CodeIgniter 2 vs. CodeIgniter 3

CodeIgniter 2 vs. CodeIgniter 3: What has changed?

CodeIgniter 2 has always been my first choice for building custom PHP-based applications. Even when CodeIgniter seemed to be languishing in mid-2013, I held on to hope for an updated version.

A year later, EllisLab announced that CodeIgniter development would continue under the stewardship of British Columbia Institute of Technology (BCIT). It is BCIT that has brought us CodeIgniter 3.

Now the question is: What has changed in CodeIgniter 3? How will it help developers with security, coding and authentication? Let’s review CodeIgniter 2 vs. CodeIgniter 3 to see what has been upgraded.

As a business owner, you want CodeIgniter 3 to meet the following important components:

  1. Security
  2. Performance
  3. 3rd party Integrations

#1. Security – CodeIgniter 2 vs. CodeIgniter 3
In the past few years security has become a huge concern for Internet-based applications. Hackers not only challenge websites, but also potentially harm users. Most major frameworks and CMS solutions release security patches regularly to ensure an up-to-date security system.

CodeIgniter provides security functions. XSS Filtering is one example. XSS Filtering usually protects from cross site scripting by using the following function: $this->security->xss_clean()

CodeIgniter 2.x had a bug in the xss_clean function though. Malicious users now can bypass the function and inject cross site scripting. Ellis Labs received many requests to have this bug fixed, but it wasn’t fixed until BCIT took over and created CodeIgniter 3.

With CodeIgniter 3.x hackers cannot bypass the xss_clean function to inject XSS. The new version has the following updates:

  • Cross site scripting
  • Header injections
    Base_url() will fallback to $_SERVER[‘SERVER_ADDR’], when $config[‘base_url’] is empty in order to avoid Host header injections.
  • CAPTCHA helper is changed to use the operating system’s PRNG.
  • This new version is more secure than version 2.x.

#2. Performance – CodeIgniter 2 vs. CodeIgniter 3
As a business owner, you want your website to function well, managing the load of many users and providing them quick search results. In order to meet this expectation, the website code has to be optimized.

The code functions need to fetch records immediately after a search is performed. The database plays an important role as data is fetched from the database via custom queries. So, in short, database functions provided by the code frameworks need to be written and used well.

When it comes to performance, we noticed a few bugs with CodeIgniter 2. CodeIgniter 3 has helped by making the following improvements:

  • Caching library: APC, Memcache has been added to improve performance.
  • Query builder method count_all_results() is fixed to not fail even when ORDER BY condition is used.
  • Database method improvements
    simple_query() has been fixed. In earlier versions this function executed queries without checking if the connection was initialized.
    csv_from_result() has been optimized for speed with larger result sets.
  • The library has been modified for a few other performance fixes.

#3. 3rd-Party Integrations – CodeIgniter 2 vs. CodeIgniter 3
One of the major needs today is bringing 3rd-party integration to your business website. The integrations can include Sales CRM data, Email subscription, Calendar schedule, or Social media accounts. These could be in the form of API, JSON, XML, iFrame, or direct query fetch. The framework you use for developing the website should be flexible enough to support them.

CodeIgniter has always supported integrations with 3rd-party libraries. This latest version is no exception. CodeIgniter 3 supports a number of 3rd-party file extensions and system libraries. Examples include ICS calendar file, Google Earth (kmz and kml) and PEM. One of the major changes is added support for DSN configuration setting for drivers that support DSN strings (PDO, PostgreSQL, Oracle, ODBC, CUBRID). All this makes the web application perform better.

Other Important Changes – CodeIgniter 2 vs. CodeIgniter 3
Besides security, performance and 3rd-party integrations, there are still many improvements in version 3.x. Here are some important ones:

  • Updated PHP: Increases security and performance
    CodeIgniter requires PHP 5.2.4 and recommends 5.4+
    PHP 5.1.6 is not supported anymore
  • File Naming Conventions: Improves standard coding practices
    Class file names now must be uppercase first and everything else lowercase
  • Database Performance: Makes queries faster
    The default database driver is changed to ‘mysqli’
    The old ‘mysql’ driver has depreciated

CodeIgniter 2 vs. CodeIgniter 3: What is best for my business and clients?
Based upon the facts mentioned above, CodeIgniter 3 is the best choice for new web applications. Other factors (e.g. Hosting server, Current PHP version, etc.) play into the decision. You may find that your business site can still be built with the older version.

The CodeIgniter Hands team has years of experience working with CodeIgniter-based applications. Our team has served many clients and still serve them using the CodeIgniter framework.

Email us to find out which version of CodeIgniter would be best for your next business project.

CodeIgniter Hands is a division of Rubico. Rubico has been providing quality custom web development services for over a decade to web companies and ad agencies. We are an agile web development company taking advantage of a globally dispersed team to deliver excellent results. Over 300 clients have been thrilled by the consultation, competency, increased capacity and cost effectiveness that Rubico brings to every project.

We create complex web and mobile applications. We bring together expert Indian developers – ranked among the top in their field – and India-based, American relationship managers, who provide stateside context for client’s needs and expectations. This combination creates a new kind of contracted development that doesn’t trade quality for cost.