You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2008-11-05 01:00:41
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
CodeIgniter
In case you haven't heard of it before, it's a lightweight PHP MVC framework, http://www.codeigniter.com
Has anybody here used it before? I'm using it on a project now and I've heard good things about it from various people, but my experiences so far haven't agreed with them. 
Looking at several of the features, I found myself a little puzzled. For instance:
Until very recently, their session class (which aimed to replace PHP's sessions) stored data not on the server but instead within the cookie itself (albeit encrypted).
They have a lot of official libraries, but not one for authentication: not even an interface that authentication libraries should follow. Instead, the community has developed a lot of competing authentication libraries of varying quality (I'm still looking for one, if people have suggestions)
The security function I've seen touted the most is called xss_clean. They encourage people to run it on stuff before it's put in the database. Maybe that's just a different security paradigm than I'm used to, but isn't a blacklist of potentially bad strings filtered on input a good way to open yourself up to something that gets past your blacklist? Shouldn't you not be removing chunks of the data that the user has given you?
Edit: I complained about their forum community here, but since I bumped my thread I've been helped wonderfully
I'm just curious what experiences other people have had with them.
Last edited by Smartys (2008-11-05 03:40:41)
Offline
#2 2008-11-05 08:15:46
- MattF
- Member
- From: South Yorkshire, England
- Registered: 2008-05-06
- Posts: 1,230
- Website
Re: CodeIgniter
[*]The security function I've seen touted the most is called xss_clean. They encourage people to run it on stuff before it's put in the database. Maybe that's just a different security paradigm than I'm used to, but isn't a blacklist of potentially bad strings filtered on input a good way to open yourself up to something that gets past your blacklist? Shouldn't you not be removing chunks of the data that the user has given you?[/*]
Goes against the grain of the normal way of blacklist everything and whitelist what you need. You already know that though. 
Screw the chavs and God save the Queen!
Offline
#3 2008-11-05 14:17:00
- JackPerry
- Member
- From: Fredericksburg, VA
- Registered: 2008-10-30
- Posts: 16
Re: CodeIgniter
CodeIgniter was more of a hassle than what it's worth for me.
I'm sticking with Cake.
Offline
#4 2008-11-05 14:34:20
- elbekko
- Former Developer
- From: Leuven, Belgium
- Registered: 2008-04-30
- Posts: 1,131
- Website
Re: CodeIgniter
I've heard good things about Kohana.
Ben
SVN repository for my extensions - The thread
Quickmarks 0.5
“Question: How does a large software project get to be one year late? Answer: One day at a time!” - Fred Brooks
Offline
#5 2008-11-05 16:38:56
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Matt: Exactly 
JackPerry: My problem with Cake is that it loads lots of helpers before you even do anything. A simple hello world script there takes almost 0.2 seconds compared to .03 for CodeIgniter (according to stats I found from a fairly reliable source). Obviously, CodeIgniter slows down too as you add more helpers to it, but I would rather start small and add helpers as needed rather than start big.
Bekko: Yeah, I looked at Kohana (since it's a fork of CodeIgniter) and I was originally going to use it. I can't remember why I decided against it now.
Have you heard anything specific or just that it's good? Looking at it again, I'm noticing people saying that it's young and immature compared to CodeIgniter, that documentation is lacking, etc.
Offline
#6 2008-11-05 16:48:47
- Felix
- Member
- Registered: 2008-05-13
- Posts: 352
Re: CodeIgniter
Why have you decided against the big ones?
I'm currently using in several projects classes of Zend Framework or eZ Components in a loose composition with some own autoloader.
Can't see why everyone is doing the buzz around using a full framework.
Offline
#7 2008-11-05 17:19:15
- JackPerry
- Member
- From: Fredericksburg, VA
- Registered: 2008-10-30
- Posts: 16
Re: CodeIgniter
I'd never heard of Kohana until just now. I took a look around and it actually seems very capable. I'll give a few simple web applications a go using it and see what happens from there.
Offline
#8 2008-11-05 17:21:15
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Why have you decided against the big ones?
I'm currently using in several projects classes of Zend Framework or eZ Components in a loose composition with some own autoloader.
Can't see why everyone is doing the buzz around using a full framework.
Well, I've never used a PHP framework before, so I'm really just playing around. In any case, CodeIgniter is not really a giant, overarching framework like CakePHP is. It just provides a convenient way to develop using MVC (at least that's my take on it).
Offline
#9 2008-11-05 17:23:07
- elbekko
- Former Developer
- From: Leuven, Belgium
- Registered: 2008-04-30
- Posts: 1,131
- Website
Re: CodeIgniter
Actually, from what I've seen the docs are pretty good.
And yeah, I know someone who uses it. He seems happy with it.
But they have these coding guidelines that are strange from time to time (like preferring AND over &&).
Ben
SVN repository for my extensions - The thread
Quickmarks 0.5
“Question: How does a large software project get to be one year late? Answer: One day at a time!” - Fred Brooks
Offline
#10 2008-11-05 17:30:33
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Eww
Offline
#11 2008-11-05 21:13:19
- Felix
- Member
- Registered: 2008-05-13
- Posts: 352
Re: CodeIgniter
Take a look at Zend Framework
It is huge, yes.
But it is modular and you can just use, what you are going to need.
And it has the best documentation out there...
Lots of tutorials aswell. Even for advanced toying.
Offline
#12 2008-11-05 23:26:48
- orlandu63
- Member
- From: New Jersey, USA
- Registered: 2008-05-17
- Posts: 187
- Website
Re: CodeIgniter
I've never really found the need for an MVC framework. Or MVC for that matter. All I need is my templating engine and PDO and I'm good to go But then again, I was never involved in maintaining a large project.
I tried CodeIgniter and found that it took 100ms to load a blank page. That did it for me.
Offline
#13 2008-11-05 23:36:49
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Felix: I'll take a look at it, thanks
orlandu63: The benefits in terms of maintainability and readability are wonderful, as are the libraries you don't have to keep reimplementing or reintegrating into projects
As for the page load time, I think that's very server dependent. I don't know where you tested it, but I've seen scripts running on shared hosting setups take WAY more time (>10x) than they do other places (*cough* MediaTemple *cough*). The numbers I was quoting come from a PHP talk by Rasmus, PHP's creator.
Offline
#14 2008-11-06 16:12:34
- Felix
- Member
- Registered: 2008-05-13
- Posts: 352
Re: CodeIgniter
http://paul-m-jones.com/blog/?p=238
Just to throw some new stuff
Offline
#15 2008-11-06 16:18:58
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Thanks 
Offline
#16 2008-11-06 17:28:02
- Felix
- Member
- Registered: 2008-05-13
- Posts: 352
Re: CodeIgniter
http://blog.astrumfutura.com/archives/3 … sited.html
A blog tutorial, realised with ZendFramework.
While thie coding might be uninteresting, the usage of Zend Framework might be interesting for some people here.
Yell for more and I can take a look through my collections
Offline
#17 2008-11-06 18:10:24
- Smartys
- Former Developer
- Registered: 2008-04-27
- Posts: 3,117
- Website
Re: CodeIgniter
Wow, there are so many wonderful options!
Offline
Pages: 1