2014-01-31

As I was faced with choosing the best PHP framework for a project in the spring 2012 I found Laravel framework to be easiest to pick up. It allowed me to build my first application in a structured way with clean and understandable code. Fast forward to this day, I have built plenty of applications with it (over 30 currently in production personal and for clients) of small to medium scale. From simple blog-like apps to complex CMS for e-Commerce websites Laravel has been a great and solid engine powering my applications.

When you choose a framework, you are looking for stability, good support, extensions and good community around it. I found Laravel to offer all of that and much more. The features like built-in caching, Eloquent ORM, easy environments, simple routing still  keep amazing me even now.

Of course if you are new to Laravel, you might be wondering about questions like these:

Who uses Laravel in the real world? Are any big names on the list?

Is there any data that shows rise of Laravel comparing to other frameworks?

Is Laravel worth the investment? Will it be worth to switch to it?

How secure is Laravel?

Will Laravel still be useful a year, two or three from now?

These questions are of high importance as choosing a framework is a lot like buying a car or a nice set of tools (drills, screwdrivers, wrenches, etc). You wouldn’t want to buy a knock off, right? The framework has to be reliable, secure and should come with some sort of “warranty” in form of community/creators support. I have prepared some data for you to take a look yourself about the trends surrounding Laravel framework as a tool. Let’s start with taking a look at who uses Laravel.

Who Uses Laravel framework?

Are there any big names using Laravel framework for their projects? Any well-known companies use it? To answer this question a few months ago I built a website called Builtwithlaravel.com. This website allows developers and owner submit URL to websites that are built with Laravel framework. Over the months there have been so many submissions that I now have to find somebody who can help me approve the entries. More and more websites are submitted every day to this gallery/showcase of projects made with Laravel PHP framework.

As a side note, with every passing week I see the domain names of submitted sites get shorter and shorter which means the projects are more expensive with some major funds to back up those short domain names.

Here is a small fraction of big name websites submitted to the showcase (the names are trademarks of their respective owners):

Toyota Hall of Fame

A great looking website Toyota Hall of Fame, shows off  legends of fantasy football. Includes a gallery, history, articles and videos:



Snappy

The company behind Snappy employs the creator of Laravel. Snappy helps you deliver awesome customer service. Their motto is “Customer Service, Simplified”. Snappy allows you to manage your support email, FAQs and reporting with ease. A customer service application, architected by Taylor Otwell (creator of Laravel) himself.



Bootsnipp

One of my own sites, Bootsnipp is one of the top 13,000 websites in the world by popularity. Just recently it was nominated for a Net Award as one of the best side projects of the year. It has enormous traffic and a decent user base all over the world. Bootsnipp was originally built on Laravel 3 and then rebuilt on Laravel 4 in fall of 2013. Despite the big load the website has uptime of 99.99% and has been performing well without any issues. Using Laravel made it possible for me to make this site quickly and to go from an idea to implementation in very short time.



Morgans Hotel Group

As stated by the person submitting the site, “Morgans Hotel Group is a hospitality company that owns & operates boutique hotels as well as acquiring and redeveloping in the United States and Europe.”. Their website has some of the nicest design I have seen done on a hotel website. It is truly mobile friendly work of art and I highly suggest checking it out:

Beside websites, Laravel is used to power lots and lots of mobile apps. Developer’s ability to build APIs with Laravel make it a great choice for powering the backend of mobile applications.

The examples above are just a few examples of some amazing websites built with Laravel framework. There are hundreds more on the Builtwithlaravel website. Feel free to browse around!

How does Laravel compare to other frameworks?

Well, this is a very difficult question to be honest. To answer it I want to use the following analogy.

Imagine that you are at Mercedes or BMW dealership. The cars are all top of the class, with lots of bells and whistles. Some are white, some are silver. Some have a kickass stereo system, some have heated everything-you-can-think-off seats. All these cars were a work of hundreds if not thousands of people and are a testament to awesome craftsmanship. I tend to think of frameworks as those top of the line cars. They have been thoroughly tested by lots of people. Hundreds if not thousands of people worked on a framework over the period of time to get it to the state it is in. What you end up with is just a matter of preference. To me some features in a framework might be not as important as they are to you. I chose Laravel because it was logical to me. As could be said, “Your mileage may vary”.

Please note, I don’t want to start framework wars. My advise is try out different frameworks and see what you like best. What I do know is that Laravel has been growing in popularity steadily over the last year. The chart below shows data from the Google Trends about search interest of the following frameworks:

CodeIgniter

CakePHP

Symfony

Laravel

Laravel’s popularity versus CodeIgniter, CakePHP and Symfony

As you can see from this chart, Laravel’s only starting to beat the most popular frameworks in terms of user interest and is growing steadily which to me personally is a big indicator that the community will only be growing for now.

