CakePHP Visits New York
The New York subway wasn't cooperating with my schedule, and due to a problem affecting all uptown 4/5 trains, I was 30 minutes late to the talk. After speaking with Nate later, it sounds like I might have only missed a few minutes due to some technical difficulties he was having in the beginning. Here are some of my notes from the talk as well as the conversation we had over dinner and drinks later.
Cake has an array-based Active Record implementation. This is partly because Cake supports PHP 4 and tries to provide consistency between PHP 4 and PHP 5. For those wondering whether this cripples Cake's object support, Nate has this to say:
Cake brings PHP 5 OO constructs to PHP 4.
Cake supports scaffolding, although this wasn't demonstrated. Cake also includes a utility cleverly titled Bake. Not having any prior experience with Cake, it's not yet clear to me how these two features differ.
By request, Nate covered some of Cake's security features. As I've mentioned in the past, I think frameworks are a great way to help a lot of people implement safeguards and best practices that they might not have otherwise known about. For example, Django offers CSRF protection.
As you might expect, as long as you stick to the Cake way of generating output, it handles the escaping for you. It also sounds like it keeps up with character encoding consistency for you, but this is something I want to investigate further.
There is a feature to help prevent CSRF, although it isn't advertised as such. This is something else I want to investigate further.
CakePHP seems like a solid project with smart, passionate people leading the way. It is also quite popular: