I have a simple site to develop and would like to learn PHP as I go. I want the site to be secure, scalable, and easy to maintain. Should I learn a framework and PHP simultaneously? If I build off of a framework there will be lots of unfamiliar code in play. Would you say this increases security risks?
我有一个简单的开发网站,我想学习PHP。我希望该网站安全,可扩展且易于维护。我应该同时学习框架和PHP吗?如果我构建一个框架,那么将会有许多不熟悉的代码。你会说这增加了安全隐患吗?
10 个解决方案
#1
20
There's nothing about using a framework that will impede you learning PHP, and using an established framework will reduce the security risk, as you'll be dealing with well tested code for handling common tasks.
没有什么比使用会阻碍你学习PHP的框架,并且使用已建立的框架将降低安全风险,因为你将处理经过良好测试的代码来处理常见任务。
At the core of most of the PHP frameworks in play these days is this simple three step workflow
如今,大多数PHP框架的核心是这个简单的三步工作流程
-
The URL is requested and routed through a central bootstrap index.php file
请求URL并通过*引导程序index.php文件进行路由
-
The URL name is used to derive a classname and a method name (and action method). This is your main entry point and where you start writing PHP to handle the request
URL名称用于派生类名和方法名称(以及操作方法)。这是您的主要入口点,您开始编写PHP来处理请求
-
At the end of this method, control is handed over to a view template, which has access to certain values you set in step two.
在此方法结束时,控制权将移交给视图模板,该模板可以访问您在第二步中设置的某些值。
Pick a framework, learn how it does the above, and then write any kind of PHP you want in the action method and the view template.
选择一个框架,了解它是如何做到的,然后在action方法和视图模板中编写你想要的任何类型的PHP。
Yes, there will be a lot of other PHP framework code in play, but you never have to look at it.
是的,会有很多其他PHP框架代码在运行,但你永远不必看它。
Yes, the framework will have a multitude of features and/or a "preferred" way for handling things, but you only need to use those you instantly understand.
是的,该框架将具有许多功能和/或处理事物的“首选”方式,但您只需要使用您立即理解的那些。
When you start noticing patterns of ugly, boring, or insecure code, take a look at the framework features again. More often than not after "doing it wrong" you'll get insights as to why the framework code did something in a particular way and you'll be happy to hand off the responsibility (I'd say ActiveRecord style models vs. SQL code is a big one here)
当您开始注意丑陋,无聊或不安全的代码模式时,请再次查看框架功能。在“做错了”之后,你会更多地了解框架代码为什么以特定的方式做某事,你会很乐意放弃责任(我会说ActiveRecord样式模型与SQL代码有关)这里很大)
As you start using the objet oriented systems the framework provides you'll start to get interested in how they're doing certain things, and then you can start poking at the core framework code.
当您开始使用面向对象的系统时,框架会让您开始对他们如何做某些事情感兴趣,然后您可以开始探索核心框架代码。
#2
4
Absolutely. Frameworks will do all the boilerplate code for you, providing you a higher level of abstraction. It will probably be easier for you to code without dealing with some of PHP's idiosyncrasies.
绝对。 Frameworks将为您完成所有样板代码,为您提供更高级别的抽象。如果不处理PHP的某些特性,您可能更容易编码。
Any half decent framework will also address security issues, so if you are new to the language, chances are your app written on the framework will be safer than the one you write from scratch.
任何一半体面的框架也会解决安全问题,因此如果您不熟悉该语言,那么您在框架上编写的应用程序可能比您从头开始编写的应用程序更安全。
#3
1
I wouldn't recommend starting with a framework to beginning developers. If you've got a lot of experience with other OOP languages, there shouldn't be a problem. But you should at least know the basics (syntax e.g.) before even thinking about using frameworks.
我不建议从开始开发人员的框架开始。如果您对其他OOP语言有很多经验,那么应该没有问题。但是在考虑使用框架之前,你至少应该知道基础知识(例如语法)。
#4
1
I would say it depends on your prior experience. It's not so much PHP itself, but the web server environment it lives in that can be distracting. If you're already familiar with the HTTP request lifecycle and have written web applications in a similar stateless fashion as you do with PHP, you shouldn't have a big problem jumping right into using a framework.
