My conclusion: HHVM beats PHP-FPM by 20% to 45% at both request per second and average response time.
Well, if you also include database operation, the time margin should be around the same (the percentage may differ though), considering both HHVM and PHP-FPM consume about same time for database operation.
I ran the test for Lumen 5.2 and Laravel 5.2 using Apache Bench. The PHP version used is 5.6.13 and NGinx version 1.4.6.
If you are curious of “even better performance for Laravel”, try ReactPHP+NGinx (refer to http://marcjschmidt.de/blog/2014/02/08/php-high-performance.html) because it eliminates Laravel bootstrap’s code just being ran once at server startup, instead of ran at each request (See also https://github.com/php-pm/php-pm). But there is a fatal drawback: If your code throw uncatched exception, your server dies. Also other drawbacks such as reload server on code change and potential memory leaks.
If you need the test results / source code, just contact me. I don’t feel like putting them on this blog.
After 5 months development, the login feature turns out to be broken. Last time I remember it was fine before. So I tried logging in with my own account and I can log in normally. Then the developer points out that only newly registered users who was not able to login.
Then I open the users table and took my bcrypt-ed password and tested it online. Turned out my old account can be verified and my newly created account cannot be verified. Then I look into registration file at app/services/registar.php and dd-ing some variables. And tested the bcrypted-password online. Then I tried dd-ing bcrypted password (without inserted to laravel model) and it was fine!
So, my first conclusion was Storing password in User Eloquent model is different than the specified value.
apt-get update && apt-get upgrade
Then I suspect Laravel changed my password abruptly. I tested storing the password using plain text, and tested the hash, and it was verified!.
So, the conclusion is, laravel calls bcrypt function upon password assignment without developer consent, which is weird I think, as they changed the behavior that cause my-5-months-code broke.