Can you please tell if frameworks slow down the speed of the code? How will the code work faster - on pure php or on a framework? And does the framework protect against sql injections and from such things? Is it safe or not?

Closed due to the fact that it is necessary to reformulate the question so that it was possible to give an objectively correct answer by the participants andreymal , Suvitruf , 0xdb , dlarchikov , Sergey Glazirin 22 May '18 at 10:57 .

The question gives rise to endless debates and discussions based not on knowledge, but on opinions. To get an answer, rephrase your question so that it can be given an unambiguously correct answer, or delete the question altogether. If the question can be reformulated according to the rules set out in the certificate , edit it .

  • In general, it all depends on the framework. As well as your fast code writing skills. In principle, most universal solutions work slower than the code is exactly sharpened for the task. And the frameworks are trying to do exactly universal. On the other hand, you can write code on pure php, which will run slower than on a well-made framework - Mike
  • Yes - it slows down. On the net !!! functional !!! php will work faster (in general, it works slower), the framework does not protect against sql injections, protects libraries like ActiveRecord and common sense, security depends on the framework. Although about the speed of the code, I would think in the least - the difference is usually insignificant, most of the time is eaten by the exchange of data - Peresada
  • Yes, in any case, it will work slower than on pure php . So-so, tones of classes and dependencies. I do not sit on frameworks, since there is a lot of excess that can simply not be used, but will consume resources. I advise you to learn the language and write exactly what you need, but with the framework you still need to figure it out, just past the language itself. You can take the framework as a learning or borrowing of a particular functionality. - And

1 answer 1

Modern and supported frameworks are safe (especially if they are updated in a timely manner).

There is protection against SQL injections, but you need to be able to use this protection (read the documentation about the framework), otherwise even using the framework, an inexperienced programmer can prevent vulnerabilities. Bonus: the framework provides buns to protect not only from SQL injection.

Slows down? Yes, it slows down, a clean "Hello World" is generated faster, but it is worth understanding that most of the time we are talking about pennies (and the average user will not even notice the difference). But it should be understood that the framework in return offers you to save a lot of your time, a lot of useful functions, the structure and architecture is already implemented, everything is ready, the programmer can only concentrate on the task.

To paint all the benefits of frameworks is very long and someone can do it better than me. But in short: all normal projects use frameworks. Just read the documentation of any framework, look at the lessons and immediately understand how good the frames are.

About the time of work it is worth adding that in 99% of cases, page generation does not depend on the framework, but on the code that you write yourself.