Ruby on Rails vs Yii2

Ruby on Rails or Yii2: for what each solution is suitable?
24 July 2017   3649
Ruby on Rails

Framework written in the Ruby programming language

When it comes to web development, usually PHP immediately comes to mind - a language designed specifically for Internet applications. It has existed for more than 20 years, so it is not surprising that for such a period, many frameworks have been released.

However, the web environment is not only the prerogative of PHP. A worthy competition to this language is Ruby. He comes to the rescue, if it is necessary to create not a blog or a corporate site, but an atypical solution. However, sometimes you can find standard Web resources developed in Ruby.

In this article we will compare the two most popular frameworks for Ruby and PHP - Rails and Yii2.

Accessibility for beginners

PHP has a low entry threshold - you can start writing code quickly enough without even having any basic programming knowledge. Many web developers start with this language. Because finding a web developer familiar with PHP is not a problem. On the other hand, Yii is not the simplest framework, because it Requires certain rules when writing code.

Yii2 interface
Yii2 interface

Ruby on Rails is more complicated at the beginning of the path, but then it can greatly facilitate the life of the developer due to the abundance of magic and gems. And the language itself has many built-in useful methods, for example, for working with dates or arrays.

Ruby on Rails syntax
Ruby on Rails syntax

Performance

Rails is inferior in speed to work, because Ruby is basically a slow language, and the framework inherits this problem. Yii is not just faster than RoR, it's the fastest PHP framework. Therefore, to create a project that is critical to high performance, Yii is the only alternative among all other solutions in PHP.

Libraries and extensions

The total number of plug-ins is about the same for both solutions. However, thanks to the fact that RoR has been actively developed and supplemented since 2003, most of its gems are reliable, time-tested solutions with a lot of background information, both from developers and the community.

Debugging tools

The most popular debugging tool for php is XDebug. This powerful solution was one of the first with the system of control points and offers developers on Yii a really great set of useful features:

  • Complete information about the current state of the program;
  • Changing the values ​​of variables during the execution of the script;
  • Remote start with two session modes;
  • Built-in support for xdebug-client in most popular IDE for PHP.

True, using this debugger may require additional settings for the environment where the application is deployed.

In Rails Debugger gem is used, which provides only the basic functionality, has not the most convenient mode of operation and the need to manually mark the place for control points with the word debugger.

CRUD-applications development

In Yii, there are excellent built-in tools for creating CRUD applications. GridView, ListView and DetailView are fully supported, there is a feature of checking and searching for jQuery. Additional comfort is provided by automatic generation of code using Gii, which creates a sufficiently high-quality script that requires minimal revisions.

Ruby on Rails also can offer support for tools for working with CRUD-applications, however for full use of all features you will need to use additional modules, for example, JS-library Ext and plugin Netzke.

Documentation and support

Both frameworks exist for a long time and therefore have detailed documentation that makes it much easier to find answers for any questions. PHP, as a more common language, has a large community that actively communicates with the forums and supports Yii. However, Ruby on Rails also has an abundance of supporting information, and in thematic communities one can always rely on help.

The situation with technology is different. PHP supports any inexpensive hosting, so you can use Yii capabilities almost everywhere, which makes the framework suitable even for small projects. Ruby is a more niche language designed for complex web applications and startups, and not all hostings support it, and where RoR is available there are sometimes limitations - for example, installing gems through a ticket for Techsupport.

Final comparison of Ruby on Rails and Yii2

Yii2 Ruby on Rails
A popular language and a framework with a low entry threshold. A niche language that requires time to learn from scratch.
High performance Lower performance
Not the most convenient syntax and readability of the code. Excellent code readability, many useful built-in methods
Powerful and convenient XDebugger Debugger gem is used for a debugging, Inferior to the capabilities of XDebugger
Built-in CRUD application suppport Additional gems and plugins are required for CRUD support
Detailed documentartion Less detailed documentation
Possibility to install framework on any hosting Not all hostings support Rails and some have limitations
Suitable for small projects Suitable for bigger projects

 

What technology do you choose, Rails or Yii2?

What technology do you prefer? Ruby on Rails or Yii2? Or maybe you are already using some of it? Please, share your thoughts with the community. Also, after the voting, you will be able to see what people like the most. Your opinion is very valuable for the Hype.Codes team.

Yii2
66% (31 votes)
Ruby on Rails
34% (16 votes)
Total votes: 47

Ruby and Rails to Get New Updates

Six vulnerabilities in the RubyGems package management system are now fixed and three in Rails framework
14 March 2019   360

There are corrective versions of the Ruby 2.6.2 and 2.5.4 programming language, which eliminate six vulnerabilities in the RubyGems package management system:

  • CVE-2019-8324: the ability to execute code when installing an untested package (an attacker can place the code on the gemspec and this code will be executed via a call to eval to ensure_loadable_spec at the verification stage before installation);
  • CVE-2019-8320: the ability to delete directories through manipulations with symbolic links when unpacking tar files;
  • CVE-2019-8321: the ability to substitute escape sequences through the handler Gem :: UserInteraction # verbose;
  • CVE-2019-8322: the ability to substitute escape sequences through the command "gem owner";
  • CVE-2019-8323: Ability to substitute escape sequences in the API handler (Gem :: GemcutterUtilities # with_response);
  • CVE-2019-8325: The ability to substitute escape sequences through error handlers (Gem :: CommandManager # run calls alert_error without escaping characters).

In addition, an update was provided to the Rails 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2 framework. and 6.0.0.beta3 with the elimination of three vulnerabilities:

  • CVE-2019-5420 - potentially allows you to remotely execute your code on the server, when Rails is running in Development Mode. If there is information about the attacked application, you can predict the automatically generated mode token for developers, knowledge of which allows you to achieve the execution of your code;
  • CVE-2019-5418 is a vulnerability in the Action View that allows you to get the contents of arbitrary files from the server's file system by sending a specially crafted HTTP Accept header if the code in the "render file:" handler is present.
  • CVE-2019-5419 - DoS-vulnerability in Action View (MODULE / COMPONENT), allowing to achieve 100% load on the CPU through manipulations with the contents of the HTTP-header Accept;