PHP 5.1.0 Released 275
kv9 writes "A new release of PHP5 is available. This version includes over 400 bugfixes, performance improvements over the 5.0.x branch, new date handling code, new versions of PCRE/SQLite/PEAR and over 30 new core/extension functions. A number of security fixes are also present and users are recommended to upgrade."
Beware of PHP 5.1 (Score:5, Informative)
http://news.php.net/php.internals/20352 [php.net]
Re:Many improvement... (Score:3, Informative)
http://www.php.net/~derick/meeting-notes.html [php.net]
http://www.corephp.co.uk/archives/19-Prepare-for-
Re:mySQL support (Score:2, Informative)
For read-only, or even read-mostly, MySQL is blisteringly fast. It slows down when doing many INSERT or UPDATE queries on large tables because the whole table is held in one file, which has to be locked during a write and so slows things down.
On Linux, with a disk caching policy of "Never, ever commit anything unless you have to swap something from RAM, or are about to umount the file system" and enough RAM to cache the whole table file, MySQL writes almost as fast as it reads. OSes with more conservative policies, such as insisting to decache often and verifying before releasing the RAM, obviously won't be so fast {but who'll be laughing at who when the power comes back on?}.
Ah, shit, I'm feeding a troll, aren't I? I wasted fifteen minutes of my life and I can never have them back
OO (Score:4, Informative)
PHP 5 brought more OO features but it's still loosely typed and not compiled, meaning its OO features pale in comparison to JSP and ASP.NET. Until these two features are added by default (yes I know there are compilers), I can't really see how people will want to make use of its OO features in a business scenario. It handles strings (atleast in 4) about 50x slower than
Re:Is any work being done to improve security? (Score:1, Informative)
Re:Is any work being done to improve security? (Score:2, Informative)
They are doing quite a bit actually. PHP6 will see a full input_filter mechanism added, safe_mode (misleading name) removed, and other substantial changes that will deeply improve security for programmers.
In addition, there is discussion of adding namespaces in php6, a feature that would easily improve security in virtually every app by preventing unintended variable overlaps.
The PHP Internals team takes security very seriously, and is merging the majority of the PHP Hardened script for just that reason.
Re:Great, now what about hosting companies (Score:2, Informative)
What's up and coming in PHP6 (Score:2, Informative)
Re:Sendmail (Score:2, Informative)
Re:mySQL support (Score:4, Informative)
Actually, this can be tricky due to MySQL's tendencies to massage data to fit comfortably into tables. Using defaults such as 0000-00-00 in date fields instead of NULL, allowing values such as 2005-02-30 (i.e. 30th of February).
If you have such values in your MySQL database and intend to migrate that data into PostgreSQL, you first have to make the data conform to the C part of ACID (Consistency) before moving it to other RDBMS systems.
Re:Backgrounds of the PHP developers. (Score:4, Informative)
I've just 'inherited' a PHP project, and I want to scream. I've finally had to 'learn my enemy.' So, wanting to know what the heck I was getting into, I bought a ton of O'Reilly books, and I read through a bunch of "Programming PHP" before beginning, so I wouldn't make the mistake of just slapping together whatever worked. Getting right into it, I was appalled at how poor the 'design' of the language is. It's a poor ripoff of many decent languages, slapped together in whatever Q&D way would 'make it work.' Why are phonetic string comparison functions part of the core language?! Those should be in a library! Why, oh why, was the scoping done so utterly backwards?! I was cleaning up some code, moving it into a function, and suddenly it stopped working. I had realized the answer the first time I tweaked it, but summarily forgot the second time around. What was it? Why, naturally, I had forgotten to do 'global $foo' inside my function - how stupid could I be to think code inside a function wouldn't pick up the contents of the variable as declared outside it?
*sigh* I've gotten a project with 15,600 lines of 'code,' and already gotten rid of 1200 lines of repetitive junk by applying some common sense to it. I have another 120 lines lined up to be shot today. (A diff -uw of 2 files turned up exactly 5 differences.)
PHP makes it way to easy for people without a clue to 'write code' that 'works.' Thank you all the same, but I prefer to keep my brain engaged in 'drive,' rather than 'park.'
