HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
List of weakness
Vanilla has lot of strong points but nothing is perfect. Please do not take this as negative but rather there are room for improvements.
Here are my list of weaknesses that would make Vanilla even better!
- Support for Mysql strict mode
- More informative "Bonk" screen
- More intelligent cache and do away with manually "clear" the cache
- Cleanly relocate Vanilla "library" to location other than the default for purpose of web inaccessible to protect from being access by hacker and performance tuning loading from the local hard drive in the case of site that has a need to run from a network share
- Support IIS Rewrite Rules
These are what I have at the moment and I am sure others might have their view on what consider weaknesses of Vanilla.
Please keep it in the spirit of constructive feedback.
What are your view of Vanilla weaknesses?
6
Comments
Bonk information is for debugging, which isn't really something that should be broadcast to anyone but the site owner. However I think the 'bonk' message itself is becoming a thing of the past.
I would say more "intelligent" caching solution would be apc/opcache wrappers, as this is a more viable for non technical people to setup (often included their php installation). Memcache is also an optio. I believe the cache going to get smarter. File cache is not a viable solution, and should not be encouraged, except for tpl, ini, and other fragments.
Mysql strict mode should be viable, most of the problem appear to be data type / casting issues.
This beyond the responsibility of the framework. Relocating a folder doesn't automatically make it safe, and those that want to there are native ways. Sure some framework aren't for the style where the core is contained in the same directory, but that is part of the philosophy of Vanilla, to be transportable/transplantable and self contained.
There is minimum amount of knowledge required to be a web master, unfortunately a large sector fall short on that, and your average cheap host doesn't exactly help.
If anything everyone should encourage good file management practices, which includes actually understanding what that means. I think the era where telling folk to chmod 0777 is well an truly over. There is no substitute for understanding your setup, becuase there are no general rules, and you need to take appropriate measure for your case.
It is lack of specific measures, and bad generalized advice that has caused weakness in the past.
grep is your friend.
There is no one size fit all thing in this world.
I appreciate you take the time to share your view.
Any point of view will directly or indirectly help improve Vanilla as long as it is done in positive and constructive feedback.
Anybody else wants to share their view on this particular subject?
Thanks in advance.