Google Blogoscoped


PHP is evil

Charlie Clark [PersonRank 0]

Monday, August 23, 2004
18 years ago

You're absolutely right and then some!

Having recently taken over a LAMP-based website and actually after deciding that for the immediate future it is better to patch the existing system... so basically it's my own fault. Like you, I prefer Python.

PHP is a real mess. That's installed by many ISPs is because it's in so many Linux distros along with that other plague of web development: MySQL. Fortunately Python is making headway but that doesn't matter because there are two reasons why PHP has become so popular: it isn't Perl – PHP's syntax maybe terrible but it isn't anything like as bad as Perl's (Perl is powerful and for some wonderful but it is cryptic); mod_php means ostensibly less headaches for sys admins although actually probably more.

But it's the <?> echo "I'm a fool"</?> which is really responsible. This makes quick results easy and encourages very bad programming style: embedding data, business and presentation logic in the same level. Eek! While I'm sure this is possible with mod_perl or mod_python, etc., it's certainly not the way you're encouraged to program.

Let's note some other bloomers:
knowing when to use " or ' quotes
   they are pretty much the same except when it comes to interpolation of variables. Using " should give you a valu but ' may tell you about the type of variable you have. Great – so just stick with " and " for safety!;
   you've touched on the inelegance of variable magic. Combine this with the hopeless error messages and some SQL and you really are in a mess.
q = "SELECT id, name FROM TABLE WHERE name = '".$name.$"'";
result = mysql_query($q);
will generate an SQL error if $name hasn't been initialised! You then have to activate error messages explicity to figure out what might be wrong. As MySQL often doesn't give errors for the same brain dead reason this can lead to corrupt data fairly quickly;
   keyword overload
mysql_function_this, mysql_function_that...
repeat for every possible database driver. Haven't these people heard of database drivers? The whole point of something like SQL is to avoid application language specific commands! The same applies to pretty much every aspect you can think of – it's all there in the runtime whether you need it or not gzip, PDF, etc. and all very laborious;
   following from previous
where is the abstraction? where are the namespaces?
everything seems to live in this evil global namespace except for functions which abuse the term global
$a = "my name";
function myfunction()
   {echo $a;}
calling this function will not generate an error but print an "" or 0 depending on how you're using it
function myfunction()
   $a = global $a;
   echo $a;
is what you need to access the external variable;
   no namespaces. I mean come on why
require/include("/need_to_know_the_path/myfile.php")? rather than accessing your include/import path explicity?

I'm sure there are more, disgraceful problems and it is important to point them out because otherwise people will continue to right terrible code. The only ones who seem to benefit from this situation are the publishing companies who can publish book after book on PHP / MySQL / Lamp.

And why is MySQL bad? Well, let's just quote the documentation for 4.x section 1.8.6:
"If you insert an ``incorrect'' value into a column, such as a NULL into a NOT NULL column or a too-large numerical value into a numerical column, MySQL sets the column to the ``best possible value'' instead of producing an error:"
Great! Let the database store corrupt data silently so that we can build layers of sanity checking code rather than a few constraints! It doesn't matter because the INSERTs are really fast. Who cares if the JOINs are really slow as only purists normalise their data! Well, that's the way it certainly sounds to me. This is all utter rubbish! Relational database management systems really should enforce CONSTRAINTs and save a lot of time and aggro.

But someone is obviously making a lot of money from the current situation!

In summary:
brain on = PHP & MySQL off

Philipp Lenssen [PersonRank 10]

18 years ago #

Agreed to most of your points on PHP. As for MySQL, I don't think it's too bad. Let's compare it to MS-SQL:
- in MySQL, I have an easy random function to return a random record
- in MySQL, I can use paging using the LIMIT n1, n2 syntax – in MS-SQL, I just have a TOP n, which is useless to return a certain subsect of records.

To return *only* say record 20-30 *depending on a certain sorting* is a single SQL line in MySQL, but a headache in MS-SQL. What do you think?

Philipp Lenssen [PersonRank 10]

18 years ago #

PS: I wouldn't say PHP is evil though. You can program badly in any language, including dot-net, Java, Python and what-not. I program the tools on my sites in PHP... yes, because I have to – but it works, at least on this scale. Agreed though the lack of forced variable declaration is a pain for larger scale projects.

justin [PersonRank 0]

18 years ago #

it's down to you to make your code manageable.

You dont need to write spagetti code in php, if you think things through and manage it well.

As for the function example above, you can also do this:

$a= "my name";

function myfunction($a)
print $a;

no global declaration needed.

Piotr Zgodzinski [PersonRank 4]

18 years ago #

I completely disagree with Charlie Clark, php and mysql are definitely not to blame for the users choices of programming styles. You are able to write perfectly clean code using php, but there is no way of forcing anybody to code the way you think is right (and thanks God).

Forum home


Blog  |  Forum     more >> Archive | Feed | Google's blogs | About


This site unofficially covers Google™ and more with some rights reserved. Join our forum!