The number of stars on github tell a bit different story. Laravel is leading the most popular PHP frameworks by the number of stars:

Of course it is pleasing for me to see my favorite framework slowly catching up to the indisputable (now becoming irrelevant) king of all PHP frameworks in popularity – CodeIgniter. My hope is that in two-three years time Laravel can attain such status and such spread as the CodeIgniter framework once did. With the direction Laravel is currently going, I am fairly confident that this goal can be achieved.

Is Laravel worth the investment?

My answer is definitely yes if you are using no framework for your PHP projects or using an old framework like CodeIgniter.

The company where I worked until I moved to Seattle area was using CodeIgniter for majority of its web development projects and no framework for the rest. Thanks to my boss for letting me suggest that we move some big projects over to Laravel, the company made an amazing progress in subsequent development. As the highlight of this story, I told my boss that I could switch the biggest project they had (took many hundreds of hours to do in CI originally) to Laravel within 3 days. Sure enough, after only 2 days(!) we had this whole massive project switched over to new architecture of Laravel with some incredible benefits. Efficiency of the future development of this project was improved at least three fold. After that all of our new projects were made in Laravel and the clients were happy with our timeframes for new features or modifications of existing features. It was worth the investment.

In my opinion if you use no framework to build your projects, learning Laravel would be a no-brainer. I can vouch for it because I came from the background of not using frameworks. Laravel’s features such as Eloquent ORM (easy database operations), Templating, Routing, Sessions make building applications enjoyable and consistent from project to project.

One of the top reasons I consider Laravel so dependable is the fact that it has been tested by thousands of developers worldwide. Every developer potentially brings some good feedback improving the framework and testing its components. Doing this alone is simply impossible. Ok, you say. But does this make Laravel secure?

How secure is Laravel framework?

Obviously, security is very important for any web application. How well can Laravel handle various attacks, SQL injection, etc?

While I am not an authority in this area, here are some of the things I know as a fact:

Laravel uses hashed and salted passwords – meaning your user’s passwords are never saved in the DB in plain text. It uses BCrypt hashing algorithm to generate encrypted representation of a password. What’s more interesting, hashing the same password will yield a different result each time. This is one of the strongest/fastest methods of password encryption to date (link to an explainer http://security.stackexchange.com/…)

Laravel uses prepared SQL statements which make injection attacks pretty much impossible

Laravel provides a convenient way to escape/unescape user input to prevent users injection of <script> tags and so on

Laravel community has been very responsive to bug reports related to security

A few months ago a user on Reddit was gathering info to conduct a comprehensive report on Laravel’s security for his company. I asked him to share the result. The link to the Reddit thread is here. While he could not reveal the report itself, he was pleased with what he found with his only negative remark about Doctrine library that was used in Laravel at that time. So to me it seems that while there are no security problems that are known at the moment, potentially they could stem from one of Laravel’s components (dependencies). No product or framework is 100% secure so I believe a statement of “Laravel is secure Enough” is what I would say in this case.

The topic of security needs more exploration and if the product you are building will be storing crucial personal data such as credit card numbers or social security numbers, of course you would need to do your own security testing of Laravel’s components.

Is Laravel here to stay?

I believe so. Even though the development of Laravel is led mainly by Taylor Otwell as of right now, he is not planning to stop working on the project. Taylor doesn’t work on Laravel for the money. It is something he takes huge pride and ownership in. Knowing how determined he is in making Laravel the best framework out there, I can attest to the fact that he will not stop any time soon.

It is rare for a technology to survive more than 3-4 years in face of the rapid changes around it. I think of Laravel as a great tool that I can use RIGHT NOW to make my ideas into reality. For my projects and projects of the company where I worked thinking 5-7 years ahead would be pointless. If you have a very big business, choosing Laravel would be a big commitment but like anything in business, it has its potential risks and advantages. I’ve been using Laravel for almost 2 years and it didn’t disappoint me even once.

The community around Laravel seems to be growing by the day, which means that the framework expands in how many knowledgeable and highly experienced developers there are. These developers could easily create a fork of the project and go in their own direction if they so desire. Though having Taylor as the head of the project has proven highly beneficial for Laravel and PHP community in general.

I hope with this post I was able to answer some common questions and hope you will give Laravel a try in your next project! Enjoy using Laravel and let me know if you have any questions/suggestions in comments!

Show more