我会说这取决于你以前的经验。它本身并不是PHP本身,但它所居住的Web服务器环境可能会分散注意力。如果您已经熟悉HTTP请求生命周期并且以与使用PHP类似的无状态方式编写Web应用程序,则不应该在使用框架时遇到大问题。
If you come from a "stateful" background or no background at all though, the abstractions a framework offers can become a problem. You should at least know how to handle sessions, cookies, headers, $_POST and the like in plain PHP before having the details abstracted away from you by a framework. Also see this previous answer of mine.
如果您来自“有状态”背景或根本没有背景,框架提供的抽象可能会成为一个问题。你应该至少知道如何在通过PHP从框架中抽象出详细信息之前,在PHP中处理会话,cookie,标题,$ _POST等。另见我之前的答案。
#5
0
I think minimising the amount of custom code you are writing is probably a good thing if you are not confident in your ability to create secure systems (particularly for things like authentication). As a result, I think using a web framework in this way would be to your advantage. It will also allow you to familiarise yourself with the core of the langauge without worrying about peripheral concerns.
我认为,如果您对创建安全系统的能力没有信心(特别是对于身份验证等),那么尽量减少您编写的自定义代码的数量可能是一件好事。因此,我认为以这种方式使用Web框架对您有利。它还可以让您熟悉语言的核心,而不必担心外围问题。
#6
0
I have seen a few people (with a big previous OOP knowledge) to learn PHP and symfony simultaneously without difficulties.
我已经看到一些人(具有大量的OOP知识)同时学习PHP和symfony没有困难。
In fact, moving from PHP from an object oriented language is just learn a few conceptual things and the syntax and API of PHP itself.
实际上,从面向对象语言的PHP转移只是学习一些概念性的东西以及PHP本身的语法和API。
#7
0
In my opinion, there's nothing wrong with learning a framework at the same time as you are learning a language. There are already a fair amount of situations where this is the case by necessity. For example, most people learning Objective-C learn the Cocoa frameworks at the same time, most C# programmers will learn .Net along with it, even the JDK should be considered a framework which you learn along with the Java language. And for what it's worth, I learned the Symfony framework with very little PHP experience beforehand.
在我看来,在学习语言的同时学习框架并没有错。已经有相当多的情况需要这种情况。例如,大多数学习Objective-C的人同时学习Cocoa框架,大多数C#程序员都会学习.Net,甚至JDK也应该被认为是一个与Java语言一起学习的框架。为了它的价值,我事先学会了很少的PHP经验的Symfony框架。
#8
0
I would advice you to start with PHP turorial on w3schools.com. It is short and clear. You can learn all the necessary basics in one-two hours. In order to understand any framework you will need that. Then study the first and the second chapter from CakePHP cookbook and create your first CakePHP applications using their tutorials. On the rest I agree with Alan Storm.
我建议你从w3schools.com上的PHP turorial开始。它简短明了。您可以在一到两个小时内学习所有必要的基础知识。为了理解您需要的任何框架。然后从CakePHP cookbook学习第一章和第二章,并使用他们的教程创建您的第一个CakePHP应用程序。其余的我同意艾伦风暴。
#9
0
Getting started with a framework in PHP, also depends on the fact whether you have some prior programming experience and if yes, what kind of.
在PHP中开始使用框架,也取决于您是否具有一些先前的编程经验以及是否有什么样的。
If you have muddled in some other programming languages like java, c, learning a php framework simultaneously while creating your website might not be too difficult.
如果你在其他一些编程语言如java,c中混淆,在创建你的网站的同时学习一个php框架可能不会太困难。
Almost all of the PHP frameworks you will encounter use the MVC design pattern - if you understand the basics of MVC, if you have implemented or have gist of design patterns in other programming languages, then it will be quite easy starting with PHP frameworks.
您将遇到的几乎所有PHP框架都使用MVC设计模式 - 如果您了解MVC的基础知识,如果您已经在其他编程语言中实现或具有设计模式的要点,那么从PHP框架开始将非常容易。
Also your choice of PHP framework will be the deciding factor. If you employ PHP frameworks like Codeigniter, Yii, maybe even CakePHP which have comparatively smaller learning curves, you will find your path wellpaved for you in PHP. Although if choose some framework like Symfony, Zend - you might get frustrated in taking too much time in doing simple things, in turn blowing up your project.
