The New PHP

An anonymous reader writes "This article at O'Reilly Programming suggests that PHP, a language known as much for its weaknesses as its strengths, has made steady progress over the past few years in fixing its problems. From the article: 'A few years ago, PHP had several large frameworks (e.g. CakePHP, CodeIgniter, and so on). Each framework was an island and provided its own implementation of features commonly found in other frameworks. Unfortunately, these insular implementations were likely not compatible with each other and forced developers to lock themselves in with a specific framework for a given project. Today the story is different. The new PHP community uses package management and component libraries to mix and match the best available tools. ... There are also exciting things happening with PHP under the hood, too. The PHP Zend Engine recently introduced memory usage optimizations. The memory usage in PHP 5.5 is far less than earlier versions.'"

Wake me they fix namespaces

[LF11]

Wake me up when they implement namespaces correctly. With a syntax that doesn't look like Satan's diverticulitis.

It is nice to see that PHP is starting to grow up a little bit. They have long way to go.

"hello" == 0 is TRUE

[Anonymous Coward]

Let me know when they stop calling bugs features because they are documented.

https://bugs.php.net/bug.php?id=39579

Re:Too Little, Too Late & MtGox

[hondo77]

Why in 2014, do I have to decorate variables with '$'?

That is your first complaint about PHP? That? I can't stand PHP but, seriously, that is first on your list of PHP badness?

Re:Too Little, Too Late & MtGox

[skids]

Especially since it's actually one of the only things that makes PHP (barely) readable.

A fractal of bad design.

[Anonymous Coward]

I don't normally like linking to blog posts, but this one pretty much sums up PHP for me:

http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/

His analogy is very apt.

Re:Too Little, Too Late & MtGox

[Anonymous Coward]

The very fact that several websites exist to document inconsistencies in the language implementation should make you wary.
Where do you find compiler devs who manage to evaluate 0x0+2 to 4?
The fact that there is a function called real_escape_string scares the shit out my me, because it implies there exists a function called escape_string which doesn't really escape strings.

Re:"hello" == 0 is TRUE

[Anonymous Coward]

Bullshit. '=' is assignment in all cases - it is predictable behavior.

However, in php:

"hello" == false is FALSE.
0 == false is TRUE
Therefore, "hello" == 0 should be false. But it doesn't.
"hello" == 0 is TRUE.

I understand WHY it happens. My understand why and when doesn't make it right.

Re:You don't know what you're talking about.

[Anonymous Coward]

PHP has always used explicit memory management.

allocate_StringMemory()
sys_FreeMemory_UTF8()

Watch out because there is no way to tell if allocation fails. That's convenient though because it makes sys_Free* idempotent; there is no difference between failure to allocate and multiple free-s.

With 5.5 you get a great new function;

sys_FreeEverything() // in traditional mixed camel case + underbar style!

Now you don't need to keep track of allocations and release them. Just blow away all allocations across all requests and start fresh. It's really great for fixing those darn memory leaks.

Re:Too Little, Too Late & MtGox

[Tablizer]

The fact that there is a function called real_escape_string scares the shit out my me, because it implies there exists a function called escape_string which doesn't really escape strings

That reminds me of people who call a document "x_final", but then change their mind and so create a second one called "x_final_final", and change their mind again to get "x_really_final_this_time_I_promise". I suggest version numbers, but then they say, "But version numbers don't tell me which one is final". I gave up on them.

Re:PHP

[Tablizer]

Every common language out there has ugly stuff of one kind or another.

Re:Too Little, Too Late & MtGox

[Anonymous Coward]

I used to think there weren't plain bad languages. Now with more experience under my belt, I know better.

Every language has quirks. You get used to them, and do what you need to do. PHP is almost nothing but quirks. The only languages I can think of worse than PHP are those deliberately designed to be bad: Brainfuck, Malbolge, INTERCAL, and the like. I'm not even sure that some of those are worse than PHP.

