3. Ornithopter.io ~ Extremely fast, easy-to-use, hackable PHP 5.6+ framework

Ornithopter.io ~ Extremely fast, easy-to-use, hackable PHP 5.6+ framework

So let me address some of these points in more specific details. Overall I don't doubt your intentions. It would be good to have a simple to use, component based framework that was hackable and quick and obvious to get up to speed with. But I think the main problem lies with you implementation.

You should not roll your own bcrypt, because it can be easily implemented using core functions, with much less code, that has been peer reviewed, and is secure.

http://php.net/manual/en/function.password-hash.php

Likewise the core DB escaping methods a purpose built, peer reviewed, secure functions. By all means it would be advantageous to wrap these in more user friendly functions, but forgoing them entirely may lead to dangerous situations.

Yes you are right that I could use the templating engine of my choice. But what you are demonstrating is seems insecure by default. I would at least explain how to properly escape output and provide examples to do so. Otherwise it would be advantageous to explain how we would link up twig or blade to a controller, and install them via package manages, and autoload them.

The "really?" was to due to that you would rather skip being secure, then spending what should be an inconsequential amount of CPU cycles, on even a $5pm VPS. If you were at the point of the amount of logins and registrations was putting so much load on your server(s) that the hashing is becoming a concern, it's surely a win and you would hopefully be earning enough money to afford to scale up. Even if not, there would almost always be better places you could optimise first.

You say this was not polished for sharing. Yet you shared it on a major PHP bulletin board. Seems kinda contradictory.

There is no reason why you can't autoload or namespace, even when you are "copying and pasting" libraries. You don't have to use composer to use autoloading. It has been a feature for many years before composer even existed. And as above, by the time that the performance of autoloading becomes a burden on an application, there would have been many more opportunities to optimise.

In terms of coding format, I really don't understand. You use short instead of descriptive variable names. You sometimes put spaces between brackets for if, foreach, return statements, but nor always. You mix spaces and tabs. You mix short and long array syntax. The lack of braces is a choice I understand, but AFAIK it is considered better to always use them.

In terms of namespaces, they are typically used to prevent conflicts with other libraries. When you use the namespace helpers it has a high chance of conflicting. Typically a namespace is composed of a vendor name, and a package name which prevents conflicts.

/r/PHP Thread Parent Link - github.com
Previous
Next

Recently removed from /r/PHP

My company wants me to start having some PHP knowledge Longhorn PHP is November 3-5 (Thursday-Saturday) this year. Schedule's out, Early Bird pricing available. Small appreciation post for PHP8 What pragmatic value does PHP provide? Facebook PHP source code from August 2007 PHPStan composer license: MIT or GPL ? Are there apps that will send me an email when PHP errors happen? If so, what are some good ones I should know about? Valid concerns are raised about the JIT What is the perception (and value) of PHP in the marketplace today? Performance issues storing images in MySQL blobs? (high load website) PHP and the secrets of emergent architecture The PHP Desktop project is seeking companies to help make the project great again. Please see the Sponsors and Fundings sections on the project's main page. 5 Benefits of Choosing PHP Programming for Website Development PHP Weekly Discussion (September) TIL that json_decode() returns NULL if the json is malformed.

More Random Comments

[NSFW] What was the greatest length you went just to fuck someone? Partner is framing me by hurting himself then calling police. DESPERATELY seeking help Evolve Angry Review Let the good times roll... Do you guys genuinely not judge your clients, or do you just not let on that you're judging them? I've got a week, but not much time, to build an the Norgotha Necropolis. I think I am going to kill myself tonight. Unusual colours and why you're weird for wearing them. [Build Ready] First budget build, need some input Where do they even come up with these things? Too young to wed, by Stephanie Sinclair (x-post from r/MorbidReality) Skill critique please! Simple logic behind investing in index fund? [WP] You have been in prison for the majority of your life, today is your release day. Am I making a big mistake by wanting to leave my SO?