Which framework is better?

Just sat down to try and port a website of mine from spaghetti code to Laravel, which at first glance looks amazing.

Didn't take too long to realise that it's yet another framework that doesn't fit my barebones way of working. So many things to dislike about it:

- Pretty much discourages raw SQL
- If you don't use Eloquent ORM, there's little point in separating database queries (be they raw SQL or Fluent) into models besides semantics (would be all static methods)
- Too many static methods, might as well be a bunch of global functions
- Blade template engine syntax isn't as nice as Smarty (longer operators and shorthand/single-line if statements look awful), nor is it highlighted/supported by any editor I'm aware of
- Undefined variables in Blade throw errors (necessitating isset everywhere) and they stand behind this illogical approach
- It's not written with IDEs in mind at all, takes workarounds to get even basic code completion
- The directory structure where the vast majority of the PHP files must be outside the web root is a nightmare to cater for
- Have to explicitly escape variable output - common sense dictates that somewhere will be overlooked/forgotten and the reverse (explicitly not escaping) is much safer

Think I'll have to start working on my own framework again (super lightweight modelled after XenForo, with Smarty)


Edit: Will persevere with Laravel a little longer, would hate to write it off after just a few hours
 
Luke Foreman said:
- The directory structure where the vast majority of the PHP files must be outside the web root is a nightmare to cater for
Click to expand...

This is pretty much true of any modern framework. I'm not sure how this is a negative. Keeping files out of the web server's document root is good practice. For instance, what happens when someone accesses one of the "include" files directly and it throws out revealing errors because all the prerequisite files haven't been loaded?

Sure, each file should have its own security checks to make sure it's running under the environment it expects, but each executable file in a web accessible area is a potential security hole. It's not really a nightmare to cater for either -- it only takes a couple of minutes to setup on your own (using spl_autoload_register, or rolling your own).

Reading the rest of your list, it sounds like you want a library not an MVC/HMVC framework.
 
Luke Foreman said:
Just sat down to try and port a website of mine from spaghetti code to Laravel, which at first glance looks amazing.

Didn't take too long to realise that it's yet another framework that doesn't fit my barebones way of working. So many things to dislike about it:

- Pretty much discourages raw SQL
- If you don't use Eloquent ORM, there's little point in separating database queries (be they raw SQL or Fluent) into models besides semantics (would be all static methods)
- Too many static methods, might as well be a bunch of global functions
- Blade template engine syntax isn't as nice as Smarty (longer operators and shorthand/single-line if statements look awful), nor is it highlighted/supported by any editor I'm aware of
- Undefined variables in Blade throw errors (necessitating isset everywhere) and they stand behind this illogical approach
- It's not written with IDEs in mind at all, takes workarounds to get even basic code completion
- The directory structure where the vast majority of the PHP files must be outside the web root is a nightmare to cater for
- Have to explicitly escape variable output - common sense dictates that somewhere will be overlooked/forgotten and the reverse (explicitly not escaping) is much safer

Think I'll have to start working on my own framework again (super lightweight modelled after XenForo, with Smarty)


Edit: Will persevere with Laravel a little longer, would hate to write it off after just a few hours
Click to expand...

Interesting to hear this side of it - I've yet to hear a negative review on Laravel (I've yet to try it myself).

Could I ask though...why would you want to do raw SQL? That's pretty much inviting security issues. The reason the likes of PDO and Eloquent ORM exist are to make database security and management a heck of a lot easier.

I myself avoided using ORM/PDO type systems for a long time as I thought it was an unnecessary patch on top of databases, and much preferred using raw SQL. However once you get using it, you realise just how piss poor PHP/SQL security is when using raw queries.

I'm sure there are reasons for sticking with SQL, however I've yet to find one myself :p

As for templating, I cant comment for Laravel's built in template system, but I can comment on Smarty. It was the bane of my life. I thought it would get better with Smarty 3 but it's still mind numbingly poorly made. I ended up switching to another one called 'Twig' - you should take a look at it, it's pretty fancy and faster than Smarty. It uses the same syntax as django, so is supported by all major code editors. You can also very easily add in your own custom functions (literally 1 line of code) and such. Very extendable, and modular.

