1. Forum
  2. Newsgroups
  3. comp.lang.python

  • Re: New php project from scractch, PDO or psycopg?

    From J.O. Aho@[email protected] to comp.lang.php,comp.lang.python on Tue Feb 24 15:39:36 2026
    From Newsgroup: comp.lang.python

    On 24/02/2026 09.41, ^Bart wrote:

    I work in a company 100% unix like, we don't have MS o.s., and our
    framework works with psycopg on debian13+venv.

    I'm working to a personal cms written from scratch alwasy on debian13
    with php8.4, postgresql18 and nginx, now I'm using psycopg so I have a different user for the php and another one for the venv etc.

    I heard psycopg for security reasons and also for the performance is
    better than pdo, tell me what do you think about it! :)

    I think this is more about layering the application, the frontend I
    guess is written in PHP while the backend is written in Python. I would
    keep that separation and only allow the backend to access the database,
    also keep it on a such level that the backend don't trust the data from
    the frontend, that all data is validated before use, sure the frontend shouldn't trust the users and validate their input.

    Sure you could have been able to write everything in one or the other
    language (python can do both frontend and backend, as you can do with
    php too even less common), but I doubt you have the power to decide this.

    --
    //Aho
    --- Synchronet 3.21b-Linux NewsLink 1.2
  • From Lawrence =?iso-8859-13?q?D=FFOliveiro?=@[email protected] to comp.lang.php,comp.lang.python on Tue Feb 24 20:29:03 2026
    From Newsgroup: comp.lang.python

    On Tue, 24 Feb 2026 15:39:36 +0100, J.O. Aho wrote:

    Sure you could have been able to write everything in one or the
    other language (python can do both frontend and backend, as you can
    do with php too even less common), but I doubt you have the power to
    decide this.

    You could make the case to your PHP-loving PHBs to write the whole
    thing in Python on the basis that it is a more sophisticated language,
    with built-in support for async/await, advanced libraries for
    convenient access to WebSocket functionality etc.

    And it doesn’t need to run as a module in a web server.
    --- Synchronet 3.21b-Linux NewsLink 1.2
  • From ^Bart@[email protected] to comp.lang.php,comp.lang.python on Sat Mar 7 11:17:56 2026
    From Newsgroup: comp.lang.python


    Thanks for your reply! :)

    I think this is more about layering the application, the frontend I
    guess is written in PHP while the backend is written in Python.

    Frontend and backend (the admin backpanel) are written in php and I
    think I understood I should use PDO...

    I would keep that separation and only allow the backend to access the database,
    also keep it on a such level that the backend don't trust the data from
    the frontend, that all data is validated before use, sure the frontend shouldn't trust the users and validate their input.

    I need to know how to plan my project to improve security, my website
    and mobile app will be like a social network, I'll have (I hope!) a lot
    of users which will have their data showed on the frontpanel and a
    backpanel where the admin will manage all data and "power users" a piece
    of data.

    Sure you could have been able to write everything in one or the other language (python can do both frontend and backend, as you can do with
    php too even less common), but I doubt you have the power to decide this.

    Now I'm writing the project in my free time and I can do everything but
    I'd like to do the best things for security, I'm a Unix like users from
    1996, I use Debian from 2003 and also Kali for pentest.

    --
     //Aho

    ^Bart
    --- Synchronet 3.21d-Linux NewsLink 1.2