[nycphp-talk] security? we don't need no stinkin security!
Chris Snyder
csnyder at chxo.com
Fri Dec 5 12:35:50 EST 2003
David Mintz wrote:
>Yeah, I can see where parsing and loading 2500 lines of code of which you
>only need %10 is a performance hit in an interpreted language, -- leaner
>and meaner equals faster. But doesn't hardware evolve in the direction of
>faster, and isn't PHP itself's performance being improved so that it's
>ever faster at loading PHP code?
>
>
It's not just the performance hit -- which can be significant (fear the
Smarty demo) -- there may be security implications as well. (back to the
subject line?)
For rapid development or prototyping, there is no question that
(re)using classes a la Pear is an attractive option. Certainly for
specialized tasks (parsing mp3 ID3 tags comes to mind). But at some
point, you have to take a hard look at the 90% that you're not using,
and consider writing bespoke classes. Do this a few times and you begin
to see Pear as not so useful.
The nice thing about OO is that the rewrite only has to implement the
bits of the original API that your application uses. Not painless, but
not so bad, either. Unless the class you're replacing had an inefficient
way of doing things...
csnyder
More information about the talk
mailing list