I get the nature of your comment, but you have to acknowledge that this does nothing to address any of the actual issues that many devs have with PHP. It's not just a problem of perception.
There are problems with php? It's not the prettiest language, but people have been building insanely successful businesses on top of it for years. Think Facebook.
It's coyote ugly, but it works. At least most PHP devs don't have the attitude associated with other popular web frameworks. They focus on getting things done.
As a disclaimer, PHP is not my go to language, but I've done some ugly scaling experiments with it. I'm just tired of the PHP isn't cool, let's mock it with no actual valid arguments that is common.
I loved PHP at first too, but the more I started to do serious work in it, the more I grew to hate it. There's so many better languages out there these days, but PHP seems to live off the hype it gained when it was basically a choice between CGI/Perl, Classic ASP and PHP.
PHP ended up annoying me so much that I switched back to Perl (using mod_perl for performance critical stuff). However my latest project is being written in Golang (I know it's all just personal preference, but everything that I hated about PHP, Go seems to get right)
I loved PHP at first too, but the more I started to do serious work in it, the more I grew to hate it.
I can second that. It's great to get into quickly and just hack something together.
But it has lots of problems. Admittedly the devs have begun addressing a lot of issues - like the database access one, where you had just a bunch of functions that didn't even offer auto-escaping and resulted in a lot of unsafe sites - but the old stuff is always kept for backwards compatibility, which means that a lot of sites just continue to be unsafe.
I think a lot of those problems are stemming from the fact that php doesn't have any sort of built-in module system and everything is just on the root level of the language. There are optional namespaces, but even for those they use "\" (like \parent\child), which IMHO is just about the worst choice ever.
Then you have issues like the devs just pushing out a new version even though like 99% of their tests failed (but hey, apparently they at least have tests).
And of course you have the never-ending story of bad php-developers which came into the field because you can just hack stuff together with copy-pasting googled code-snippets and not understanding anything. Seriously, if anyone thinks this issue overstated - it's not. If anything, it is understated.
I have seen productive systems over which money in the tens of thousands of Euros came in which had hidden fields in the HTML containing complete SQL queries which even included the price (apart from the obvious downfall of enabling someone to just POST a 'DROP TABLE' statement, etc.). I have seen systems with something like static 5-digit user authentication tokens that would show up in the URL; You could just sit behind an admin, note the token and be an admin forever. And of course I have seen the ugliest, completely unmaintainable mess of code that would be humanly possible, with no documentation whatsoever (of course).
I also heard from a friend who had to fix something in the C-code making up php about hundreds of lines of codes being copypasted to different locations twelve times. While I haven't verified that for myself, it's not something I'd be surprised about.
Then of course there's the issue of php's design. For one your complete software has to be loaded for every single page view, which is just really fucking inefficient. But having the application not run continuously is also a problem if you want to write any sort of real-time application, which are going to become more and more frequent. You can do stuff like long-polling, but that's just another ugly hack. You might of course be able to have another hacky solution with continuously running php-cli with FastCGI or something like that, but even if that would work in principle, some php script would just die within a few minutes and the site'd be dead.
TL;DR: For small projects that may be hacky and potentially insecure, php is fine - For everything that is supposed to be proper, secure or highly performant I recommend you stay away from php as far as you possibly can. Everything else will just result in huge frustration.
I have seen productive systems over which money in the tens of thousands of Euros came in which had hidden fields in the HTML containing complete SQL queries which even included the price (apart from the obvious downfall of enabling someone to just POST a 'DROP TABLE' statement, etc.). I have seen systems with something like static 5-digit user authentication tokens that would show up in the URL; You could just sit behind an admin, note the token and be an admin forever. And of course I have seen the ugliest, completely unmaintainable mess of code that would be humanly possible, with no documentation whatsoever (of course).
To be fair, only the last thing you list could but doesn't have to apply to PHP, and mostly refer to incompetent practices which could be applied with any language. I'm not going to be a PHP apologist, But I do remember a couple of weeks when it looked like every day there was another exploit in Rails (which is not Ruby blah blah blah) or a problem with exposing app tokens or something. Do I get to say Ruby is a toy language because at some point the YAML parser allowed for remote code execution?
Of course not, because that problem's been (I assume) fixed. The SQL libraries are being deprecated in PHP, it's had parameterized queries for a while. You can do secure cookies and sessions. People just don't -- it's not as integrated a community as with Rails and Python. You can't just say "everybody update your repos" and then the problem goes away, unfortunately. But that's an issue with education, and deployment, not necessarily the language.
I also heard from a friend who had to fix something in the C-code making up php about hundreds of lines of codes being copypasted to different locations twelve times. While I haven't verified that for myself, it's not something I'd be surprised about.
> Once you start having separate operators for each type you start making the language much more complex. ie. you can't use '==' for stings, you now would use 'eq'.
I read up to the point where the author quoted this part from the PHP documentation. That is when I had to stop and go on that page to see if that is actually what they said there. It is.
As an avid PHP user I'm afraid the remaining 1/3rd is truth, the article really is rather biased and in some places not really factual but I'm the last person to deny PHP can improve immensely in some area's.
I once went to a PHP uncon some years ago where 2 members of the php core/extensions team were present, when we got the chance to ask them questions I popped the question "Why doesn't php take the opportunity to fix a lot of the function naming issues, the incosistent argument order, etc ... when releasing the next major version" and their reply was that they don't want to break backwards compatibilty too much. That's plain BS imho. Any non-dot release can break backwards compatibility, especially if it moves the language forward.
I don't agree the breaking BC is a bullshit statement. We all saw how long it took for the majority of PHP users to be able to use PHP 5 due to hosts not upgrading. If all code breaks then we'll end up with two branches of PHP for the developers to maintain for very, very long.
