10 Questions about Django from a XAMP/MAMP pov

I’ve been using PHP/MySQL via the XAMP/MAMP packages on both Windows and Mac, and I’m interested in learning Django as I’ve heard its meant to make web development far faster.

Whilst there are frameworks for PHP, such as Cake, Zend, CodeIgniter and so forth, I am interested in finding out more about Django, perhaps even playing around with it on a Mac/PC.

However I am a bit put off because I don’t know how to approach Django from a XAMP/MAMP point of view.

Anyway, here are some questions:

  1. Can I run Django via XAMP, ie: is it a package so it runs with Apache without me reconfiguring everything? This is the one thing that put me off Ruby/Rails.

  2. Can I run Django just like a PHP/XAMP project, or does it require its own server? I’d rather just use Apache as that’s what’s used on servers and I don’t really want to be playing around with other servers.

  3. Does Django work with Apache, and does it cause conflicts with PHP?

  4. How does Django deal with XSS, Cross Site Forging, and sanitizing GET, POST, SESSION, COOKIE and other incoming data? How does it handle/deal with SQL Injections? Does it do it automatically? Can someone clarify the security measures put in by Django?

  5. PHP sometimes comes with extensions, like ffmpeg, or other extensions that you can load in, is Django similar to this?

  6. Does Django use stored procedures with regards to MySQL?

  7. How easy is it to debug Debug code? Could I use Eclipse editor, or another editor to view debug info?

  8. Is Django used on E-commerce websites? I’ve seen a lot of blog websites, and basic CMS but not many e-commerce sites.

  9. SSL and Django. How does Django work/deal with SSL?

  10. Is Django worth it?


I don’t know the answer to any of your questions, but a very quick google search found many resources, including these two:


Sorry I can’t help with your questions.


Thanks for your links, they do help a bit – but I am still stuck on something.

I am using a Mac for this experiment.

I downloaded the latest stable, extracted the contents, did this:

sudo python setup.py install

But the thing is I do not know where I am meant to put my HTML/Django files.

Can I still put them in htdocs? In the installation guide it says:

Once you’ve installed Python, Django and (optionally) your database server/library, you can take the first step in developing a Django application by creating a project.

A project is a collection of settings for an instance of Django, including database configuration, Django-specific options and application-specific settings.

If this is your first time using Django, you’ll have to take care of some initial setup. Create a new directory to start working in, perhaps something like /home/username/djcode/.

Where Should This Directory Live?

If your background is in PHP, you’re probably used to putting code under the Web server’s document root (in a place such as /var/www). With Django, you don’t do that. It’s not a good idea to put any of this Python code within your Web server’s document root, because in doing so you risk the possibility that people will be able to view your raw source code over the Web. That’s not good.

Put your code in some directory outside of the document root.

But where is var/www?

Why do I have to create a folder called: “/home/username/djcode/”?

Is it not possible to use htdocs as the main folder for all website builds, regardless of whether they are php or django?

It also says I can use/should use SVN, but I’ve already extracted the contents and installed it, ran the test via the Terminal and it seems to be there, so what’s the point of using SVN to install/use Django? Is it possible to build Django sites without SVN?


You may want to register at www.stackoverflow.com and asks your question there. Make sure to understand how that site works if you don’t already know before posting any questions there. Or wait and see if someone here can help you out.

Thanks for your help

hey, if you’ve found the answer or asked the same question on StackOverflow, can you please add a link here as well, might help newbies like me searching for the same answers. Cheers!

  1. Yes. But things are slightly different then PHP. mod_php loads PHP script from disk and parses it on evert page access/request (accelerators change this, of course). While Python works like this: code is loaded into memory when web server is started and you need to restart the web server in order to change this. There are work arounds with fastcgi that even work in shared/cpanel enviroment. As for development machine Django comes with its own development web server. And you can also configure Apache for development, of course.

  2. Yes, python works with apache in a multitude of ways. See http://docs.djangoproject.com/en/dev/howto/deployment/

  3. As long as Python is configured for other directories then PHP, no conflicts. I can give you a very precise answer here. I can tell though that we’re using PHP and Python on the same web site in a shared hosting environment.

  4. Django does escaping for user inputed data, for data that makes up a SQL query, for data that is rendered back in HTML (to avoid XSS). You can however shoot your self in the foot, but it’s more complicated to do it. For instance you can instruct the Django template not to do escaping on a piece of data.

  5. This is a Python questions. Good thing about Python is that is a pretty established language and there are lots of open source libraries.

  6. Very easy to debug, I find it easier then with PHP. We’re using Eclipse.
    Django has an awesome error page that contains call stack info, local variables, POST&GET data and much more (heard that PHP introduced this in a recent version).

  7. You won’t have any problems with SSL. We use it in some projects.

  8. Oh, yes! I wouldn’t go back to PHP :).

If you wish to run Django on Windows, you need practically nothing except to install Python and Django. Django has it’s own Web server which is ideal for development, for various reasons. For one, it doesn’t require any further installations besides the base one; also, when you change your .py files you need to restart the Apache instance, while the development server figures it out itself and you need to restart it on very rare occasions.

As I mentioned above, you don’t need Apache or even MySQL at all – just install Python, then install Django (instructions can be found on their respective sites), and go through the Django tutorial in its documentation.

Regarding “the servers”, by which you probably mean standard shared hosting accounts, you need one which supports Django specifically. If you find some such, you probably won’t have to worry about setting up, it should probably work simply by moving the files over. If not, consult your hosting’s support.

It works perfectly with Apache, and you may use a number of options to do that: mod_py, mod_wsgi etc. And there is no conflict with PHP.

Django has a number of features to deal with these, but I suggest you go through its documentation for more details. For example it has forms, which is a simple way to create and handle forms which deals with many attack vectors usually performed through forms.

Unlike PHP, Python is a full scale programming language, and all of its libraries are written in Python exclusively (in PHP, extensions are written in C). So you simply import various Python modules using the common syntax.

Django has its own ORM, which is much more complete and easier to use than anything you might have encountered in PHP. Unlike RoR, which bases its model objects on the database tables, you define your models in Python and let Django handle the database by itself. That being said you may always switch to writing raw HTML if absolutely necessary, which of course also supports stored procedures.


Absolutely! I’ve greatly improved my productivity since switching to Django; as an example, I re-wrote one (admittedly simple) Web app from PHP (where it took me a week, using my own framework) to Django in a single day, and all while being a total beginner in both Python and Django.


Thanks for the replies. I haven’t really chased up Django all that much; but my company is starting to ask about rolling modular-based CMS like projects faster – and I may look into Django further.

@GVRV – I didn’t create a thread on StackOverflow as I had a number of outstanding projects.

I still have questions and reservations about Django, but from watching a few video clips and tutorial it does seem a solution, but it is something to play around with.

There are lots of issues about moving over to a new language/framework, ranging from learning time to security to deployment.