您选择的PHP框架也是决定性因素。如果您使用像Codeigniter,Yii这样的PHP框架,甚至可能使用相对较小的学习曲线的CakePHP,您将在PHP中找到适合您的路径。虽然如果选择像Symfony,Zend这样的框架 - 你可能会因为花费太多时间做简单的事情而感到沮丧,反过来又会炸毁你的项目。
As for the part about security risk, all of the frameworks I mentioned above and some others I have not mentioned, have spent enough time on the stage to have squashed the security risks.
至于有关安全风险的部分,我上面提到的所有框架以及我未提及的其他一些框架都花了足够的时间来平息安全风险。
Hope this helps in deciding.
希望这有助于决定。
#10
0
Although I'm a fan of frameworks, I agree with some of the other comments above. Starting with a framework can be pretty confusing, especially if you're not experienced in the theory of Model View Controller (MVC) object oriented programming (OOP).
虽然我是框架的粉丝,但我同意上面的一些其他评论。从框架开始可能会非常混乱,特别是如果您没有模型视图控制器(MVC)面向对象编程(OOP)理论的经验。
Truth be told, I've seen a lot more unfinished framework projects in my day than apps built without a framework. If your application is written with some clunky PHP and the application takes off, then you can hire the necessary resources to move to a framework and get it developed to withstand a lot of usage and utilize resources effectively.
说实话,我发现在我的日子里有很多未完成的框架项目,而不是没有框架的应用程序。如果您的应用程序是用一些笨重的PHP编写的并且应用程序起飞,那么您可以雇用必要的资源来移动到框架并开发它以承受大量使用并有效地利用资源。
My advice would be to master PHP first, then move to frameworks. My last note on this, many frameworks have flaws as well - so depending on your application needs, applying the wrong framework could drive it into the ground.
我的建议是首先掌握PHP,然后转移到框架。我对此的最后一点说明,许多框架也存在缺陷 - 因此,根据您的应用程序需求,应用错误的框架可能会将其推向实际。
Just my 2 cents as a guy that has released a couple of enterprise apps successfully - without using a PHP framework.
只需2美分成功发布了几个企业应用程序 - 不使用PHP框架。
#1
20
There's nothing about using a framework that will impede you learning PHP, and using an established framework will reduce the security risk, as you'll be dealing with well tested code for handling common tasks.
没有什么比使用会阻碍你学习PHP的框架,并且使用已建立的框架将降低安全风险,因为你将处理经过良好测试的代码来处理常见任务。
At the core of most of the PHP frameworks in play these days is this simple three step workflow
如今,大多数PHP框架的核心是这个简单的三步工作流程
-
The URL is requested and routed through a central bootstrap index.php file
请求URL并通过*引导程序index.php文件进行路由
-
The URL name is used to derive a classname and a method name (and action method). This is your main entry point and where you start writing PHP to handle the request
URL名称用于派生类名和方法名称(以及操作方法)。这是您的主要入口点,您开始编写PHP来处理请求
-
At the end of this method, control is handed over to a view template, which has access to certain values you set in step two.
在此方法结束时,控制权将移交给视图模板,该模板可以访问您在第二步中设置的某些值。
Pick a framework, learn how it does the above, and then write any kind of PHP you want in the action method and the view template.
选择一个框架,了解它是如何做到的,然后在action方法和视图模板中编写你想要的任何类型的PHP。
Yes, there will be a lot of other PHP framework code in play, but you never have to look at it.
是的,会有很多其他PHP框架代码在运行,但你永远不必看它。
Yes, the framework will have a multitude of features and/or a "preferred" way for handling things, but you only need to use those you instantly understand.
