome that you've made a complete system for your community. I was just curious on the choices of coding, that's all.
 
Last edited:

RickM

Well-known member
#11
What exactly has an ORM to do with security?
The ORM itsself - little to nothing. Obviously they do use prepaired statements, which is a given if you want to prevent XSS attacks. Using existing, well known, secure ORM's is a great (And quick) way of ensuring very easy and secure database interaction.

Besides, MVC is not the holy grail nor is it a requirement for a modern web application. It just reduces the work and simplifies things, but usually adds overhead through the framework.
Swings and roundabouts. Why do you think pretty much every single major PHP script runs on an MVC framework these days? It's become an 'unofficial standard', even more so with the likes of composer and the PHP-FIG.

You'll be hard pressed to find a major PHP project these days (that isn't stuck on legacy code) not using an MVC based framework. Even the likes of Drupal and PHPBB now run on MVC frameworks, mostly using Symfony components via composer.

I would recommend to any programmer to begin with *simple* patterns and keep fingers off frameworks, because frameworks hide way too many essential things. Seen lots of programmers who don't even know how to write a single PHP page without using 5MB of framework code behind it.
Of course, but that's fairly irrelevant given we're talking about a complete PHP based forum platform here. Hardly the work of a beginner.
 
#12
Actually I have, many many moons ago :) in the days before frameworks. I've been using PHP daily for over 10 years now.

Apologies, reading my last comment back I came across as a bit of a **** - didn't mean it that way at all.
Not taken that way, really :)

It's awesome that you've made a complete system for your community. I was just curious on the choices of coding, that's all.
I just don't feel that I need something, an extra layer, between me and the "actual code". I also do not need to have Scrum sessions with this one man team, or have ways to distribute the component work between the one man team :)

Building a commercial software like Xenforo with a team of coders requires a different approach for sure.
 

euantor

Well-known member
#13
The ORM itsself - little to nothing. Obviously they do use prepaired statements, which is a given if you want to prevent XSS attacks. Using existing, well known, secure ORM's is a great (And quick) way of ensuring very easy and secure database interaction.



Swings and roundabouts. Why do you think pretty much every single major PHP script runs on an MVC framework these days? It's become an 'unofficial standard', even more so with the likes of composer and the PHP-FIG.

You'll be hard pressed to find a major PHP project these days (that isn't stuck on legacy code) not using an MVC based framework. Even the likes of Drupal and PHPBB now run on MVC frameworks, mostly using Symfony components via composer.



Of course, but that's fairly irrelevant given we're talking about a complete PHP based forum platform here. Hardly the work of a beginner.
Ehhhm, prepared statements do NOTHING to prevent XSS. They're meant to stop SQL injections... ;)

Looks (from first impressions) like a nice solution. I always like to see sites trying to break the norm.
 
Last edited:
#14
I have to admit I am impressed you took the time to create something for your community. It's hard to find those self starters these days. Looks good and I will follow to see you progress :)