Re:Some more alternatives to MySQL (Score:3, Informative)
IBM has spiffed up Cloudscape to be somewhat compatible to DB2, renamed it to Derby and is giving it away
PDO_ODBC [php.net], Zend Core for IBM [zend.com]
Oracle is giving away a mildly crippled version of its DB, I don't remember the exact circumstances
PDO_OCI [php.net], Zend Core for Oracle [zend.com]
ADABAS, also known as SAP DB, is now also FOSS
This one, I know very little about..
Firebird, née Interbase, was freed years ago and is said to be working well and under active development. I don't know why so few people seem to like it.
PDO_Firebird [php.net]
I believe I heard about SQL Server being "free" under some circumstances too, but I'm not sure.
Correct, it's called "SQL Server 2005 Express Edition [microsoft.com]", formerly MSDE. (although, I've not tried EE2005, only MSDE -- it worked well)
PDO_DBLIB [php.net]
S
Re:PHP alternatives (Score:3, Informative)
When you hear Ruby in the context of web applications, the speaker definitely means Ruby on Rails [rubyonrails.com]. For writing more than the simplest web application, it's probably a php killer, on account of its price ($0) and relatively flat learning curve (even if you've never done ruby). Others have observed [c2.com] that RoR has subtle ways of making you do the right thing in a given programming situation, even if you don't know what that is at the time. I dare say that rails teaches the coder alot about object-oriented programming just by using it.
RoR is just 1.0 now, and though the API is still shifting around a bit, it does so only about as much as php, and rails is just a framework, not the whole language. The ruby language itself is quite stable at this point. OTOH, I found that porting my existing web app over to RoR was impossible, or at least so difficult that it wasn't worth the trouble over re-coding it from scratch (and making it a much better app in the process).
Re:PHP5 deserves any criticism it gets (Score:2, Informative)
Usually thats a scape goat for a lot of people, but in all honesty they are almost forced to use it because their are just some people that won't get off their backs. It's like when a little kid asks "why?" too much, an educated parent would simply say "because I said so."
A while ago, I tried writing my own blogging system using PHP, because it would be easy to find someone to host me. I kept having to look things up (isnull or is_null? arrlen or array_length? (neither, it's count)), typing mysql_this, mysql_that instead of using namespaces is annoying
Namespaces would be nice, but I honestly don't see whats so bad about the current system. I've written some very nice projects without using namespaces at all, and guess what, entire operating systems have been built without namespaces! Also, your inablity to memorize function names is not the fault of the language. You are obviously trying to turn php into something its not by suggesting that ABC naming system is not as good as XYZ naming system. Don't blame the language just because it does functions a little differently. It's part of learning the language. The more you use them, the better you'll know them and the more natural it will seem. Just try not to force that natural state you've come to acquire into another environment when learning a new language.
"PHP is the web generations basic". Oh great, the web generation is growing up thinking that mysql_query( $_POST['input']) is a good idea. After all, magic quotes will make sure it's safe, so gets(input); system(input); in C should be safe!
No one ever said magic quotes would make these things safe. NO ONE! This paticular quote of yours is 100% plain and simple a lack of knowledge. Php has a wealth of functions that will strip slashes and quotes and html elements to make input safe. In the end though, its up to the developer to make sure the input is safe. Your little examples are totally pointless. You could write any variation of that system(input); example in ANY language! You seem to think because php is a web language that its exempt from this. Well it's not! Any developer in their right mind knows mysql_query(input); is insecure... but again, how in the world do you think thats the fault of the language???
Intentionally or not, PHP is the first language learned by many people nowadays, so it should at least educate them into good practices instead of just doing stuff for them. (Doing things for the user is one of the things that Microsoft gets flak from here, too).
three letters... wtf?! PHP does a fine job of educating people on good practices. If some noob comes along and copies and pastes crap code from a tutorial site on geocities whose fault is that? The developer's or the languages? That's like blaming Toyota because some jerk is a bad driver. The thing that really dropped my jaw on your statement is the part about php "just doing stuff for them". What are you talking about! What is it that php does for them? Provide commonly used functions to make development easier? Thats "doing stuff for them"???? It's pretty clear you've never programmed using Microsoft technologies or in php. The reason MS got so much shit was because their IDE messed with people's code with their autocomplete feature. On top of that, it is VASTLY improved now. Have you ever used VS.NET 2005? Hell I bet not. You're still living in the 90s. I bet after a long hard day of posting non-sense to