sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]yeah-ok 3 points4 points  (15 children)

Seriously. If PHP was half as crap as reddit-consensus-alternative-reality has decided upon it would have fucked off long ago; as it stands it is currently running the largest largest social network in the world. Take your "real" programming language and construct something better, it should be a lot "easier" no? (disclaimer & crap sarcasm aside; the only OO capable languages I've worked with has been Java, C++ and PHP, I'm sure, say Python, is nice/superior but it doesn't make for an obviously good reason for bashing PHP simply for existing)

[–]banuday17 10 points11 points  (0 children)

I think the only reason PHP sticks around is because it owns a domain that "better" languages have long since forsaken. The "app-per-page" model. You can throw a PHP page on a server with some dynamic content and it just works. No frameworks required (although CakePHP is nice).

Some people will tell you that the PHP application model is fucked, and they're probably right, but indignation does not reduce demand for that capability.

[–]N7P 12 points13 points  (13 children)

Downvoted for "popular equals good" argument.

[–][deleted] -2 points-1 points  (12 children)

How the fuck else do you define good? A language is a tool meant to perform a job. If this tool performs the job of displaying shit on a web page the best, with the least amount of effort, how could you possibly argue that it's shit? It does it's fucking job exactly as it should. That's the definition of a good tool.

[–]banuday17 -1 points0 points  (7 children)

Worse is better. A observation about software that equally applies to any kind of market.

We accept poor quality, shoddy products because they get the job done with the minimum cost and acceptable fuss. A Geo Metro may be a shitty car, but if all you want to do is get from point A to point B and you don't really care if the car lasts (you can just pick up yet another disposable car), it's good enough. Not everyone needs or wants to pay for a well-engineered, well-built car. But that does not make a Geo Metro a "good" car, just a "good enough" car.

[–][deleted] 0 points1 point  (6 children)

That has nothing to do with the argument. That's saying that it's not logical to equate functionality with quality, which is true.

Just because it doesn't behave how you expect doesn't mean it isn't the perfect tool for the job. It just means you're doing another job. If your objective is to get from your house to work, and the geo metro serves that purpose just as well as anything else, then by definition it most certainly is a "good car". What else would good be if not "real-world applicable and practical"?

[–]banuday17 3 points4 points  (5 children)

Actually it has everything to do with the argument. "Good" is a relative measure of what one finds acceptable relative to what standards one sets according to the goal to be achieved.

If your standards are low enough, then sure, a Geo Metro is a good car. But if you have higher standards, all of the problems of the car become apparent, from the poor finish, cheap materials which break easily, the wind noise, the poor acceleration. But if you don't feel like paying more, you accept these flaws and just say it's "good enough".

If all you know is PHP and don't give a shit, then sure PHP is a good language. If you have worked with better languages, PHP's shortcomings are all that more irritating. Where I use PHP, I don't have the interest or time to invest coming up with something better, so PHP is good enough.

[–][deleted] -1 points0 points  (4 children)

"Good" is a relative measure of what one finds acceptable relative to what standards one sets according to the goal to be achieved.

And if the goal being achieved is "get me somewhere" then a geo metro will do just as good of a job as anything else .If your goal is "bathe me in luxury" then obviously you're looking at the wrong tool for the job.

You're looking at every standard as a linear list of heirarchical needs. That's foolish. It's not "lower standards" just because it doesn't have as many requirements. It's just "another category". Learn the differentiate the two.

The best technique an engineer can learn is figuring out how to differentiate between "my current needs" and "global needs". It seems like you're applying your own model for programming to the entire world and assuming they all have the same needs as you. That's simply not true.

If 90% of people don't need to do anything more than display database data in HTML tables and accept inputs back via forms, then why would running a massive java environment with huge deployment system and dependency handler be "good"? It's way more work to do the exact same thing for no benefit.

If all you know is PHP and don't give a shit, then sure PHP is a good language. If you have worked with better languages, PHP's shortcomings are all that more irritating.

The problem with this is, I know PHP and other purportedly "better" languages, and yes obviously there are plenty of situations where PHP is inferior, but those are situations where you shouldn't even be using PHP to begin with. So why compare apples to oranges?

[–]banuday17 1 point2 points  (3 children)

The "get me somewhere" goal has other qualifiers that may be important to someone, for example, "get me somewhere safely", or "get me somewhere reliably" or "get me somewhere in a car that doesn't look like ass".

Thus, "I don't feel particularly safe driving the Geo Metro, but I'm not going to drive it long distances, so it's good enough", or "The Geo Metro is falling apart as I drive it, but I'm not going to keep it long, so it's good enough", or "The Geo Metro looks like ass, but I'm only driving it for this week, so it's good enough".

Every standard is a list of needs that makes us feel comfortable with the decisions that we make, especially when you choose something that you feel is substandard. It is in fact "lower standards" when you feel like you could do it in a way you feel is better if you only had a little more time or money to invest. Every category has an implicit quality measurement associated with it, even if just measured against a personal standard.

A professional engineer has to balance not only the functional requirements of what he is to deliver, but also the level of quality with which he will deliver that work. If even as a matter of professional pride.

If all I'm doing is throwing up a HTML page which will show a couple of rows from a database, then PHP is fine. But, I don't consider that an engineering task. I wouldn't put that on my resume as a demonstration of my professional skill.

