1. Prevent XSS, take a look at your settings

This is one that my friend and colleague Peter found. It seems the escaping settings in symfony by default are not good enough to prevent XSS. Check here for more info. 

2. Use plugins! (1)

There is a huge list of plugins already available for symfony. First thing to do when planning functionality is to check the list of available plugins for one that will fit your needs. This is Don’t Repeat Yourself (DRY) at it’s best.Why spend hours or days of your time implementing something that is already available with a simple plugin-install.

3. Use plugins! (2)

When implementing functionality into an application, use the plugin structure. This is one mistake I made when starting, I put all my functionality into a module. And sure, modules can be copied to other projects as well, but they definitely don’t have the same flexibility. Plugins are made for portability to different projects. Use them for as much functionality as possible.  

4. Use the symfony CLI

The symfony CLI is a very powerful tool. Not just for clearing your cache, but also for creating module skeletons, installing plugins, running your tests and loading your database structure and fixtures. But, also, you can write your own tasks! Use that power. Automate those tasks that you have to do regularly in a symfony task. Implementing a task in your data/tasks of your project or your plugin will enable this task immediately in your CLI.

5. Use the symfony community

The symfony community is one of the most active and most friendly I have ever encountered in open source. Little trolling, no hostility, no stupid responses to “beginner questions”. Instead, you get help. A lot of help. #symfony on irc.freenode.net is a fantastisch channel, the symfony-users google group and the symfony forum are all excellent resources. Add to that the excellent documentation (both official and community-driven on the wiki ) makes the learning experience of symfony one of the easiest and best learning experiences ever. 


Leave a Reply

Your email address will not be published. Required fields are marked *