PHP 5.4 Released 209
mikejuk writes "PHP 5.4 has been released, along with a new version of Zend Framework. It has a number of optimizations that make it faster and smaller (early estimates say 10-20% faster), a built-in webserver for testing purposes, and features that had been destined for PHP 6.0. The big addition from the now-crashed PHP 6.0 project is Traits, which are sort of a cross between a class and an interface, bringing some of the advantages of multiple inheritance to PHP. The full changelog and download page are both available."
That's all we need ... (Score:5, Insightful)
Re:That's all we need ... (Score:5, Insightful)
Java interfaces are essentially a fancy form of documentation. Traits sound like they provide actual functionality.
As for static typing ... oh, never mind. If you prefer static typing, by all means, use a language that has it. Also bear in mind that static typing != strong typing; a lot of people who complain about the lack of the first really seem to be talking about the second.
Re: (Score:2)
Java interfaces are essentially a fancy form of documentation.
They are also a contract (although I admit not the fanciest).
Re: (Score:3)
They are also a contract
And, IMO, a contract is a fancy form of documentation. If you can't implement any functionality in it, it doesn't do anything that a careful check of the program against the design specs can't also accomplish. I'm not saying interfaces are useless, but I wish people would stop saying "we don't need multiple inheritance, we've got interfaces!" when they don't do anywhere near the same thing.
Re: (Score:2)
You don't understand interfaces. They aren't just documentation. They allow you to actually do things that you wouldn't be able to do otherwise. Let's say you have an IDisplayable interface that provides some functions that let you pretty-print the contents of the object. Any object that belongs to a class that implements this interface can be assigned to a variable of type IDisplayable. The only methods you can call on a variable of that type are the pretty-print methods, but that's okay, because that's al
Re: (Score:2)
You don't understand interfaces. They aren't just documentation. They allow you to actually do things that you wouldn't be able to do otherwise. Let's say you have an IDisplayable interface that provides some functions that let you pretty-print the contents of the object. Any object that belongs to a class that implements this interface can be assigned to a variable of type IDisplayable.
Interfaces are just a documentation in a dynamically typed language like PHP, since variables don't have types. The only other thing they give you there over duck typing is the ability to do instanceof checks.
That's not true in general. (Score:2)
Dynamic/static and strict/weak are orthogonal in general. A dynamically typed language could just as easily verify that all necessary methods defined by an interface are implemented by an implementation -- it's just that the check would happen at run-time rather than compile time.
Re: (Score:2)
Re: (Score:2)
You said Java interfaces. In Java, they are not documentation. In PHP, you are mostly correct, as I indicated at the end of my post.
Re: (Score:2)
You aren't the guy I was replying to, but *he* said "Java interfaces" and I responded to that.
Re: (Score:3)
Interfaces are a method contract, not "fancy...documentation."
If you think interfaces are "just" documentation, you don't know SHIT about OO programming. Sorry dude, but your perspective is like saying that C/C++/C#/Java are "just" big macro assemblers because everything eventually runs on a CPU.
Re: (Score:2)
having php adopt a bad idea from Java and making it worse?
More like understanding what went wrong in Java and not making the same mistake again.
Wouldn't we be better off actually having static typing instead?
If you want a static typed language and all the tedium that goes with it, use Java. If you want faster development and less code, use a dynamically typed language.
Re: (Score:2)
I'm a dynamic languages guy, but to be fair, that tedium is Java's fault, not the static typing. A good typing system will have inference.
factorial x = if x == 0 then 1 else x * factorial (x-1)
This is statically typed code in Haskell, but as you can see there are no type declarations to be seen.
Re: (Score:2)
hmm, I'm not sure that duck typing qualifies as static typing. I mean, can you infer from the above whether x can be a float or not?
Re: (Score:2)
It's parametric polymorphism (a generic programming feature), not duck typing. Essentially, the compiler will generate (on compile-time, not runtime) two different instances of the factorial function, one for x as a float and one for x as an int.
If factorial is called with an invalid type (one for which the compiler can't generate a valid implementation of the function), that error will be detected at compile time.
Re: (Score:2)
Yes, a class is a terrible concept that must be abolished at once!
What are you criticizing exactly?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Creating some consistency in needle/haystack vs. haystack/needle order in relevant built in functions would be high on my list of things for them to fix.
Making namespacing not suck balls would be nice.
Personally, I like "global" declarations in functions/methods--can't leave all the newbie-tripping-up fun to Python's explicit "self" argument, can we? :-)
Re: (Score:2)
needle/haystack vs. haystack/needle
Oh yes, this! I cannot imagine someone writing in C some PHP functions not implementing this mess on purpose. How come...