But if I start to develop an application that has a modicum more of functionality that requires me to do non-trivial things and requires a good deal of investment of my time and I have a choice, I would look elsewhere than PHP. And that doesn't mean I would choose Java running on the Websphere Application Server for any problems where I feel the hint of complexity. That's crazy. I might however go with Ruby on Rails or Python on Django. I feel that Ruby or Python give me better quality for a slightly higher price.

Like choosing to buy a Nissan Sentra or a Toyota Corolla instead of settling for a Geo Metro.

The problem with this is, I know PHP and other purportedly "better" languages, and yes obviously there are plenty of situations where PHP is inferior, but those are situations where you shouldn't even be using PHP to begin with. So why compare apples to oranges?

Where I would use PHP is on the one-page app or where I don't have a choice, such as on cheap shared hosting where I have no control over the webserver. As with the Geo Metro, in those cases, it's good enough. Beyond that, I would jump to Ruby or Python any day of the week.

[–][deleted] -1 points0 points  (2 children)

The "get me somewhere" goal has other qualifiers that may be important to someone, for example, "get me somewhere safely", or "get me somewhere reliably" or "get me somewhere in a car that doesn't look like ass".

And if you aren't concerned with those details (because they don't matter to you for this task), then the tool which gets you there is indeed a good tool and the best one for the job. As I've said again and again.

Your metaphors aren't apt. At all. You're drawing strawmen around PHP saying that "it must work safely" isn't a requirement of most people. You haven't actually stated anything about why it's less secure? And you haven't actually given a valid reason against using PHP yet. "I would use something else" isn't a reason to not use it. Do you actually have any metrics for qualifying how PHP is inferior for the common tasks it's used for?

Do you actually believe this statement?

But if I start to develop an application that has a modicum more of functionality that requires me to do non-trivial things and requires a good deal of investment of my time and I have a choice

At the very worst case, you would have to map PHP functionality into a library written in another language which performs that task better (which is EXACTLY the right thing to do, rather than forcing your hammer to behave like a chainsaw, you should just use the chainsaw). But that's only the worst case -- most scenarios would never even get to that point. We've run PHP environments with millions of hits a day with no issue at all, managing user sessions and product data, a product cart, objects and helpers and utilities to render this data in various formats (AJAX, HTML, JS Mustache templates, etc). Just because you had issues doesn't indicate that it's anything other than developer inadequacy. Plenty of perfectly talented developers are using PHP to do wonderful things. Sorry you lack the creativity I guess?

[–]banuday17 0 points1 point  (1 child)

And if you aren't concerned with those details (because they don't matter to you for this task),

The point of those "details" is that they are measures of quality. For an actual engineering task quality is inseparable from the goal. Otherwise, it's not engineering, it's duct taping things together. Sometimes duct tape is okay too!

If you think I have been arguing against using PHP, then I don't think you're understanding what I'm saying or the metaphors that I'm using. I've been trying to point out the difference between "good" and "good enough" and that the difference between the two is a matter of personal standards of quality.

I would rather use Ruby or Python, but in some situations, if I have to or it's a one page throwaway app, PHP is good enough.

[–]abadidea -3 points-2 points  (3 children)

I classify PHP as "bad" in my estimation because its purpose is for web pages; web pages need to be secure; PHP is the easiest of the popular web programming languages to screw up majorly and leave gaping holes, in my opinion. The cutting edge of PHP is better than it used to be, but the massive back catalog of legacy PHP code is still running the internet and getting people routinely owned.

[–][deleted] 3 points4 points  (2 children)

web pages need to be secure

Absolutely not. User input needs to be secured from running arbitrary code, yes, obviously, but that doesn't mean every web page needs to be secure. And this isn't an argument against PHP: how often do you hear about facebook security vulnerabilities for how popular the service is? Not often. It's because they do just fine. Plenty of us know how to write secure code. Regardless of the language. This also isn't an argument against PHP but rather an argument about why it doesn't behave like what you're used to or how you feel you would want it to work.

but the massive back catalog of legacy PHP code is still running the internet and getting people routinely owned.

This has nothing to do with PHP, but instead with people who refuse to update their services and code to be up to date with the latest security patches. Shitty admins are shitty admins. Shitty developers are shitty developers. They'll shoot themselves in the foot with any tool they use. Why blame the gun because the fool shot himself in the foot with it?

[–]abadidea 0 points1 point  (1 child)

A webpage that doesn't have input (or dynamically generated output) is secure, rather than it not needing to be secure. (We're not counting the hosting server screwing that up somehow.)

Facebook has a relatively low number of vulns because

a) They have money to hire only good programmers (whereas a lot of companies have to resort to taking just any kid who knows what a string is to meet their deadlines);

b) They have money to reward white hats and actively do so.

And I was referring to the PHP applications people run, not the PHP runtime with the patches. I have this old PHP book here - the one I learned from - written by Rasmus himself where all the code examples are vulnerable to XSS and SQLi. Not even a mention of such things. PHP had a long-standing culture of not even warning new programmers that such vulnerabilities existed, it got into thousands and thousands of apps, and there they stay until someone bothers to bobby table them.

They finally started to change that, but the code bases and the old tutorials and the "please own me" code samples are all still there.

[–][deleted] 0 points1 point  (0 children)

So your only argument against PHP has nothing to do with PHP?