I'm not a troll and my goal isn't to start a flame war; neither do I mean to disrespect the authors of the Zend Framework: there is a lot of fine work in it. But... I have a job to get done and I'm having a hard time reconciling the popularity of ZF against the reality of building apps with it. I would really like to know from others why they use Zend Framework.

I am fairly new to the PHP world but I've done a lot of programming in many languages. After reading many tutorials and building a couple of apps in it, some core Zend Framework facilities feel like alpha code to me. For me the following fundamental weaknesses, among others, would seem too overwhelming to consider deploying apps with it - but over and over again ZF is suggested as one of the, if not the leading framework.

First let me say I find the much of ZF to be workable. Routing works pretty much as it should, the Layout facility is serviceable (though very different from templating systems such as JSP/ASP), as is the cache facility, etc. There seems to be a tendency in the community to stuff a lot of modeling (e.g. validation) and view logic (e.g. $this->headScript() - why should my controller have to care which js file my view requires?) into controllers but could be a matter of usage and not necessarily the framework's fault.

Now for a couple of really serious (IMO) weaknesses I've experienced in my short time with it. I shudder to imagine the other areas I will discover in the future if I continue to build with it.

1. Form Layout
Many people seem to be unhappy with the lack of control over form layout. How can you have a popular framework where constructing a simple form requires so much discussion? Question 1 and question 2.

2. Authentication/Authorization
No one really seems to understand how to simply perform routine authentication/authorization. People [including yours truly] struggle with implementing simple access control. Further, the approach seems to lean on serialization for persistence, rather than traditional database storage of users and permissions. A confusing example, a proposal to enhance the facility, a tutorial - part I, and part II. This is too much work guys!

Are my perceived weaknesses not real or somehow not a problem? Why or why not? Why did you choose Zend Framework (or not)? Are there other areas that you've found to be so painful that you want to dump ZF for a different approach? Thanks for your opinions.

Because they are good at Marketing

Zend's founders Andi Gutmans and Zeev Suraski are key contributors to PHP

And they have one of the most complete framework for php.

When you think about it; it's like saying:

"Our language isn't as performant as it could be, so we made a framework with caching that makes it faster"

• Most of what Zend offer, can be done without Zend.
• But Zend's package is a very good "All in one" distribution.
• They offer certifications and trainings.

One of the main benefits of ZF is that you can take any one of it's components and easily tie them in with your own (or a third party) framework with minimal modification.

Forms: The decorator approach is complicated, but bulletproof and priceless for applications with many forms. You don't care if you have 10 or 25 items in your form, the style is always the same. Saves you a great deal of work when you know how to use it. For users with simplier minds and goals there is always the viewScript decorator ;)

Auth/Acl: Never had any problems with these.

Zend_Auth::getInstance()->hasIdentity() //logged in

and

Zend_Auth::getInstance()->getIdentity()->role; //returns admin

For Acl:

$acl->isAllowed($who,  $where, $what);
$acl->isAllowed('roleAdmin', 'resourcePosts', 'create'); //returns true

Can be easily modified to match MVC:

$acl->isAllowed('roleAdmin', $module.ucfirst($controller), $action); //returns true
$acl->isAllowed('roleAdmin', 'adminPosts', 'create'); //returns true

Color me UNIMPRESSED with ZendFramework. Using Zend Framework is like welding a set of training wheels to your code. Anything you can do in Zend Framework is something you can do in raw PHP. (Remember ZF itself was written in raw PHP.) And you can usually do it with the same number of lines of code - written in a consistent style with the rest of your application. And, by using native PHP code, you're not locked into a niche tool that only a minority of PHP developers use. And you don't have to worry about compatibility with changes in ZF versions.

In my applications, I do all the same things that the ZF tools do, mostly by using simple PHP functions that have been around for years:

• validate form data
• cleanse form input
• handle files uploaded through forms
• manipulate and compare dates
• handle authentication
• send emails
• write to log files
• read from configuration files
• read external HTTP pages
• exchange in JSON and SOAP formats
• work with third-party APIs

I can't find much of anything in Zend Framework that is worth my time. And don't get me started on overbearing "scaffolding" frameworks like CodeCoffin, AppShackler, or Ruby in Chains.

ZF is a good starting point. I used zend_tool to generate a MVC skeleton of my middle-size application and used many other components (Zend_Cache, e-mail, translate, forms, session).

And I agree that form layout is complicated if you are trying to do it as Zend says - with decorators. There are ways to use just Zend_Form elements with validation and in your custom layout - without decorators.

I had a bad experience with Zend Cookies - I just could not set a cookie for my entire domain. Old good setcookie did the trick right.

About Acl - again, examples in Zend documentation and Zend_Acl do not work well sometimes. I used Controller plugin approach and my own "role based resource management" to control permissions.

I did not even try Zend Data Gateway - used Doctrine instead (I guess that is because I like nHibernate :) ) And connecting Doctrine was really easy.

I think ZF is good because you can use it as you like. I think it would be harder with some other frameworks.

Simplicity to build medium size applications. Until ZF you had to build your own "framework" to do medium size applications. Now is much more simpler.