Re: (Score:2)
Traits are coming in Java 8 with the addition of default method implementations to interfaces.
Re: (Score:3)
Re: (Score:2)
I never said multiple inheritance was a Java concept. In fact, I think one of the mistakes in Java was *not* supporting multiple inheritance, just like another one was stuffing everything into classes and objects.
Multiple inheritance in c++ is simple. People who think otherwise need to sit down for 15 minutes and review it to see how much better it is than interfaces.
Re: (Score:2)
IIRC, not supporting multiple inheritance was one of the primary motivations for Java. Multiple inheritance (again, IIRC) makes it impossible to avoid ambiguities that a compiler can not resolve, thus making it easy to write programs that can be very difficult to debug. I haven't looked at this stuff for 20 years, so I don't recall perzackly. Not supporting MI meant the size of the Java compiler a small fraction of the size, and much more reliable. But others here can speak to this far better than I.
Re:That's all we need ... (Score:5, Funny)
No idea, but a sheet of Bounce would probably solve that problem.
Saying "PHP 5.4 Released" isn't that meaningful... (Score:4, Interesting)
Telling us readers how it (the new PHP) measures up to the competition would have been better and more informative.
So, let me bite: How does this new release measure up to the competition?
Re:Saying "PHP 5.4 Released" isn't that meaningful (Score:4, Funny)
Re: (Score:2, Insightful)
Re: (Score:2, Insightful)
You base your criticism of a platform (not a language) on its name? Seems pretty arbitrary.
On top of that, the old platform was just called COM (no dot).
For what it's worth, I've used pretty much all the well-known languages out there (OO languages, functional ones, dynamic ones) and I have to say that the .NET framework and C# are pretty damn good. In particular, the C# language designers are really good at incorporating the good ideas from other languages but keeping the syntax from spiraling out of con
Re: (Score:2)
Not that this opinion will garner much praise on slashdot
I don't agree, /. changed since a couple of years. Bashing Microsoft or its products generally flags a Troll or a -1 anyway. The top post related to .NET here is being "Troll". Well, /. didn't change actually. More people read it, from more communities, including MS and the like. /. being (I think) fair in terms of moderators, the "new" people from those communities flag the bashers all the time. Even the Microsoft logo changed recently, the new one being more neutral.
Re: (Score:2)
Oh good Lord (Score:5, Funny)
What synchronicity! Just the other day I was thinking about the beautiful and elegant poetry that is PHP's syntax and standard library, and I was saying to myself, "You know... if there's one thing PHP needs, it's multiple inheritance."
Re:Oh good Lord (Score:4, Insightful)
Re: (Score:2)
I never saw the need for OO in PHP either. I think the language was faster, and made more sense, without it.
Re: (Score:3)
Re: (Score:2)
What synchronicity! Just the other day I was thinking about the beautiful and elegant poetry that is PHP's syntax and standard library, and I was saying to myself, "You know... if there's one thing PHP needs, it's multiple inheritance."
I once asked the PHP developers at ZendCon about why they don't gradually clean up the standard library, and the impression that I got was that backwards compatibility is a top priority for PHP and Zend.
While I personally do prefer the Python way of planning gradual changes to the standard library along with migration paths I do also see the strength of leaving things the way they are. Fortunately there is more than one language to use for web develiopment if PHP won't float your boat.
PHP security (Score:3)
PHP has always been a security nightmare. Can anyone speak about security issues, enhancements, etc, that us sysadmins should know about?
Re:PHP security (Score:5, Informative)
Re: (Score:2)
One thing that I found myself curious about earlier this week.
I was trying to do up a proof-of-concept demonstration for the semi-PHB to explain the risk of SQL injections, and I couldn't make it work with MySQL (I know, I know...).
Is the fact that PHPs built in mysql_* function set doesn't do compound statements (multiple SQL queries in a single string/function call) a bug or a feature?
Re:PHP security (Score:4, Funny)
Here is my code from my login page in php 4 that is super secure
$query_login="select * FROM user"; //$login_check = mysql_num_rows($result_login);
$result_login = mysql_query($query_login) or die("Your passwrod is might be bad I think");
while($row=mysql_fetch_array($result_login))
{
$username=$row["username"];
if ($username==$username1)
{
echo "";
echo "window.location.href='login_error.php?rec=qq';";
echo "";
exit;
}
}
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It's my understanding that it's a feature for exactly that purpose (avoiding injection attacks).
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
IIRC it still doesn't provide a secure random number generator as part of the core language. Given it's target application often requires generating things like session IDs that if guessed can allow session hijacking that seems pretty inexcusable to me.
