Drupal has many more third-party modules.
But those modules are very opinionated and some are of poor quality,
even when you would expect otherwise (I've had problems configuring
the I18N module, and I couldn't do it to behave reasonably ... making
a Drupal website multi-language is a pain).
Development in Django is a lot easier, because the modules are more
generic and the development process is more predictable because of its
simpler architecture. This is not easy to demonstrate though. The best
thing you could do is to take some time to learn some Drupal
development (there's a book Pro Drupal Development on Amazon) ... and
then do a comparison between the two by implementing a feature,
measuring the lines of code written, going through the problems you
had, etc ...
Another thing you could do is to implement your own CMS in Django that
has most of the features managers are looking for ... most people will
not say no to something that's already implemented. If they still have
troubles deciding, then do a scalability test.
On Sat, Oct 31, 2009 at 6:44 PM, shacker <sha...@birdhouse.org> wrote:
>
> At the university where I work, there is a LOT of momentum behind
> Drupal. A large and active users group, and dozens of departmental
> sites running it. I've succeeded in building a few departmental sites
> with Django but still feel like it's an uphill battle convincing
> managers to agree to go with a relative unknown, both in terms of
> language (Python) and platform. Things like the announcement that
> whitehouse.gov switched to Drupal just cement the deal in many
> managers' minds.
--
Alexandru, Nedelcu
http://alexn.org
> Another thing you could do is to implement your own CMS in Django that
> has most of the features managers are looking for ...
That's *exactly* what scares the crap out of managers; custom code vs.
something "everyone" is using. You're almost making Drupal's case,
right there.
S
This is very true, but he can sell it as a cms with one of the many cms for
django[1]. Here he can pick one that matches the known requirements the
managers are looking for, then sell django along with the cms.
After that there are really only three main selling points, customization,
django has plenty of prebuilt apps[2] and the ability to build your own app
with ease. Secondly, speed of development, all php needs is header files to be
a poor mans version of C. Django has made making web apps almost trivial and
the most time I spend now, is on the ui (both dojo and jquery make this almost
trivial also), rather than the backend.
Finally, there is the maturity of the language. PHP is still adding in
features other, similar languages already have had. For example namespaces are
just barely a year old in php, initial release in the dev versions, less than
6 months for the actual first appearance in a stable release.
To quote wikipedia[3] on missing features from PHP:
"PHP currently does not have native support for Unicode or multibyte strings;
Unicode support will be included in PHP 6 and will allow strings as well as
class, method and function names to contain non-ASCII characters."
Seriously, in todays global world and well, for the past what 10-15 years,
hasn't this been mandatory?
I do not understand why web developers who use php, still do. I don't
understand why companies and schools support it. When there has been other
better languages to use, python, perl, java and haven't changed as much as php
has and still have more, better, what I call mandatory features, plus better
or equal performance. Well I do understand how it happened at first and
recognize it's not going anywhere. I just wish it would go back to the toy
bin/kindergarden for web developers to understand the nature of dynamic web
pages.
See the wikipedia page for related security topics also.
The only strength php has that I believe is a strength and a weakness is it's
drag and drop install. It's a weakness the same reason php security is, bad
web developer choices, like storing include files and other files with
sensitive information in web accessible directories. (Who remembers the
inlcude() hack or fread on a remote url?)
This is my main argument; the ability/maturity of the language itself.
I do think that a lot of people who use php are smart individuals and just
make honest mistakes that led to phps bad repution in security. But, by
default, because of the intelligence of the django devs in getting this part
right, that it is harder for new developers to make similar security mistakes.
Really only in a few places allow you to.
The reason I came to django, because of the language it's based in. Though
many a day I wonder how django would do as a C++ framework. I may find out one
day, but not in the near future.
Mike
[1] http://code.djangoproject.com/wiki/CMSAppsComparison
[2] http://djangozen.com/
[3] http://en.wikipedia.org/wiki/PHP
P.S. quoting me is fine, but I think the wiki page and links will make a
better impression, so I suggest paraphrasing me if you find any of this
useful.
--
Anyone who cannot cope with mathematics is not fully human. At best he
is a tolerable subhuman who has learned to wear shoes, bathe and not
make messes in the house.
-- Lazarus Long, "Time Enough for Love"
PHP has a large, and (perhaps more importantly) easy-to-find ecosystem
surrounding it. I think that Python's superiority as a language is
simply not open to debate, but if you are looking for "I need a
library that does <x>", PHP frequently has acceptable solutions closer
to hand.
And, as with PostgreSQL vs MySQL, shared web hosting is very strongly
oriented around PHP, and that (until the relatively recent rise of
VPS) was the primary entry point for a lot of web developers.
