> My outlook is that code is liability. If I can get the job done without > "writing" code, that's probably what I'll do. Agreed.
Best, Sidu. http://c42.in On Thu, Jul 14, 2011 at 10:03 AM, Noufal Ibrahim <[email protected]> wrote: > Sidu Ponnappa <[email protected]> writes: > >>> many bitter experiences - security is a nightmare for php apps. Take a >>> look at the number of security updates wordpress has per *month* - more >>> than django has had in 6 *years*. >> That is based on strong correlation between PHP applications and poor >> engineering. >> >> If we're having a philosophical debate, the question then is 'What if >> there was a hypothetical, well engineered open source PHP >> application?' >> >> I'm torn. Purely philosophically, I would be fine dealing with it >> assuming I had the time to spare to learn PHP idioms, and that time >> was otherwise spent solving real issues and not problems caused by >> rubbish code. Practically though, PHP as a language makes my teeth >> ache, and from what I've seen well factored PHP programs spend a lot >> of time working around the limitations of the language. It's turing >> complete, but pretty much the only other language that I've used that >> I like less is XSLT. > > It has more than a fair share of rough spots but it also has it's own > advantages. > > I think PHP is like english in the sense, it's easy to speak/write even > when ones control over the language is minimal. YOu can get a whole web > site up and running quickly without knowing much. THis has spawned a > series of poorly engineered apps which (because worse is better) have > hit the net. > > However, there are really large deployments of PHP out there which are > quite stable. archive.org, facebook, wikipedia and (as I heard from the > recent PHPCloud conference here), Flipkart. So, given a good team, you > can get things right. > > This whole thing is a digression though. > > My basic point is that if there's a tool written already that *does* the > job you want done, would you stay away from it purely because its not in > your favourite language? > > My outlook is that code is liability. If I can get the job done without > "writing" code, that's probably what I'll do. > > Wordpress is probably the poster boy for poorly engineered PHP apps but > I'd prefer using it (and applying security patches when they come out) > rather than writing (and more importantly spending time maintaining) my > own blogging app in the latest and greatest Python framework. > > As for Kenneth's points on the LUG sites, they're simply poorly > maintained. A lot of high profile secure sites run on PHP so it's a moot > argument. > > > > [...] > > > -- > ~noufal > http://nibrahim.net.in > > Our similarities are different. -Dale Berra, son of Yogi > _______________________________________________ > BangPypers mailing list > [email protected] > http://mail.python.org/mailman/listinfo/bangpypers > _______________________________________________ BangPypers mailing list [email protected] http://mail.python.org/mailman/listinfo/bangpypers