Re: (Score:2)
If by phpCommerce you mean osCommerce (phpCommerce turns up nothing relevant in Google) then that whole thing is a steaming pile of shit. Nothing short of nuking it from orbit and starting over would fix that tangled pile of bad code.
how about some new template features? (Score:2)
The developers of PHP are so focused on becoming a real language that they've forgotten what PHP is all about: templating! There's no real focus on adding template features (ok... I don't have to type array now...).
Just add water and wait. And wait. (Score:2)
Goody! Just another 5 years 'till it hits the production servers now.
Scan your code, folks (Score:5, Insightful)
If you want to get your code compatible, a start is to scan it automatically : https://github.com/wimg/PHPCompatibility - just released for 5.4 as well :-)
Re: (Score:2)
Re: (Score:2)
Traits are cool (Score:3)
I've been waiting for traits in php (and thus php 5.4 when they finally decided to put traits into it) for some time now.
Think of traits not as really an extension to the object oriented features (alternative to multiple inheritance..) but as a kind of language assisted cut and paste with conflict resolution.
Because that's what it is. Traits are "flattened" at run time. Their methods become methods of the class where the trait is used, and work exactly like they were defined there to begin with. If there is a collision in the naming, you can specifically resolve that with language syntax.
Zend breakage technology strikes again (Score:2)
Can't they just release a new version of PHP that doesn't break backward compatibility. Microsoft was able to do this with classic ASP and for the most part .NET for many years now. Sun and Oracle figured out how to do it with Java. Why can't Zend do it?
I'm tired of having features disappear. Yeah, magic quotes and safe mode were stupid. Maybe if they actually designed the damn language rather than throw in crap all the time this wouldn't happen.
This is the single biggest issue I have with PHP.
Re: (Score:2)
Re: (Score:2)
This is ridiculous. You think every time a SECURITY update comes out I should modify my code for every app I've ever written. I don't think so.
See that's what this is, a security update. They don't support old versions of PHP so it's a forced upgrade. Thus backward compatibility is important. Yeah, there's only a few things here and there between individual releases, but consider someone hosting on CentOS and then a new CentOS comes out. Suddenly they're 2 major releases ahead. Nothing works.. the sys
Why "use" instead of "uses"? (Score:3)
GRRR. "extends" was for inheritance, "implements" was for interfaces, so why wasn't "uses" chosen for traits, instead of "use"?
Re: (Score:3)
Because this is PHP, man! Home of mysql_real_escape_string()!
Re: (Score:3)
Re:advantages of multiple inheritance (Score:5, Insightful)
GOTO is perfectly fine in some situations. Using a technique badly doesn't make the technique bad itself. It's just stupid users.
Re: (Score:2, Informative)
Difficult to write assembly without "goto"
Re: (Score:3)
Only if you are using an assembly language that lets you directly modify the program counter with normal arithmetic instructions. x86 does not let you do this. You must use one of the jmp family of instructions (essentially goto), or call/int/ret/iret (and related).
Re: (Score:2)
The only way you can push the instruction pointer is with a call instruction. The only way you can pop the instruction pointer is with a ret instruction. So yes, you *could* do arithmetic on it and use call/ret as fancy push/pop instructions for the instruction pointer, but...why? What does it accomplish? Why not just use those instructions as intended, or one of the jmp instructions? I'm struggling to understand what value is gained by your method, if it's indeed different from using computed jmps.
Re: (Score:3)
Regarding the if/else blocks, they are a bit like the bad programmers that use goto because they can't process anything else. How do you think those fancy exception structures are translated? You can quicly slap one of a dozen variants on an assembly project. An easy lazy ve
Re: (Score:2)
Also, you can emulate a goto easily:
cmd1;
start:
cmd2;
a = cmd3;
if ( a == 0) { goto start; }
cmd4;
becomes
cmd1;
while(1) {
cmd2;
a = cmd3;
if (a == 0) continue;
break;
}
cmd4;
Re: (Score:2)
Just because a given language has goto constructs, it doesn't mean that you need to use them. There are some use cases, (and many other constructs will translate to labels and jumps, so I don't really understand the pavor of using it), and in the example you gave, a poor compiler would produce crappy machine code for the 2nd version.
Re: (Score:3)
Re: (Score:2)
Re:advantages of multiple inheritance (Score:4, Insightful)
There's absolutely nothing wrong with goto. Just people who abused it and it got a bad reputation.
Re: (Score:2)
GOTO is never unsafe
So, there's no safe assembly code? Silly...