是的,该框架将具有许多功能和/或处理事物的“首选”方式,但您只需要使用您立即理解的那些。
When you start noticing patterns of ugly, boring, or insecure code, take a look at the framework features again. More often than not after "doing it wrong" you'll get insights as to why the framework code did something in a particular way and you'll be happy to hand off the responsibility (I'd say ActiveRecord style models vs. SQL code is a big one here)
当您开始注意丑陋,无聊或不安全的代码模式时,请再次查看框架功能。在“做错了”之后,你会更多地了解框架代码为什么以特定的方式做某事,你会很乐意放弃责任(我会说ActiveRecord样式模型与SQL代码有关)这里很大)
As you start using the objet oriented systems the framework provides you'll start to get interested in how they're doing certain things, and then you can start poking at the core framework code.
当您开始使用面向对象的系统时,框架会让您开始对他们如何做某些事情感兴趣,然后您可以开始探索核心框架代码。
#2
4
Absolutely. Frameworks will do all the boilerplate code for you, providing you a higher level of abstraction. It will probably be easier for you to code without dealing with some of PHP's idiosyncrasies.
绝对。 Frameworks将为您完成所有样板代码,为您提供更高级别的抽象。如果不处理PHP的某些特性,您可能更容易编码。
Any half decent framework will also address security issues, so if you are new to the language, chances are your app written on the framework will be safer than the one you write from scratch.
任何一半体面的框架也会解决安全问题,因此如果您不熟悉该语言,那么您在框架上编写的应用程序可能比您从头开始编写的应用程序更安全。
#3
1
I wouldn't recommend starting with a framework to beginning developers. If you've got a lot of experience with other OOP languages, there shouldn't be a problem. But you should at least know the basics (syntax e.g.) before even thinking about using frameworks.
我不建议从开始开发人员的框架开始。如果您对其他OOP语言有很多经验,那么应该没有问题。但是在考虑使用框架之前,你至少应该知道基础知识(例如语法)。
#4
1
I would say it depends on your prior experience. It's not so much PHP itself, but the web server environment it lives in that can be distracting. If you're already familiar with the HTTP request lifecycle and have written web applications in a similar stateless fashion as you do with PHP, you shouldn't have a big problem jumping right into using a framework.
我会说这取决于你以前的经验。它本身并不是PHP本身,但它所居住的Web服务器环境可能会分散注意力。如果您已经熟悉HTTP请求生命周期并且以与使用PHP类似的无状态方式编写Web应用程序,则不应该在使用框架时遇到大问题。
If you come from a "stateful" background or no background at all though, the abstractions a framework offers can become a problem. You should at least know how to handle sessions, cookies, headers, $_POST and the like in plain PHP before having the details abstracted away from you by a framework. Also see this previous answer of mine.
如果您来自“有状态”背景或根本没有背景,框架提供的抽象可能会成为一个问题。你应该至少知道如何在通过PHP从框架中抽象出详细信息之前,在PHP中处理会话,cookie,标题,$ _POST等。另见我之前的答案。
#5
0
I think minimising the amount of custom code you are writing is probably a good thing if you are not confident in your ability to create secure systems (particularly for things like authentication). As a result, I think using a web framework in this way would be to your advantage. It will also allow you to familiarise yourself with the core of the langauge without worrying about peripheral concerns.
我认为,如果您对创建安全系统的能力没有信心(特别是对于身份验证等),那么尽量减少您编写的自定义代码的数量可能是一件好事。因此,我认为以这种方式使用Web框架对您有利。它还可以让您熟悉语言的核心,而不必担心外围问题。
#6
0
I have seen a few people (with a big previous OOP knowledge) to learn PHP and symfony simultaneously without difficulties.
我已经看到一些人(具有大量的OOP知识)同时学习PHP和symfony没有困难。
In fact, moving from PHP from an object oriented language is just learn a few conceptual things and the syntax and API of PHP itself.
实际上,从面向对象语言的PHP转移只是学习一些概念性的东西以及PHP本身的语法和API。
#7
0
In my opinion, there's nothing wrong with learning a framework at the same time as you are learning a language. There are already a fair amount of situations where this is the case by necessity. For example, most people learning Objective-C learn the Cocoa frameworks at the same time, most C# programmers will learn .Net along with it, even the JDK should be considered a framework which you learn along with the Java language. And for what it's worth, I learned the Symfony framework with very little PHP experience beforehand.
