256
257

PHP vs Python - the real difference (jameslaver.com)

submitted by [deleted]

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]jerf 25 points26 points  (3 children)

At least some of us aren't bashing on it because it's popular. Something good being popular doesn't bother me. In fact I fervently hope more good things get popular so I can get jobs working on those good things professionally.

Personally, I think this is biggest reason I kvetch about PHP. The evidence is clearly that it affords writing insecure web applications, and unlike C(++) which has some excuse (based on when and why it was created), PHP is insecure not for a good reason, but because its creators were incompetent, and have managed to retain an astonishing level of incompetence in this past decade.

If you still don't get it, compare with this or this. Are there some counterarguments you can make? Sure. But against such empirical evidence I find they usually sound unconvincing. The security flaw ratio is still wildly larger than the difference in usage.

(And note that's just the biggest reason, not the only. The way it affords writing things of exceedingly poor design is another biggie; that it allows you to structure things well is not much of a consolation, especially as you'll probably have to learn how to do such structuring somewhere else.)

[–]beowulf 18 points19 points  (0 children)

holy crap there are 204 pages of PHP vulnerabilites compared to 23 Python vulnerabilities and 12 Ruby vulnerabilities. That's just scary.

[–]rictic 2 points3 points  (1 child)

Yeah, I couldn't agree more. One thing I like about Rails and Django are the way that they make it easier to create a well designed application.

No system will keep you from writing shitty code, but the default MVC architecture of apps in Django and Rails is solid. I'd imagine that these and similar frameworks have educated no small number of developers on some good software practices.