The entire structure and implementation of PHP screams of hasty decisions by cowboy coders who just decided to write an interpreter one day without sitting down and actually designing anything. Reading almost anything about the language is an exercise in counting and cataloguing "WTF" moments of various magnitudes. There have been many "new PHP" modifications, addressing various numbers of warts in the language. However, there are so many misfeatures and design flaws in PHP that such a process would be effectively unending even if the alterations weren't themselves riddled with defects.

Re:Not sure what you're talking about

[Anonymous Coward]

So the sort of people who claim that PHP is worthwhile are those who stick with a terrible webhost and have no clue how much they should be paying?

Yes, that sounds typical.

Re:Inconsistency

[elfprince13]

Even JavaScript isn't as bad as that, there are only a few minor areas where implementation-specific issues pop up, like the awful CSS rule stuff, input codes, and some other stuff, with PHP, it is EVERYWHERE.

Cute. In JavaScript: "5"-2 = 0 and "5"+2 = "52". Even PHP isn't *that* nut.

Re:Too Little, Too Late & MtGox

[Dan East]

I do a lot of coding in PHP, and there's a lot of things I don't like about it, but your particular dislikes don't make a lot of sense.

Why in 2014, do I have to decorate variables with '$'?

It's not like PHP was written in 1965 and thus there was some hardware (memory footprint, compilation speed, etc) reason variables are prefixed with a dollar sign. It was a design choice. That's so you can do this:
$count=5;
echo "The total is $count.";

And you can use the same variable syntax in your code as in strings that are automatically parsed.

Why is the assiciative array syntax take two characters that look a comparison operator?

It doesn't "look" like a comparison operator if you actually know what the operators are. <= and >= are comparison operators, and => is not a comparison operator in any language I've ever used. A single equal sign looks like a comparison operator too, and woe to the developer that doesn't have the universal C-like basic operators (used in dozens of modern languages) memorized backwards and forwards.

Why do I need == and ===?

For the same reason that Javascript and other scripting languages need it. Those languages do automatic type conversion, and sometimes you don't want that to occur. The alternative is manually casting things, which isn't very script-like at all, and having to explicitly deal with types is more like C than an "easy to use" scripting language. Thus there are two equality operators for the times you don't really want 0 to equal null to equal false.
This one is even more ironic considering Javascript based node.js is your favorite server side platform, and thus you would also have to use both == and === operators in your preferred language anyway.

ANd vaiable confusion between $_GET, $_POST and $_COOKIE

I don't even know where to begin on this one. They are 3 entirely different things, with the most self-explanatory names I can think of. That's exactly as it should be. Look at $_REQUEST if it's too difficult to figure out which you should be using (and woe to your client if that's the case).

Re:Not sure what you're talking about

[countach74]

Except nothing you just said is true. PHP is not faster than Python or Perl. PHP is not cheaper to host than Python, Perl, Ruby, etc. And most importantly, no you cannot do anything in PHP that you can do in Python or Perl! At least, not without writing C extensions.

Re:Too Little, Too Late & MtGox

[Dynedain]

In PHP this is now solved with parameterized queries. Plus any framework or CMS worth it's salt was doing it already:

$sql = $dbConnection->prepare("SELECT fname, lname FROM people WHERE id = ?");
$sql->bind_param('s', $id);
$sql->execute();

If you're rolling your own DB connection layer in modern PHP, you're doing it wrong.

Lousy coders will be lousy coders

[SmallFurryCreature]

And how is this different from "SELECT yada yada " . id . " yada yada"

How exactly does ANY language that allows catenation not allow you to enable sql injection attacks?

"Coders" like you want a language to protect you from being stupid because you are stupid. It is your kind that insists everything be made child proof because you are a child yourself.

Re:PHP

[TeknoHog]

Python has the whole whitespace deal, Perl code tends to be unkempt

Now this is a great comparison. One language is bad because it enforces tidiness, and the other is bad because it doesn't.

Re:Not sure what you're talking about

[LordThyGod]

So the sort of people who claim that PHP is worthwhile are those who stick with a terrible webhost and have no clue how much they should be paying?

Yes, that sounds typical.

Actually I think its more that a certain percentage of the population has as the top priority just being able to get something done, and the low level details of this or that's garbage collection and memory management is way, way down the priority list somewhere.