CakePHP headaches at a glance

@jose_zap has replied to me regarding a tweet of mine comparing CodeIgniter and CakePHP and the different aspects of both technologies.

Since Twitter itself is way restricted into the 140 chars (which I like most usually - less offtopic and media) I will better blog this off here as a couple of things I don't like in Cake.

First of all, I've been doing Cake for a year and a half and have several projects up and running with different web services, sync mechanisms and so on. It's usually one of my preferred platforms (right after WP and Croogo which is actually Cake based) but it doesn't mean that I adore all of the features in it.

Auto recursive models 

By default linking the models in Cake sets a recursive level of 1 - so you get a direct access to level 1 of all corelated models. it is usually nice as you don't have to join or bind models every few requests. The bad part however is that every serious project (and even non-serious ones with more than 10 tables!) gets bloated with so much insignificant data not being used anywhere in the site. When we have a product which has categories and part of an order, which has a user and so on there are lots of queries back there and tons of useless data which leads to reduced performance and page load time. 

Yet again - very useful, especially for non-technicians who have hard time joining and so, but I get different requests from oDesk or local clients with old Cake sites that need optimization and fine tuning cause the site used to work at the beginning but the previous developer uses the standard recursive=1 settings and therefore the more the database records, the more hardcore the end results.

ACL

ACL is... well, it sucks big time in my opinion. It has a wrong concepts at the beginning, it is also hard to implement (lots of years technical background and lots of hours, if not days, trying to setup something that needs to be in the core). @jose_zap - I like Croogo's way of setting the jquery matrix of roles and controller actions and predefining the actions for each role. The UI plugin for the standard ACL is too complex in a usability manner and doesn't do the work.

Another thing is the role based auth. Cake does a pretty good job restricting different roles, but the autogeneration of MVC implies that no user-based authentication would be done or so. Another few projects of mine used to fix actions accessible via URL (no controller backend checks) and protecting every single add/edit and listing as index/view from unauthorized data listing. Or in other words - user number 2 is usually able to change the URL and see the listings of user number 3 or click the edit/5 link and edit the records of another user. It is not hard to implement it manually, but it takes time and having the logic predefined and working and generating tens of MVCs from tables opens lots of vulnerabilities out there.

i18n

What I don't like here is basically using one table for all translations by default. Once I tried setting different tables for i18n for the different DB tables but it was kinda tough for me to set up the models. Also the multilingual content with the localized data (so to speak i18n with the l10n together) had to be implemented by some third party tutorials with lots of app_controller magic in between.

---------

I had been able to fix all of the concerns above back then. It just happened for them not to be straight forward or workarounds are painful which leads to discomfort while coding or revamping an application.

These are my top concerns for Cake so far. Pretty sure I've had many more back there, but now as I do explore a framework, I usually look for several things first:

  • multilingual support
  • user management
  • security
  • design adaptiveness and plugins capabilities

I think I have some hard time with AJAX as well, but can't recall the specific projects with it. 

Be Sociable, Share!
  • Twitter
  • Facebook
  • email
  • StumbleUpon
  • Delicious
  • Google Reader
  • LinkedIn
  • BlinkList
del.icio.us Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati ReadMe.ru Dobavi.com Dao.bg Lubimi.com Ping.bg Pipe.bg Svejo.net Web-bg.com

3 thoughts on “CakePHP headaches at a glance

  1. Jose Rodriguez

     
    Hey, thanks a lot for this blog post. I really appreciate your feedback. I'd like to give you my opinion of each of your points, which I consider all valid weak points in CakePHP.


    Auto recursive models :
    Yes definitely this is a thing that is useful for non technical people or first time developers, and becomes a real head ache in bigger projects. In that sense the CakePHP team is working to change the Models in the next version of the framework. Meanwhile, I wrote a plugin connecting cake to MongoDb using the Doctrine library and can be found in https://github.com/lorenzo/MongoCake this library offers a Model class replacement to eliminate most of the pain point in current implementation. For new people looking to CakePHP reading this blog post, the solution to this point is dead simple: set public $recursive = -1 in your AppModel, your headaches are gone with just one line. This combined with the Containable behavior makes working with associations a bit more enjoyable.
    ACL:
    To begin with, and this goes to any developer in CakePHP, your do NOT have to use ACL to secure your applications or set permissions. This is optional, and in fact many developers implement simpler, smaller permission systems better suit to their needs. One of the most general implementations of a permissions system is ACL, and as any computer abstraction library it is hard to grasp and first. My recommendation to new developers: stay away of ACL unless you really, really need a general purpose permissions system.
     
     
    I18n:
    This is two sided. Language switching in CakePHP can be done very easily using the correct plugins. It is not bundled in the core because most people like to have their own preferences in how a language switch should be done. My recommendation: https://github.com/CakeDC/i18n this plugin offres Route classes to make all your urls language aware.
    The other side refers to using the translation tables. I agree there is a huge field of improvement here for CakePHP, and will definitely keep that in mind as a priority for next versions.
     
     
    CakePHP is a web framework, not a CMS. But its wide plugin availability can make it a very powerful tool. Here are a couple of user management plugins:
    https://github.com/steinkel/spark_plug

    https://github.com/CakeDC/users


     
    Just to prove how much plugins are there for cake let me post this repository of cake packages: http://cakepackages.com/
     
    Again, thanks for taking the time to write this post. We really love hearing back from the community.

  2. admin Post author

    Thanks for the quick response and interest too. Last time I spoke with Graham I have suggested that the 2011 fest could be done in Bulgaria but UK was the preferred destination by your time. If you have any interest in having fest in BG, contact me and I'll help with the organizational details. 

    For the ACL – for some reason most of my projects have granular permissions to be implemented. That's why I need something reliable and easy to integrate. There are lots of ACL-based extensions out there (I have also implemented one or two for my projects), but I truly believe that you could have done it more elegant and definitely a part of the core. Yet again, this might not be a CMS, but straight forward multilingual support and user management are a must. 

    For the multilingual part – please consider doing more tutorials (video or/and text) on that using the latest cake versions. I have several projects integrating i18n and l10n but I am sure that I will spend and extra time to remember what was it all about and find the correct resources. Most things are outdated and the cookbook is to be extended in these directions as it only points to the very general steps right now.

    All the best,

    Mario

  3. Jose Rodriguez

    Yeah, I remember bulgaria being one of our options this year. We will consider it again for future events. Thanks for your offering.
    I will discuss with the team what are the possible improvements we can do to the ACL system, perhaps adopt an official ACL management plugin or something like that. As for a single way of managing users, I don't see that coming, on the other hand showing our support for user contributed plugins is something more feasible.
    With the new book for 2.0 I will make sure I add a section with up to date examples on using i18n and perhaps a video in http://tv.cakehp.org
     
    Cheers,
    Jose

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>