--
-- Christophe Pettus
x...@thebuild.com
It was a rhetorical question. Tho the same goes for MySQL. Why?
I do understand, I was there too watching and developing back in the early
2k's with php4 and first few versions of 5 helping clients cause I ran one of
those hosts. Sorry for not being specific about that. Truth is that we used
MySQL and PHP mainly because CPanel (and other virtual host control panels)
had the support built-in and made it easy for the users and less headaches on
us.
Mike
--
Squirming:
Discomfort inflicted on young people by old people who see no
irony in their gestures. "Karen died a thousand deaths as her father
made a big show of tasting a recently manufactured bottle of wine
before allowing it to be poured as the family sat in Steak Hut.
-- Douglas Coupland, "Generation X: Tales for an Accelerated
Culture"
Things like the announcement that
whitehouse.gov switched to Drupal just cement the deal in many
managers' minds.
How is it not logical? Product A is widely used, Product B is used less. Bad
Guy A. is smart enough to realize that product A if broken can be used to gain
him more presents because more users have it. This is because of the human
condition of laziness and the majority are not really paying attention to what
they are doing. This is a fact. If you're one that thinks about everything
they are doing, i.e. every litteral step yout take down the hall is carefully
planned. Then you are most likely going to avoid Bad Guy A, and be a
minority. I hardly meet people who do this, they just act without thinking.
Its illogical to think that everyone or the majority will not succumb to
laziness because this is our ideal goal as a society. Everything we build do
is to make our lives easier so we can be lazy without worry.
Mike
--
The chat program is in public domain. This is not the GNU public license.
If it breaks then you get to keep both pieces.
-- Copyright notice for the chat program
No, I did say 'product A if broken' -- keyword being if.
But Bad Guy A will try everything to put holes in django, and whats worse is
that he'll have a different perspective than you or I and might see something
that we didn't or someone else didn't and walla, we have a hole. We all know
there is potential for security problems in well established software that
aren't discovered today, because of this and human error in future revisions
and changes. Now am I saying the django devs are lazy or incompetent? If I
really believed that I would be using something else and calling you all
idiots for using a badly developed piece of software. No, I'm calling them
human, if they aren't human, then well aliens are finally proven.
> In which case why are the devels focussing so
> much of their time trying to make the app safe and secure?
> Should they not
> be better of lighting candles in the rain and praying that the bad guys
> radar doesn't function?
> I personally am of the opinion that constant
> harping on safe practices and not doing silly things like permitting code
> inside html (for example) will create an inherently safer app - and the
> bad guys will congregate elsewhere. After all bitbucket is big enough to
> be on their radar - and it got hosed - although I hear that was an amazon
> problem, not a django issue (could be wrong).
>
Open source helps this a lot, lets not forget this.
PHP application problems that we see are bad coding techniques, mostly in
older software that's been coded since php4 and updated for later versions of
php, which says to me that they didn't take into account half of the known
vulns today because they weren't known yesterday.
We also have to take into account all the ways a user might try to use our
software, because they are lazy and not always vigilent, which is the main
area that bad guys prey on. For example, redirecting after a login to break
the back button so the next user can't get the login form details. It's hard
to speculate everything a person will do, too many individuals with different
view points. Even using large test groups it's hard be 100% correct 100% of
the time.
In the end all you can do is prevent what is known today, hope that you've
covered for tomorrow.
Mike
--
Red Hat Unveils New Ad Campaign
Linux distributor Red Hat has announced plans for a $650,000 ad campaign. The
ads will appear on several major newspapers as well as on a few selected
websites. "These ads will be targetted towards Windows users who are fed up
but
aren't aware of any OS alternatives," a Red Hat spokesman said. "We feel that
there is a large audience for this."
One of the ads will be a half page spread showing two computers side-by-side:
a
Wintel and a Linux box. The title asks "Is your operating system ready for the
year 2000?" Both computers have a calendar/clock display showing. The Windows
box shows "12:00:01AM -- January 1, 1900" while the Linux box shows
"12:00:01AM
-- January 1, 2000". The tagline at the bottom says "Linux -- a century ahead
of the competition."
Agreed all the way across.
One of the reasons I use django is because it's hard to shoot yourself in the
foot and by making sure the lower level apis is where most of the important
security features we all want live, and makes customizing our own special ones
easy. Python, well it's the love of the language, postgresql cause of the
features it has, has had them a lot longer than mysql and a nicer memory
footprint.
And the latter part of your statement is exactly why we all think that open
source software is more secure than propietary software and swear by it.
Mike
--
Talkers are no good doers.
-- William Shakespeare, "Henry VI"
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=.