Yii Framework - Do we really need another php framework?
Do we really need another PHP Framework?
About MeProfessionally developing software since 2003Focus on web, mobile and game developmentInto the gaming industry since 2008Former Lead developer – Web Games @GameforgeNow gun for hire: Eckert Internet Services
Yii?Yii is an acronym for „Yes it is!“, the answer to the most likely asked questions regarding a framework:Is it fast?Is it secure?Is it professional?Is it right for my next project?Pretty self-confident, hm?
Yiiwhat?Started in 2008 by former PRADO developer Qianq XueTeam of 7 core developersNo release for some months but active maintenance on GithubFacebook page & Google GroupSmall but professional community
Features at a glanceRAD Widgets (View helpers, ListView, GridView)AR, DAO, Query Builder, Database MigrationMassive Extensibility (DI, Behaviours, Events, Hooks, Modules …) => Useful Extensions!Nice RoutingGood security mechanismsScaffolding and Console Applicationslean, clean, reusable code
RAD WidgetsEasy menuGridView of (model)data Configurable in detail, or use as is!
RAD Widgets IIInstead of stand-alone widgets there are also widgets that work on your HTML
Active RecordWork with your database in an object oriented fashion
Active Record IIYiis AR is quite sophisticated!
Active Record – RelationsRelations are easy-peasy
Active Record – ScopesDefine WYG (What you get)
So Active Record is the holy grail!Active Record is convenientBUT: DO NOT use AR on data driven tables (like logs or tables where the throughput is high!)Every row is reflected as an objectThink!If the usecase doesnt favour AR, use DAO!Power <=> Responsibility
Data Access ObjectsUse it if you need lots of datasets at once.
Conclusion AR vs. DAOAR is convenient to useMost widgets support AR (but also DAO in some ways)Code generation through GiiIf you have tables where lots of records are accessed at once, use DAO!Dont stop to think because its easy to work with!
HooksEvery CComponent (almost everything in Yii) calls hooks before/after specified actions:beforeValidate/afterValidatebeforeSave/afterSavebeforeDelete/afterDeletebeforeFind/afterFindbeforeRender/afterRender… uncomplete list, also fired as events. Need to react? Just hook in!
Again: Think!Hooks and Events can trigger many actions without caring about them (Observer Pattern). So react on them wisely! e.g. User registers: Action to send mail to user is triggered Action to send mail to admin is triggered Creating a user profile Generating a pdf invoice is triggered ...
Security - XSSJust use the proper Widgets and methods:
Security - XSRFActivate XSRF tokenUse POST requests for important actions (like deleting, adding etc.) Thats all you need to do!
Extensions / ModulesModules are self-contained MVCs and nestableCan interact with core application. Nice for administrative frontend, JSON webservice etc.Lots of useful extensions already available
Console ApplicationsMost likely: CronjobsImplement in a MVC like fashionFriendly console:
Embedded Console ApplicationsGenerate message files from application (l8n)Generate new app skeletonMigrate database command… and some shell commands (code gen.)
And more...Easy Internationalization / LocalisationACL / RBAC (lots of options and possibilities)Caching on certain levelsPHP-Unit / Selenium SupportAlmost ALL Core Components are replacable by DI (Request, Session, Cookie, …) => maximum flexibility
Do we really need another PHP Framework? E S ! Y