With regards to the directory structure, from what I understand it's laid out like that for security. When you think about it, it makes no sense what so ever making all your PHP files accessible via the web. Really you'd be better off having everything except assets and an index.php file publicly accessible.

Anyway, please do post back once you've decided if its for you - I love hearing the common issues of these frameworks as all you ever seem to see on articles/guides is all the pros!

I must agree with Jason though - it does sound like you're after a set of libraries. Laravel's layout and featureset is that of a 'true framework'. The likes of Smarty no longer have a place in modern PHP development, they are...well...crappy and ancient...
 
Jason said:
This is pretty much true of any modern framework. I'm not sure how this is a negative. Keeping files out of the web server's document root is good practice. For instance, what happens when someone accesses one of the "include" files directly and it throws out revealing errors because all the prerequisite files haven't been loaded?

Sure, each file should have its own security checks to make sure it's running under the environment it expects, but each executable file in a web accessible area is a potential security hole. It's not really a nightmare to cater for either -- it only takes a couple of minutes to setup on your own (using spl_autoload_register, or rolling your own).

Reading the rest of your list, it sounds like you want a library not an MVC/HMVC framework.
Click to expand...

It just doesn't suit my nginx environment with one folder per subdomain/domain, will have to write server blocks that don't inherit the global settings, which I don't like doing if I can avoid it.

RickM said:
Interesting to hear this side of it - I've yet to hear a negative review on Laravel (I've yet to try it myself).

Could I ask though...why would you want to do raw SQL? That's pretty much inviting security issues. The reason the likes of PDO and Eloquent ORM exist are to make database security and management a heck of a lot easier.

I myself avoided using ORM/PDO type systems for a long time as I thought it was an unnecessary patch on top of databases, and much preferred using raw SQL. However once you get using it, you realise just how piss poor PHP/SQL security is when using raw queries.

I'm sure there are reasons for sticking with SQL, however I've yet to find one myself :p
Click to expand...

I mean PDO/parameterised queries of course, I don't like how laravel leaves you with little other than 'DB::query'

RickM said:
As for templating, I cant comment for Laravel's built in template system, but I can comment on Smarty. It was the bane of my life. I thought it would get better with Smarty 3 but it's still mind numbingly poorly made. I ended up switching to another one called 'Twig' - you should take a look at it, it's pretty fancy and faster than Smarty. It uses the same syntax as django, so is supported by all major code editors. You can also very easily add in your own custom functions (literally 1 line of code) and such. Very extendable, and modular.
Click to expand...

Can't say much about how the library behind Smarty is written, but other than that it's always worked well for me, no trouble extending it even with complex tags/blocks

RickM said:
With regards to the directory structure, from what I understand it's laid out like that for security. When you think about it, it makes no sense what so ever making all your PHP files accessible via the web. Really you'd be better off having everything except assets and an index.php file publicly accessible.
Click to expand...

It's just personal preference really, I'd rather block access to the non-public directories explicitly, rather than having to redundantly copy+paste most of my global server config just to support a non-standard root dir.

RickM said:
Anyway, please do post back once you've decided if its for you - I love hearing the common issues of these frameworks as all you ever seem to see on articles/guides is all the pros!
Click to expand...

Will do.. it's still a toss up between adding some of the nice features of Laravel (basic ORM, filters, the awesome way of defining routes, composers) to my framework, or vice-versa.


RickM said:
I must agree with Jason though - it does sound like you're after a set of libraries. Laravel's layout and featureset is that of a 'true framework'. The likes of Smarty no longer have a place in modern PHP development, they are...well...crappy and ancient...
Click to expand...

Not at all, I'm after an MVC framework which will let me use Smarty (I hate change :p), and that makes it comfortable to use PDO queries alongside very basic ORM.

