An en-depth analysis of CakePHP framework

Why Cakephp?

Day by day PHP language is becoming popular for web development due to few reasons. Mostly due to its simplicity, anybody can quickly learn the language and create an easy web presence for his/her business.
The problem is, when the site becomes popular and hosts high volume of data, problem starts. It starts to have security problem and performance issue. Here comes framework implementation and performance tuning.
This is the major reason why competent open-source packages like drupal or other MVC based frameworks like cake or codeigniter are becoming popular.  On the other hand, development in plain PHP became old and time consuming. CakePHP is one of the leading MVC based framework mainly based on PHP language with its plenty of ready plugins and library functions.  In MVC,  presentation, application and database layers are separated by each other. This design pattern add many parameter in terms of security, stability, performance and finally strict standard of coding for developers. Apart from CakePHP there are several other MVC frameworks, but Cakephp have many plus points over other.
In developers point of view. CakePHP is very easy to learn MVC framework. You can do lot of stuff quickly. Integration of  other php plugins or class which are not in CakePHP is easy as well. The community support and cakephp books in cakephp official site are very much learner friendly. Developers will get all kind of stuff in form of plugins or component online.
In terms of security, CakePHP has given an extra effort. Cake has implemented database abstarction(ORM), which makes database interaction very secure. Even in future days if you think to migrate your database from mysql to any other database such as postgre or oracle, it will be 2 minutes of job for you. These database abstraction helps to get rid from sql injection. If a good Cakephp developers use the benefit of ACL component of Cakephp then other problem such as session highjacking by a hacker and unauthorize access of dynamic pages will be reduced upto 90%. Cross controller access is also very much restricted.
In terms of stability, Cakephp is highly stable than any other MVC framework. It is also very scalable during high data transactions. Performance wise cakephp improved its framework a lot in their latest realease i.e 2.3. Even cakephp has a very good component for using Memcache and APC cache. That can take the performance level upto 50% high.
A close comparison with other MVC frameworks:

Both CodeIgniter and CakePHP are best suited for object oriented programming and support the Model View Controller architecture which provides robustness and flexibility to a great extent. CakePHP is the better one when it comes to robustness and strictness of conventions, which is appreciated by a section of the programmer community which fears they might forget what convention they used in case they had to change something later. On the other hand, venturesome programmers see this as a shortcoming in CakePHP. CodeIgniter has a wide built-in library that serves most of the purpose of a beginner in PHP programming. For those ahead of the rest, CodeIgniter lets them create their own libraries or rather classes within those libraries barring the database classes. There are certain simple naming conventions that need to be followed. The flexibility of creating custom classes and modifying existing native classes is something highly appreciated by radical programmers, always itching to create something different.
Clarity of documentation and online support community of CodeIgniter is better than CakePHP, which makes it the framework of choice for toddler programmers and experts alike. An active community means that the framework is constantly evolving to include new changes which are highly desirable too. CakePHP on the other hand, is more in demand with hard core PHP guys for its robustness and superior auto-load features. ORM is another strong point of CakePHP. In terms of speed, CodeIgniter wins hands down. However, loyalists of the CakePHP camp see this more as hype than reality, which is understandable. CakePHP supports both PHP version 4 and 5, whereas latest version of CodeIgniter supports only PHP version 5.1.6 or newer. CakePHP supports Access Control List at the time of writing this content. CodeIgniter manuals have no mention of ACL at all.
At the end of it all, if you are a beginner looking for something fast and easy to use with very good documentation support then CodeIgniter has to be your best bet. Otherwise, choose CakePHP for its robustness, strict MVC, data sanitization and support for both PHP version 4 and 5.
Data abstraction:

It has data object modeling concept, It is a relationship factor which 1 model maintain with another. Thus the database abstraction become very high. Even data in database are also very secure. Here we have maintain the database interaction as per the cake rules, so SQL query injection is not possible here.

As cake provide easy database abstracion layer and changing database engine will not affect inner code in controller or model. For this reason implementing Memcache will be very easy as we dont have to change the query or the inner coading. If we apply Memcache here the application become 5 times faster.

Cakephp has its inbuilt library security components.
The Security Component creates an easy way to integrate tighter security in your application. It provides methods for various tasks like:
Restricting which HTTP methods your application accepts.
CSRF protection.
Form tampering protection
Requiring that SSL be used.
Limiting cross controller communication.
Like all components it is configured through several configurable parameters. All of these properties can be set directly or through setter methods of the same name in your controller’s beforeFilter.
By using the Security Component you automatically get CSRF and form tampering protection. Hidden token fields will automatically be inserted into forms and checked by the Security component. Among other things, a form submission will not be accepted after a certain period of inactivity, which is controlled by the csrfExpires time.
If you are using Security component’s form protection features and other components that process form data in their startup() callbacks, be sure to place Security Component before those components in your $componentsarray.
When using the Security Component you must use the FormHelper to create your forms. In addition, you must not override any of the fields’ “name” attributes. The Security Component looks for certain indicators that are created and managed by the FormHelper (especially those created in create() andend()). Dynamically altering the fields that are submitted in a POST request (e.g. disabling, deleting or creating new fields via JavaScript) is likely to trigger a black-holing of the request. See the$validatePost or $disabledFields configuration parameters.
Some positive points of Cake over other frameworks:

Reverse routing. This makes maintaining links in an application so much easier. This means if you change a controller’s name at some point, instead of search/replacing 200 instances of “admin/foo” with the new “admin/bar” (and hoping you didn’t miss one) you simply update the route in one place. Any links using the reverse route array will automatically point to the right spot at runtime.
Built-in ORM which I’ve always really enjoyed. I really like how the results are in $post['Post']['field'] format. Building queries is really simple and you can fetch (for example) a blog post and all of its comments in one or two lines of code.
Big community. Because Cake had been around so long you can find the answer for pretty much any question you come up with. If you can’t? They have their own website where you can submit questions, as well as (I believe) a mailing list.
Plugins. This makes re-using code super simple and help keep the app folder clean (if, for example, you are distributing an app that uses modules).
Team Appsbee

Leave a Reply