Re: (Score:2)
Neither are automobiles, but we keep on driving them.
Re: (Score:2)
Aren't exceptions a fancy use of GOTOs aswell?
Re: (Score:2)
The problem with GOTO was that before OO and modular programming becoming the norm, most code were long streams of consciousness that were hard to decipher. GOTO is still being used but not directly by the programmer or more accurately by syntactic sugar offered by the language.
Consider the WHILE loop:
a = 0
while(a < 5) {
println a
a = a + 1
}
It is really similar to (good enough for illustration - I could optimize by using logical not):
a = 0
loop:
compare a to 5
jump to continue if less than
goto
Re:advantages of multiple inheritance (Score:5, Interesting)
Re: (Score:2, Interesting)
Multiple inheritance is supported in some form or another in just about every OO language in existence. It's just that most prefer to restrict multiply-inherited traits to methods and call them "interfaces" instead of "base classes." IMO, that's entirely unnecessary. If I want an "interface" in C++, then I write a pure abstract class without any member variables and use it the same way I'd use an interface in Java. If I want true multiple inheritance in Java, I'm just out of luck. MI can be used in some very nasty ways, but if you tried to remove each and every feature that a programmer could possibly misuse from a language you'd pretty quickly find yourself with an insanely verbose toy language that no experienced developer would ever want to touch.
I disagree: Taking away options in the language can make the outcome better. For instance, you *have* to strongly type in Java, and you *have* to put everything in classes. Surely its safe to say that Java tends to be more modular by default.
If you take away the update operator, you end up in the wonderful world of side-effect-free programming, that the compiler also can take advantage of.
I have yet to see an example where MI is the best solution in a real e.g. Java program.
Re: (Score:2)
This is sort of like saying democracy in the United States is better because the Constitutional Convention decided an Electoral College would help keep the masses in check. Speaking as a proponent of strong typing, I reject languages that force behavior on programmers. A good langu
Re: (Score:2)
>This is sort of like saying democracy in the United States is better because the Constitutional Convention decided an Electoral College would help keep the masses in check.
Well, a lot of people actually think it does contribute to the stability of the US political system. Whether you think stability is good is a different matter.
Now for Java: It's great that there are a lot of cool and funky languages, which are good for different purposes. But for the average ho-hum business application, a severely res
Re: (Score:2)
Actually, more than 50% of programmers are below average. There is always a large number of beginning programmers compared to the few exceptional programers in the long tail of the population. Long tail populations almost always have an average on the long tail side of the median. In this sense I think that it would even be fair to say that the overwhelming majority of programmers are below average. This is in line with my experiencing with programmers.
Re: (Score:3)
I have yet to see an example where MI is the best solution in a real e.g. Java program.
Generally speaking, public inheritance represents a "can-substitute-for" relationship (per Liskov substition principle). So whenever you have some A that can substitute for both B and C, you have multiple inheritance.
In Java in particular, every time you implement an interface, you use multiple inheritance. That's plenty of examples right there in java.lang.*.
You're going to say that interfaces are limited. Sure they are - you can't have fields, and methods can't have bodies. The second restriction is actua
Re: (Score:3)
Multiple interface inheritance is necessary in order to specify a proper object model, but C++ is the only language I've ever used that supports multiple inheritance of methods and attributes as well as interface signatures.
Certainly I find it far, far easier to code a system with C++ than with Java or C#. Both Java and C# require that you copy-paste-edit code between implementations of the interfaces, which results in a lot of code duplication and is more prone to error than the C++ approach. (Not to
Re: (Score:3)
Multiple inheritance is supported in some form or another in just about every OO language in existence. It's just that most prefer to restrict multiply-inherited traits to methods and call them "interfaces" instead of "base classes."
Theory Alert: That's not inheritance, that's subtyping. The difference is subtle, yet important. Inheritance is reuse of implementation, subtyping is a matter of type compatibility (Liskov's substitution principle). In rather basic OOP languages, such as Java, inheriting a class implementation immediately generates a subtype - which is probably the reason why it confuses a lot of people - but it's not a general principle. (E.g., type systems with the MyType construct generate a subclass by inheriting a clas
Re: (Score:3, Informative)
Like every other tool, multiple inheritance can be used or abused. It may be one of those tools which is actually more prone to abuse than to proper use, but that doesn't mean it can't be done right.
For a specific example, I used to work on a database application stack which had a bunch of classes for database entities (People and Companies, say) each inheriting from a DBEntity class; and other classes, inheriting from the database-facing classes, to format those entities for display (DisplayPeople, Displa
Re: (Score:3)
Sorry, you've lost me, is this meant to be an example of multiple inheritance being used or abused? I get the intention you feel it's the former, but the reality is it's the latter.