Used to be a fan of Flourish (in fact the site I'm trying to port was written partially with it), but it just encourages spaghetti code too much :p
 
I've been using Laravel 3 for quite a while now and though it does have it's issues, Laravel 4 is fixing most of the one's I'm bothered about (like the static methods making unit tests unbearably difficult). I've also used FuelPHP in the past (which I liked rather a lot), Kohana and Symfony2. It really depends on what you're working on and what you need from your framework.
 
euantor said:
I've also used FuelPHP in the past (which I liked rather a lot), Kohana and Symfony2.
Click to expand...
I was about to say I was surprised no one mentioned Kohana, although it has never been one of the most popular PHP frameworks, over a year ago I decided it was the best framework for me. I haven't used it since though, so I don't know how it has progressed, how does it compare with Laravel nowadays?
 
Luke Foreman said:
It just doesn't suit my nginx environment with one folder per subdomain/domain, will have to write server blocks that don't inherit the global settings, which I don't like doing if I can avoid it.



I mean PDO/parameterised queries of course, I don't like how laravel leaves you with little other than 'DB::query'



Can't say much about how the library behind Smarty is written, but other than that it's always worked well for me, no trouble extending it even with complex tags/blocks



It's just personal preference really, I'd rather block access to the non-public directories explicitly, rather than having to redundantly copy+paste most of my global server config just to support a non-standard root dir.



Will do.. it's still a toss up between adding some of the nice features of Laravel (basic ORM, filters, the awesome way of defining routes, composers) to my framework, or vice-versa.




Not at all, I'm after an MVC framework which will let me use Smarty (I hate change :p), and that makes it comfortable to use PDO queries alongside very basic ORM.

Used to be a fan of Flourish (in fact the site I'm trying to port was written partially with it), but it just encourages spaghetti code too much :p
Click to expand...
I'd check out Twig; it's what I'm using for my clan hosting platform with a friend and its the best solution we found other than doing our own.
 
Forsaken said:
I'd check out Twig; it's what I'm using for my clan hosting platform with a friend and its the best solution we found other than doing our own.
Click to expand...
Are you sandboxing it? I found that to be awesome. We're using it on a hosted solution as well, and offer a layout editor in the control panel. The sandbox has proven to be a fantastic part of it!
 
RickM said:
Are you sandboxing it? I found that to be awesome. We're using it on a hosted solution as well, and offer a layout editor in the control panel. The sandbox has proven to be a fantastic part of it!
Click to expand...
Yeah we are. We're doing something similar to XenForo's style property system, but a bit more in-depth and advance as we want to give a lot more control to people in what they can do with their clan sites.
 
Forsaken said:
Yeah we are. We're doing something similar to XenForo's style property system, but a bit more in-depth and advance as we want to give a lot more control to people in what they can do with their clan sites.
Click to expand...
Sounds a bit like what we've just finished doing with our system then :)

I nearly wet myself with joy when I found Twig after attempting to do it in Smarty. Then to top it off I saw CodeMirror!
 
Been playing with Twig for about a year now, built something with it over the summer. It has been really nice and easy to work with.
 
Luke Foreman said:
It just doesn't suit my nginx environment with one folder per subdomain/domain, will have to write server blocks that don't inherit the global settings, which I don't like doing if I can avoid it.
Click to expand...

You can still use one directory, and set your document root to a sub-directory within it. At least that way you're not exposing any more PHP files than absolutely required.
Code: 
example.com/
    application/
    public/ (document root)
        css/
        img/
        js/
        index.php
    ...

Perhaps I'm not understanding your setup, though? I'm genuinely curious...

Twig is pretty nice. Definitely like its Django inspired syntax, and sandboxing like Jinja. It makes working with PHP again tolerable for me.
 
Despair said:
I was about to say I was surprised no one mentioned Kohana, although it has never been one of the most popular PHP frameworks, over a year ago I decided it was the best framework for me. I haven't used it since though, so I don't know how it has progressed, how does it compare with Laravel nowadays?
Click to expand...