The question of whether or not to break BC basically boils down to doomed if you do; doomed if you don't.
I agree with the idea, but there's room for a coordinated effort nonetheless. From a naming consistency standpoint on strpos vs str_replace, for example, we could have a new set of function names aliased to the old, and let those run in parallel for a while, with deprecation notices on use of the old ones. Ugly? Perhaps, but it's a way forward to standardize the internal function naming without breaking BC overnight.
Not quite for the same reasons it seems. But, since they already do do this, why not take on standardizing function spacing? strpos would become str_pos, etc.
That's why you issue depreciation warnings over the lifetime of the next major release but support both naming conventions rather than just nuke the old function names.
Valid complains that can be made about it, just like about anything else? I've watched people who don't know C++ bitch about C++ for 15+ years referring to lists longer than this one, and it's still one of the most successful languages in the world. PHP is like the C++ of scripting languages - not the prettiest and there are plenty of things to (legitimately) complain about, but stable, well-understood and used by people who are interested in results rather than getting to those results in the most 'elegant' way.
"Beauty is more important in computing than anywhere else in technology because software is so complicated. Beauty is the ultimate defense against complexity." — David Gelernter
Elegance is not all narcicism, hacking up with none is a recipe for disaster.
I left PHP around the time that v5 was recently released and v4 was still common, as did a lot of people (moving over to Python and later Ruby+Rails). I think a lot of people put PHP now down using their experiences of PHP4 (awful "object" features, irritatingly inconsistent standard library, ...) and PHP4/5 transition problems (which IRC were not really massive, but many libraries didn't deal with the compatibility breaks quickly so there were for a while issues knowing which libs and example code outside the "standard" library were compatible with 4,.x, 5.x, or both) before migrating away.
I assume a lot of the above has change considerably in the intervening years, but I think a lot of people assume instead that it is just as bad as it was when they migrated elsewhere.
That and there is a lot of bad code written in PHP largely due to its perception of being a beginners language (any environment that is easy for a beginner to dive into tends to make writing bad code as easy as it makes writing good code).
> It's not the prettiest language,
That I take as understatement, though I'm still supporting some ancient "classic" ASP code (fingers crossed that legacy will finally be stomped out by the end of this year...) so I can conclusively state there is worse in use out there!
> but people have been building insanely successful businesses on top of it for years. Think Facebook.
Agree. PHP is actually still my goto language for web stuff, even if today its more or less moving to the backend only. The language itself isnt very nice but i simply love the symfony php framework. Ive been using it since 2007 and the 2.x version produces very clean code, is extensible in any way imaginable and just lets me get stuff done really quickly.
I think not many people know how mature the tools in the php ecosystem are today, many people that switched to rails or whatnot years ago still think of PHP as it was 10 years ago, and yes that was horrible.
I use Symfony 2 a lot myself and more recently Laravel 4. While they are definitely solid frameworks I find that the Java-esque level for abstraction in the code base makes debugging a big pain at times. Especially in Laravel 4 which is mostly a layer of static methods on top of Symfony 2.
Also developers who split the project into many bundles...all those directories and namespaces. Really irks me. At least Laravel 4 solved that problem though.
What you are referring to is not "just" static methods. It is known as the Facade pattern and was utilised entirely for the increased testability it provides. In light of that - the comment about debugging rings slightly hollow.
Furthermore Laravel 4 uses the whoops error framework - which provides very in depth errors.
Yes, just quoting the docs: "Facades provide a "static" interface to classes that are available in the application's IoC container."
Your comment on Whoops rings a bit hollow because it was only added a few weeks ago. I was using it before it was added but it certainly helps. That was before Laravel hit 4.0 stable though.
Whenever something didn't work for some reason, digging through the abstraction that is Laravel+Symfony could be frustrating. Thankfully Symfony 2 has good API docs.
You are using a proper IDE with XDebug or Zend Debugger installed, right?
I don't mean this in a snarky way at all. If you're not, and you work with some of the more complex frameworks like Laravel, do yourself a favour and investigate XDebug, and an IDE like PhpStorm that can take advantage of it. It will change your workflow for the better.
The first thing I do with any new framework (which I did with Laravel a few weeks back) is set up a really simple Hello World app and then step through a request loop, start to finish, to get a feel for how the framework sets up a request, dispatches it, and then tears down..
Just from that first exercise, I am immediately more productive with the new codebase..
Having picked up both knackered PHP and C projects, PHP is usually worse as the barrier for entry is much lower meaning that the code barely works in most cases. Plus it's usually plugged into turds like WordPress.
Currently dealing with helping someone upgrade a wordpress+buddypress nightmare. Yuck.
C stuff is easier to refactor as well as you have a strict compiler and valgrind on your side.
thats bad and i have always avoided using limited systems like CMSes or Blogs to use as a basis for big systems because of it. But you are right, alot of the PHP community is based around Wordpress, Typo3, phpbb etc but i have been using PHP for 10+ years and apart from installing Wordpress for blogging i have never used that stuff ;)
I assume you mean ColdFusion (it's been a single word since at least 1999). CF has some definite perception issues, but does have a number of features that go against the grain of the thinking about it: several MVC frameworks, ORM, web sockets, multiple open source engines, an abstraction layer atop the JVM, asynchronous programming options, closures, etc. As for "previous era", it's the same age as Ruby, Java, JavaScript, and others. CF's disadvantage isn't the tech so much lacking an ecosystem such as what has sprung up around options like Clojure, node.js, and RoR.
I would see nothing differently. I would still seek to educate other devs to experience other languages so they might change this problem you've pointed out.