Your example proves the point precisely - multiple is never necessary, hardly ever useful, and even people like yourself who greatly believe in it seem to completely miss the fact that you've used it for something that could've been done far better without it.
Your anecdote doesn't speak in favour of multiple inheritance - on the
Re: (Score:2)
Why the fuck were your data objects doing display logic?
They weren't, and we didn't want them to have to do so. That's the point.
It's better than Ruby's "best practices". (Score:5, Insightful)
The people who scream the loudest about how multiple inheritance or gotos are bad are the ones who also scream the loudest about "best practices", but in reality write some of the shittiest code there is.
Just look at Java and C#. The worst Java and C# developers are those who go on and on about design patterns. Then instead of writing software that solves real problems, they spend months and years putting together frameworks and obtuse architectures that are damn near impossible to use in practice.
Then there are the Ruby users. Basically everything they advocate is wrong. Maybe it lets you crank out yet another blog engine quickly, but what they propose falls apart completely for any moderately complex application. All it takes is debugging one problem caused by monkeypatching, and you'll immediately see how stupid their ideas are.
JavaScript "programmers" are the worst. Their language is so fucked up, but most of them are so ignorant that they can't see this for themselves. I mean, they didn't even manage to get equality comparisons implemented in a sensible manner! Yes, very core functionality like that is broken.
PHP has traditionally been just slightly better than JavaScript, in terms of developer stupidity, but at least they're making a small degree of progress in the right direction. We can't say the same for Ruby, though. In fact, we rarely hear about Ruby these days. The hype surrounding it sure has died down lately. This isn't completely unexpected. Consistent failures, like most sizable Ruby projects tend to be, can quickly kill even the loudest hype.
Re: (Score:3)
Re: (Score:2)
That's interesting; not that I use much Ruby any more either, but can you name any specific reasons why you felt this way?
Personally I loved the language - simple, elegant, intriguing ideas & patterns. I thought Hal Fulton's "The Ruby Way" was a great book, and I continue to use some of the ideas he wrote about even on current projects where I'm not using Ruby.
At the time, though, I completely rejected the Rails framework (circa 1.2.x?) for something that I thought had a much more reusable approach, Nit
Re: (Score:2)
Re:It's better than Ruby's "best practices". (Score:4, Insightful)
Insightful my ass. The people who scream the loudest how fucked up some programming languages and how stupid their users are, are actually the worst.
Sane programmers however, just use what's best for the job. For example, what other programming language would you suggest for enhancing a webpage? VBScript? Or just throw in a Java applet like in the nineties?
If you think the equality comparisons of JavaScript are fucked up, I think you don't understand loose typing. If they don't do what you want, it's because you don't use them properly.
Re: (Score:2)
Sane programmers however, just use what's best for the job.
This. Why all the good ones appear when I'm out of modpoints?
Re: (Score:2)
The people who scream the loudest about how multiple inheritance or gotos are bad are the ones who also scream the loudest about "best practices", but in reality write some of the shittiest code there is.
I have a suspicion that Sussman and Abelson are spot on in Chapter 2 of Structure and Interpretation of Computer Programs [mit.edu], when they describe the problem of MI as one that may be intractable. Or, it may be AI-complete, since I can't see how method resolution in MI can work in a way described by an algorithm short of implementing a reasoning system with human-like capabilities. The sentence
The main difference between the confusion that existed ten years ago and the confusion that exists now is that now a variety of inadequate ontological theories have been embodied in a plethora of correspondingly inadequate programming languages.
is one of my favourite insights, at least from all those that I gained from that book.
Re: (Score:2)
I thought I would need it about 3 times in projects, but never ended up using it because there is always a way around it (delegation as last resort). That tells me that it really never is a requirement for a programming language, and even programming classes were never able to come up with a useful demo example other than the car/boat story.
However, inheriting/implementing multiple interfaces with one class *is* useful, and you do it all the time e.g. in Java. Perhaps this is meant here?
Re: (Score:2)
I'm not sure OO is a good idea for web development (Score:3)
But that's just me.
Re: (Score:2)
I can say that it's not just you. LOTS of people are wrong about this.
There are plenty of reasons, but one of the best ones is that "web development" isn't necessarily separate from other development. If you're using the same data structures and operations across multiple targets (web, desktop, mobile), OO is definitely a good idea.
Re: (Score:2)
Almost everything planned for PHP 6 is in 5.4, except for full unicode support, which was slowing down the entire language too much.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)