It really depends on what you're wanting to do. Laravel 4 is going to have the edge when it's released though due to it's reliance on COmposer and as such a massive welth of packages which can be used alongside the core framework.
 
euantor said:
It really depends on what you're wanting to do. Laravel 4 is going to have the edge when it's released though due to it's reliance on COmposer and as such a massive welth of packages which can be used alongside the core framework.
Click to expand...

This is the part I'm very much looking forward to.

For anyone interested - think of any kind of php 'helper' you can - anything, and search for it in the composer library: https://packagist.org/

There's loads of stuff in there. From payment processing packages, to barcode readers, to image manipulation, to ORM's, etc. Very much worth a look at if you're planning any upcoming projects :)
 
I take back everything bad I said about Laravel :p

Spent the last couple of days going through most major frameworks:

- Symfony: too complicated, crazy directory structure, strongly disfavours existing databases
- CakePHP: old architecture, difficult to adhere to legacy stuff
- CodeIgniter: old architecture, bloated, some illogical structures
- Yii: didn't like their approach to some things, no major issues otherwise
- Kohana: confusing/incomplete documentation, horrendous query builder, other issues I've forgotten
- FuelPHP: didn't like their approach to some things, no major issues otherwise
- Zend: basically a massive library of libraries, too complicated
- And a few other minor ones that I can't remember (note to self, take more notes :p)

tl;dr all of them have far more 'flaws' (in my opinion of course) than Laravel



- Pretty much discourages raw SQL
Nothing a little custom bundle can't solve

- If you don't use Eloquent ORM, there's little point in separating database queries (be they raw SQL or Fluent) into models besides semantics (would be all static methods)
Eloquent is actually really nice, especially given the fact that it needs almost no information about the database and plugs into existing databases perfectly.

- Too many static methods, might as well be a bunch of global functions
Actually works quite effectively, more laziness friendly than a load of singletons

- Blade template engine syntax isn't as nice as Smarty (longer operators and shorthand/single-line if statements look awful), nor is it highlighted/supported by any editor I'm aware of
Custom smarty bundle to the rescue :p

- Undefined variables in Blade throw errors (necessitating isset everywhere) and they stand behind this illogical approach
This issue also occurred in smarty, but worked around with some insane hacks

- It's not written with IDEs in mind at all, takes workarounds to get even basic code completion
It's not as bad as I made it out to be in this regard, the only real issue is 'go to definition' on laravel classes takes 2 steps

- The directory structure where the vast majority of the PHP files must be outside the web root is a nightmare to cater for
I can survive working around this, either through not being lazy with my server config ( :p) or by inverting the directory structure such that public becomes the root and everything else is in a single subfolder (flagged as internal in nginx config)

- Have to explicitly escape variable output - common sense dictates that somewhere will be overlooked/forgotten and the reverse (explicitly not escaping) is much safer
Their approach actually makes a lot more sense once you start using all the helper functions for forms etc.
 
Luke Foreman said:
I take back everything bad I said about Laravel :p
Click to expand...
Have you tried Twig, too?

I'm contemplating building something that doesn't rely on XF (I've only ever built stuff in XF...) so based on everything I've read here Laravel and Twig seem to be pretty hot contenders.
 

Similar threads

CedricV
PalworldForums.net - Your Ultimate Palworld Community!
Replies
7
Views
953
Vercingetorix
Vercingetorix
A
Extremely annoying member
2 3
Replies
58
Views
4K
Suzanne O
Suzanne O
Vercingetorix
Activity Summary emails are the digital equivalent of junk mail.
Replies
3
Views
1K
Vercingetorix
Vercingetorix
A
Tricky issue with members
2
Replies
25
Views
1K
Suzanne O
Suzanne O
Fullmental
Dedicated server recommendations?
2 3
Replies
50
Views
4K
Vroomm
V
Top Bottom