I don't think decoupling and simple elements that can be used independently is the key to success. Is a nice feature, but is not the regular use.

Support and community size are relevant in the balance with other frameworks.

In terms of speed they are NOT better then other frameworks.

Wel, we are developers because we are supposed to be able to write "some" of our own code, arn't we? Frameworks not supposed to be wizards, just an added assistance.

I did not choose Zend Framework because at the time when I was evaluating PHP frameworks it was not a complete and integrated enough solution for building web apps. I chose symfony and since then I have never had a need to switch to anything else.

I'm not sure if it's the same nowadays, but I always thought of ZF as a component library rather than a framework. A framework has a somewhat more strict rules of doing things and often has better integrated support tools to help people do them. A component library is more loose in this regard. When the framework rules correspond to the requirements of most applications in the framework's domain, I myself clearly prefer this solution. This has been the case with symfony for me. I do use certain ZF components as needed, but never base my projects on ZF itself.

I use ZF for a few reasons: The host of nifty classes, lazy loading of classes, stand-alone usage of classes, and clean clear source. The first time I used it I needed to build an ACL system - a very big complex one. Zend_Acl helped tremendously.

I think ZF needs to work on it's docs and db classes. The db classes problems have a lot to do with PHP itself. So maybe it's some thing Zend wants to look into.

The OP is new to PHP. I agree PHP has it's flaws such as the arbitrary naming of functions, but generally it does make sense for HTTP and doesn't hide reality from you.

Form layout:

It's really easy. Decorators are a pain in the butt during your first contact with them, they're just black magic. Then you realise how useful they are and that you can do almost anything with them. When you finally hit a point where decorators are just not enough, you can just render separate form elements in your view or even write your own form HTML. Consider this example:

form

$text = new Zend_Form_Element_Text('text');
$text->addValidator('NotEmpty')->setRequired();
$submit = new Zend_Form_Element_Submit('submit');

view

<form>
<input type="text" id="text" name="text" />
<input type="submit" id="submit" name="submit" value="Send" />
</form>

controller:

$form = new Form_Whatever();
if ($this->_request->isPost()) {
    if ($form->isValid($this->_request->getPost()) {
        // code
    }
}

There you go. You have a form, you wrote its HTML manually, but you still benefit from ZF's inbuilt validation. Why? Because you still create the form object in the controller and feed it the data sent via POST. You still get your filters, validators, anything you want. With any HTML you want. And you can also plug an external view to the form if you want to go extreme :).

Oh, by the way, did you know that your forms are reuseable? Yeah, you can write one form and use it in multiple places. No hassle. That's what I personally like about forms in ZF (and dislike in CodeIgniter - which is a great framework too, by the way).

Authentication:

Zend Framework: Login password hash, email validator?

Yes, it's only a small piece of code. You basically copy and paste it in your projects.

As for ACL, you just create your rules and then check them whenever you need them. A one liner. Can't be simpler.

Personally, I think ZF is popular because it simply saves your money. If you put me in front of a project, I can guarantee you that I'll finish it twice faster if you let me use ZF instead of another framework I know. And probably a fraction of the time I'd need to do everything in baseline PHP. So that's about it: saving time = saving money. Or earning you extra money - but either of the two rules, right?

There is no need to use Zend_Form or Decorators themselves. You can just use plain HTML Forms and then inside Controller=Actions use Zend_Filter_Input like this. So you have best of both Worlds.

public function indexAction()
    {
        $this->view->title = 'Search Results';

        $filters = array('q' => array('StringTrim' , 'StripTags'));
        $validators = array('q' => array('presence' => 'required'));

        $input = new Zend_Filter_Input($filters, $validators, $_GET);

        if ($input->isValid()) {
            $this->view->messages = '';
            $q = $input->getEscaped('q');
            $this->view->q = $q;

            // do search
            try {
                $index = News_Search_Lucene::open(
                    SearchIndexer::getIndexDirectory());

                $results = $index->find($q);
            } catch (Exception $e) {
                $results = array();
            }

            $this->view->results = $results;

        } else {
            $this->view->messages = $input->getMessages();
        }
    }

I'm not sure if ZF is really the most popular PHP framework. I chose it after comparing it with other frameworks that do more stuff "magically" because they all seemed to hard to customize.

I think ZF is a good object oriented PHP MVC framework, but I don't agree with some ZF approaches. For example, I only use Zend_Form for filtering and validate data. All the HTML and presentation stuff are done at view scripts. The CSS is the responsible for the layout. If we need some changes most of the time changing only the CSS is enough. If I need to make the same form appear in many pages, I use it as a partial view script.

I don't like to have to write a Mapper for each Model and to create a Zend_Db_Table subclass for each database table. Instead I'm researching how to use other patterns for data access, or maybe Doctrine.

What I don't like about Zend_Acl is that stores the ACL information in the ACL file. I would like to store that information in the database.

The good thing about this framework is that is easy make things your way.

In addition to the previous answers, it is worth mentioning that in a recent pool at DZone titled Which PHP framework would you use today for a brand new application?, Zend Framework was selected to be the most preferable for new projects.