I am a cloud application architect with 10 years' experience in software development in several languages, including Perl, Java and C#. I'm an Irishman living in Calgary, Canada. GitHub on @cubikca.
Location
Calgary, Canada
Education
BSc. Computing and Info Systems, Athabasca University
I don't know that PHP itself is particularly well-known as being bad for security these days. Most of the PHP flaws come from the PHP frameworks like WordPress. And I'm happy to say that I've gotten rid of all the WordPress in my company, and that we will no longer be using it.
I've seen plenty of decent Laravel code. PHP itself is a capable language that, as demonstrated, can be used safely. Like any language, knowing defensive coding techniques is important. I have some other beefs with PHP, but I don't view the language itself as being inherently insecure.
WordPress isn't really a "framework" in the traditional sense and the core WordPress application isn't really the issue either. It's mostly the incredibly bad third party plugins you install into WordPress to extend its functionality. But I understand what you're getting at.
Wordpress is a CMS or an ecosystem, but not a Framework. 😀 Laravel or Symfony devs find the difference to be important distinction. Same goes for Drupal, although it uses a lot of Symfony components, it is not a "PHP Framework". A good analogy is CraftCMS which is built with the Yii PHP Framework.
Yes. Anyone keeping up to date knows that PHP isn't particularly different from other languages when it comes to security.
The easy way users can install WP plugins is one of its major features and also one of its drawbacks. But I'd be puffing air if I said how WP keeps up with security and performance issues associated with that.
Yeah, Laravel (and Symfony) enforces some good coding practices. It has been a good handrail to lean against when I started with PHP.
I'm curious what you went with instead of WP in your business, if I may ask?
I am a cloud application architect with 10 years' experience in software development in several languages, including Perl, Java and C#. I'm an Irishman living in Calgary, Canada. GitHub on @cubikca.
Location
Calgary, Canada
Education
BSc. Computing and Info Systems, Athabasca University
We didn't really use WP for much more than a blog, carousel and contact form. These are easily implemented by a number of low-code/no-code solutions like WebFlow and Wix. In general, we're seeing a trend of static sites moving to these sites as well as HubSpot and I'm supportive of this effort since I prefer servers I don't have to manage :)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I don't know that PHP itself is particularly well-known as being bad for security these days. Most of the PHP flaws come from the PHP frameworks like WordPress. And I'm happy to say that I've gotten rid of all the WordPress in my company, and that we will no longer be using it.
I've seen plenty of decent Laravel code. PHP itself is a capable language that, as demonstrated, can be used safely. Like any language, knowing defensive coding techniques is important. I have some other beefs with PHP, but I don't view the language itself as being inherently insecure.
WordPress isn't really a "framework" in the traditional sense and the core WordPress application isn't really the issue either. It's mostly the incredibly bad third party plugins you install into WordPress to extend its functionality. But I understand what you're getting at.
Wordpress is a CMS or an ecosystem, but not a Framework. 😀 Laravel or Symfony devs find the difference to be important distinction. Same goes for Drupal, although it uses a lot of Symfony components, it is not a "PHP Framework". A good analogy is CraftCMS which is built with the Yii PHP Framework.
Yes. Anyone keeping up to date knows that PHP isn't particularly different from other languages when it comes to security.
The easy way users can install WP plugins is one of its major features and also one of its drawbacks. But I'd be puffing air if I said how WP keeps up with security and performance issues associated with that.
Yeah, Laravel (and Symfony) enforces some good coding practices. It has been a good handrail to lean against when I started with PHP.
I'm curious what you went with instead of WP in your business, if I may ask?
We didn't really use WP for much more than a blog, carousel and contact form. These are easily implemented by a number of low-code/no-code solutions like WebFlow and Wix. In general, we're seeing a trend of static sites moving to these sites as well as HubSpot and I'm supportive of this effort since I prefer servers I don't have to manage :)