http://www.osnews.com/story/9224/Major_Security_Bug_in_PHP Exploring the Future of Computing en-us Copyright 2001-2009, David Adams adam+nospam@osnews.com Thu, 09 Jul 2009 19:47:31 GMT http://www.osnews.com/images/osnews.gif http://www.osnews.com http://osnews.com/thread? http://osnews.com/thread? I'm sure all the zealots will find a way to blame this on Microsoft. Tue, 21 Dec 2004 20:37:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? Please tell us WHY you are sure.
Go on, give us a good read, matey. Tue, 21 Dec 2004 21:02:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? Yep they are to blame.

If they had open sourced .ASP we would not have had PHP !! Tue, 21 Dec 2004 21:02:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? If they had open sourced .ASP we would not have had PHP !!
----

PHP was developed even before ASP. so not true Tue, 21 Dec 2004 21:05:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? well, but if they produced something decent before php we would had avoided it!


I hate php, sorry, I can't stand stuff like this:
Unused terminal symbols

T_COMMENT
T_DOC_COMMENT
T_OPEN_TAG
T_OPEN_TAG_WITH_ECHO
T_CLOSE_TAG
T_WHITESPACE


State 282 conflicts: 2 shift/reduce
State 611 conflicts: 2 shift/reduce Tue, 21 Dec 2004 21:28:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? i think of it as C without pointers Tue, 21 Dec 2004 22:28:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? I think of it as being crap. No namespaces, an object model that's too sparse to be of use and that performs like a sloth on lithium if you try to use it.

It's easy to get started in PHP but it requires great discipline and effort to write anything worthwhile (of any scale) in it. Tue, 21 Dec 2004 23:14:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? "... it requires great discipline ..."

What's wrong with that :-) Tue, 21 Dec 2004 23:28:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? Take that argument too far and you might as well argue that everything should be coded in assembler. Discipline is always a good quality in a coder but PHP a scripting language that threatens to make a horrible mess without constant watchfulness and awareness of the traps. Given that most PHP coders are newbies with no understanding of this, the results are often painful. Even halway decent projects like SquirrelMail are bogged down with atrocious code (and more bogged down by the poor performance of the poor object model).

It's a question of proportion. I prefer cars with manual gears to those with automatic transmissions. I feel more in control and they are more efficient if you drive at all well. But a regular car with a manual transmission is still a reasonable method of transport. A monocycle with only one pedal, on the only hand, is not a practical vehicle no matter how much discipline it requires to keep it upright. Wed, 22 Dec 2004 00:22:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? PHP is good for small to medium scale web applications, sinced it is lightweight when programmed properly, every programming language requires discipline to be used efficiently. J2EE is good for large scale stuff, but I dont bother with asp, i dnt wanna be stuck to windows server Wed, 22 Dec 2004 00:44:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? php should be used for what it is designed for -- web scripting for simple to moderate applications. if you needed stuff like namespaces and better object oriented features, you're welcome to use Java or .NET Wed, 22 Dec 2004 01:19:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? By the list of your hates, it sounds like you're trying to use PHP for something it really wasn't designed. You'd be better off using J2EE.

PHP is a great scripting language if you use it to solve the types of problems for which it was created. Wed, 22 Dec 2004 10:32:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? I don't know so much here,
but cannot Python do the same as PHP but using a more robust language, namespaces, modules and all that stuff...?
How does PHP exceed Python? Wed, 22 Dec 2004 12:49:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? There's currently a worm floating around which exploits a vulnerability in the dreaded PHPBB. All these PHP-related security issues are awesome... :/ Wed, 22 Dec 2004 13:23:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? PHP is a language that will instantly reveal your level as a programmer. It is easy to write poor code but it's actually easy in every language to write poor code. No one uses PHP b/c it's best with objects. Everyone uses it b/c it has one of the most straightforward syntax of modern scripting languages, excellent on the web, it's fast, and has great documentation. Wed, 22 Dec 2004 15:00:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? J2EE is good for large scale stuff, but I dont bother with asp, i dnt wanna be stuck to windows server

Try ASP.NET, it doesn't have you stuck to a windows server, it can run on a linux server with Mono (for the time being). Wed, 22 Dec 2004 15:07:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? I also come from a c/c++ background and i have to say that i hate the dollar signs on PHP variables, it doesn't matter how much discipline you have, you're allways going to forget some stupid dollar sign. It's even worse than pythons indentation (another pet hate). Wed, 22 Dec 2004 21:16:00 GMT donotreply@osnews.com (Anonymous) Comments http://osnews.com/thread? http://osnews.com/thread? Everyone uses it b/c it has one of the most straightforward syntax of modern scripting languages, excellent on the web, it's fast, and has great documentation.

I avgree php docs are nice, and it's easy to find on host services. I don't think php synytax is any way better than the one of every other language except branf**k.

And its performance is the worst of every other serious scripting language for all duties. And it can't handle multibyte encodings. And oo performance is awful. Plenty of security issues too.
The zend engine just sux, that's it.
I mean, please consider my previous post: it's authors *don't have a clue* on what the php5 parser is doing. It works by PFM.

php was nice in the last century, it's time is now passed, just like biplanes. Wed, 22 Dec 2004 23:44:00 GMT donotreply@osnews.com (Anonymous) Comments