On Wed, Oct 25, 2006 at 01:56:32AM +0200, ropers wrote:
> Ryan, Joachim (, others):
>
> You mentioned that you dislike PHP.
> I would be curious to learn your reasons for this.
> I'm not trying to instigate religious wars or the like, it's just that
> my programming skills are mostly nonexistant <cough>GW BASIC & shell
> scripts</cough> and I'm thinking of properly learning PHP, kind of as
> an evolutionary step, up from XHTML.
>
> Should a coding n00b like myself avoid PHP like the plague, or do your
> reasons only come into play once a certain level of programming
> proficiency is attained?
>
> Thanks and regards,
> --ropers
>
> PS: I probably could see that the mere fact that PHP does server-side
> processing could be seen as a huge downside as opposed to ECMAscript /
> AJAX, where processing occurs on the client side. OTOH, you're not
> supposed to trust the client -- and I know that pretty friggin large
> PHP-script deployments do exist, eg. MediaWiki/Wikipedia. (Then again,
> WP uses a slew of Squid proxies...)
Let it be said that PHP has huge advantages. Notably, it's very, very
popular, and as such a lot of stuff has been written to work in it.
It's also rather easy to write a quick PHP script. The fact that PHP
integrates well with web pages is a major plus for this kind of thing.
Performance is also not bad. A properly written FastCGI program in a
'fast' language like C should outperform mod_php, but there are not many
things that will - and for simple projects, the C program is liable to
take ten times as much time.
If you're into web development, it's likely that you will encounter PHP,
and it's a good idea to familiarize yourself with it. In fact, despite
my misgivings, I use PHP almost exclusively. As you might know, almost
all my web development is done for my students' association, and one of
the main requirements is that the whole site should work when handed
over to a commercial hoster, and that someone else should be able to
maintain it. In short, a Common LISP FastCGI-based application using a
custom ISAM implementation, while it could be really neat, is not really
what they're looking for. ;-)
PHP does have downsides, though. For one, it's horribly insecure - it's
very easy to write insecure scripts, and even if the scripts themselves
are secure there are many bugs in PHP and/or the libraries it commonly
uses. It's truly strange that a web-oriented language is not more
focused on preventing, for instance, SQL injection or XSS. (It is
possible to write secure scripts in PHP, and the hardened-php project's
patches do increase the security of the thing itself; still, it's not
good.)
The request-oriented nature of a PHP script, while it does make them
easy to write, has its downsides; this leads to the common abuse of a
database as a filesystem.
One could think of other downsides, but the insecurity is one of the
major downsides to me.
As to Javascript, that is a client-side technology; it would be useful
to learn at least a little about it, or a lot if you want to do AJAX,
but you'll still require some server-side scripting.
Joachim
