Top 5 Laravel "Bad Practices" (My Opinion)
ฝัง
- เผยแพร่เมื่อ 18 พ.ค. 2024
- I compiled the things that I consider a performance/security issue, let's talk about them.
Full article: laraveldaily.com/post/laravel...
- - - - -
Support the channel by checking out my products:
- My Laravel courses: laraveldaily.com/courses
- Filament examples: filamentexamples.com
- Livewire Kit Components: livewirekit.com
- - - - -
Other places to follow:
- My weekly Laravel newsletter: us11.campaign-archive.com/hom...
- My personal Twitter: / povilaskorop - แนวปฏิบัติและการใช้ชีวิต
7:55 "the overall message is, always validate the data from your users and never EVER trust them" ... words to live by!
Povilas, could you create a version of this article focusing on Filament. A "Top 'n' Filament Bad Practices" would be very welcome. A full course, perhaps, could emerge from this? 😊
Something to think about :) thanks for the idea
Bad Practice N. Not Subscribing to Laravel Daily.
I totally agree with you 😃
Thank you, that's really helpful
I worked on 3cr+ data in a single table. It is also important to db partition and indexing. Also do not use any hashing in where clause like md5().
Also use cache mechanism
By implementing these practice, data retrieval and manipulation become more streamlined, ensuring smooth and efficient database operations even at a large scale.
What do you use to write programming E-books?. People recommend Markdown but I find it cumbersome to think about its syntax as well the content you are writing
Yes I write in Markdown, got used to it. In Sublime text as editor. Early notes or plans I write in Google keep, without markdown there.
I love the vintage design of your gum road website!
One more bad practice I saw in projects in querying data directly from the view like {{ \App\Models\Posts:: newest()->limits(10)-get() }} in blade components
Yes, the violation of MVC became a "not so bad" practice and it's mentioned among the 17 in the tutorial. It used to be bad practice but then they released Livewire Volt... And turned MVC upside down :)
With vintage theme, it's actually default gumroad :)
thank you .. Long waited tips..
My "Bad practice" I used at the start of the product was to create all kinds of pricing with zero(around 9k pricing combinations with pricing plans and service plans). Now need to find a way to refactor it to stop creating that large amount of pricing without breaking the complete project. Because now those are the biggest tables in the project :(
When you made video course about the one and only "clean architecture" on Laravel?
When the one and only clean architecture is invented :)
There are many architecture options. I've talked about them in courses like "How to structure Laravel projects" or "SOLID code in Laravel", and others.
@@LaravelDaily Clean architecture takes project structure to the next level. OOP and SOLID taking to the perfection with strict separation of concerns
i think you shoud add another bad practise: especially in public method array as parameter it's bad for readeability and its shoud be replaced by object or DTO
I'm guilty of sending back error code with 200 code with the message of the error, i don't know where i picked it up or started doing it. I even infected my Codeium AI helper with this disease
I just throw an exception, or let it be thrown and let Laravel return it, be it the api route or front route 😀
What do you mean 2xx response with error inside is bad? It successfully retrieved the error!
😂
2xx - success
4xx - client error
5xx - server error
you forgot the tags :D somebody already obviously didn't understand.
😂😂😂 Joker
Hahaha
Hey do you recommend Octane? How can we use it?
You need this fresh video by Aaron Francis: th-cam.com/video/YGBvdAWt0W8/w-d-xo.htmlsi=zXo9YF-rVy04wNeY
@@LaravelDaily I have watched his video with some other videos but that's all just theory there isn't any detail tutorial to use octane in an actual Laravel working application
Because almost no one is actually using it. 99.9% projects don't need that kind of boost, the performance problems are usually inside the app.
But you can Google something from spatie, I remember they mentioned using octane but don't remember if they released tutorials about it.
@@LaravelDaily thanks
Not using Authorization for actions, is also considered as bad practice
For what kind of actions?
@@bumblebity2902 It could be either Controller actions or Livewire actions. Imagine this situation: we have a URL like /store/1/show, where we display a store using its ID. If we didn't set up authorization for the "show" method, I could just change the ID in the URL to something else and see a different store that isn't mine.
Another situation could happen with Livewire. For example, we have something like wire:click="delete(1)". I could easily right-click and choose "inspect element", then change it to wire:click="delete(2)", and this action would be performed instead.
When your company's codebsse is guilty of all these😂😂
What is your company's product? Asking for a friend.
@harshmudhar96 only thing I can say is its animation related
Can you provide the link to your project?!
@droidTV-ij4ct oh sorry I can't
NDA
Bad practice: not using DI container for binding preconfigured instances. I've seen $stripe = new \Stripe\StripeClient(config('stripe.api_secret')); way too many times man.
Another bad practice is using env() directly in your code without having a dedicated config in config/foobar.php. Just like not using DI, it makes overriding stuff more difficult. Especially when libraries do it, this is terrible
The second one is included in the list in the article. The first one is pretty rare and does have that big impact imho.
Bad practice: applying htmlentities() twice instead of just once. Check your article page title ;)
Thank you, well noticed! :)
Fixed now.
yeap, is_admin = 1 xD
... put the is_admin=0 into cookie and then use it from there 🤣
U would cry if i saw the code that my company writes... (I do every day...)
Why would you gracefully hide a serious system error (a model didn’t exist where it should)? If the system is broken, fix the system. Don’t hide the error!