在我看来,在学习语言的同时学习框架并没有错。已经有相当多的情况需要这种情况。例如,大多数学习Objective-C的人同时学习Cocoa框架,大多数C#程序员都会学习.Net,甚至JDK也应该被认为是一个与Java语言一起学习的框架。为了它的价值,我事先学会了很少的PHP经验的Symfony框架。
#8
0
I would advice you to start with PHP turorial on w3schools.com. It is short and clear. You can learn all the necessary basics in one-two hours. In order to understand any framework you will need that. Then study the first and the second chapter from CakePHP cookbook and create your first CakePHP applications using their tutorials. On the rest I agree with Alan Storm.
我建议你从w3schools.com上的PHP turorial开始。它简短明了。您可以在一到两个小时内学习所有必要的基础知识。为了理解您需要的任何框架。然后从CakePHP cookbook学习第一章和第二章,并使用他们的教程创建您的第一个CakePHP应用程序。其余的我同意艾伦风暴。
#9
0
Getting started with a framework in PHP, also depends on the fact whether you have some prior programming experience and if yes, what kind of.
在PHP中开始使用框架,也取决于您是否具有一些先前的编程经验以及是否有什么样的。
If you have muddled in some other programming languages like java, c, learning a php framework simultaneously while creating your website might not be too difficult.
如果你在其他一些编程语言如java,c中混淆,在创建你的网站的同时学习一个php框架可能不会太困难。
Almost all of the PHP frameworks you will encounter use the MVC design pattern - if you understand the basics of MVC, if you have implemented or have gist of design patterns in other programming languages, then it will be quite easy starting with PHP frameworks.
您将遇到的几乎所有PHP框架都使用MVC设计模式 - 如果您了解MVC的基础知识,如果您已经在其他编程语言中实现或具有设计模式的要点,那么从PHP框架开始将非常容易。
Also your choice of PHP framework will be the deciding factor. If you employ PHP frameworks like Codeigniter, Yii, maybe even CakePHP which have comparatively smaller learning curves, you will find your path wellpaved for you in PHP. Although if choose some framework like Symfony, Zend - you might get frustrated in taking too much time in doing simple things, in turn blowing up your project.
您选择的PHP框架也是决定性因素。如果您使用像Codeigniter,Yii这样的PHP框架,甚至可能使用相对较小的学习曲线的CakePHP,您将在PHP中找到适合您的路径。虽然如果选择像Symfony,Zend这样的框架 - 你可能会因为花费太多时间做简单的事情而感到沮丧,反过来又会炸毁你的项目。
As for the part about security risk, all of the frameworks I mentioned above and some others I have not mentioned, have spent enough time on the stage to have squashed the security risks.
至于有关安全风险的部分,我上面提到的所有框架以及我未提及的其他一些框架都花了足够的时间来平息安全风险。
Hope this helps in deciding.
希望这有助于决定。
#10
0
Although I'm a fan of frameworks, I agree with some of the other comments above. Starting with a framework can be pretty confusing, especially if you're not experienced in the theory of Model View Controller (MVC) object oriented programming (OOP).
虽然我是框架的粉丝,但我同意上面的一些其他评论。从框架开始可能会非常混乱,特别是如果您没有模型视图控制器(MVC)面向对象编程(OOP)理论的经验。
Truth be told, I've seen a lot more unfinished framework projects in my day than apps built without a framework. If your application is written with some clunky PHP and the application takes off, then you can hire the necessary resources to move to a framework and get it developed to withstand a lot of usage and utilize resources effectively.
说实话,我发现在我的日子里有很多未完成的框架项目,而不是没有框架的应用程序。如果您的应用程序是用一些笨重的PHP编写的并且应用程序起飞,那么您可以雇用必要的资源来移动到框架并开发它以承受大量使用并有效地利用资源。
My advice would be to master PHP first, then move to frameworks. My last note on this, many frameworks have flaws as well - so depending on your application needs, applying the wrong framework could drive it into the ground.
我的建议是首先掌握PHP,然后转移到框架。我对此的最后一点说明,许多框架也存在缺陷 - 因此,根据您的应用程序需求,应用错误的框架可能会将其推向实际。
Just my 2 cents as a guy that has released a couple of enterprise apps successfully - without using a PHP framework.
只需2美分成功发布了几个企业应用程序 - 不使用PHP框架。