People who say PHP is shit haven’t really used it and are just repeating the memes. It’s a perfectly fine language and there are a number of excellent tools and frameworks for it. It’s reputation is a result of it’s easy entry and widespread use. A whole lot of people who knew just enough to be dangerous made a whole lot of stuff, and it ended up causing a whole lot of problems. But for some reason devs shit on the language instead of shitting on the devs who put them in a mess.
It has also improved a lot in the last years. PHP5 and especially versions older than that weren’t very good and deserved a lot of the criticism. PHP7 and onward are much better languages and don’t deserve the hate.
Nah, it’s historically been a special kind of shit. It started life as a Perl templating engine, then grew out to its own language where it repeated all of Perl’s mistakes while adding more of its own. Its community was single-handedly responsible for keeping SQL injection attacks in the OWASP Top 10 list for years. Notice that it’s now bundled with “injection attacks” as a generic label for a wider range of similar issues–SQL injection alone would no longer warrant being there. Its conflation of arrays and hash maps meant it took years to wrestle with algorithmic complexity attacks. Perl kept the two separate, and was able to get a patch out for algorithmic complexity almost immediately (though it turned out to have a few bugs of its own, and a true fix came in a few years later; still faster than PHP solved it).
The web from 1998 through 2010 or so was absolutely riddled with bad PHP programs. “But that’s not the language’s fault”, you say? Doesn’t matter. Community is an important and underappreciated feature of a language, and PHP had a special kind of shit community. It almost seemed designed to suck away the dross from all other communities.
Consider the plugin system for phpBB:
Its architecture doesn’t have any kind of hook system for plugins; they’re added by patching the code in place
This naturally leads to different plugins interfering with each other
Having done that, you might choose one of the patch formats already out there, but phpBB decide to create their own
There are, at first, no tools available to automatically patch in plugins, so administrators (often not developers themselves) need to hand edit the source files and modify the database (the plugin format specifies both together)
Tools start to emerge over the years to handle it automatically, but they’re buggy and unusable for a long time
Is it PHP’s fault that one major application was implemented so poorly? YES! Its community is a feature, and its community is what brought us to this.
You want to claim that the language has done better since PHP7? Alright, that’s fine. I still don’t care. There are so many better options available, and I don’t have time to keep up with all of them. I’m happy relegating PHP to being a long-tail language where it trails off slowly over the years like COBOL.
People who say PHP is shit haven’t really used it and are just repeating the memes. It’s a perfectly fine language and there are a number of excellent tools and frameworks for it. It’s reputation is a result of it’s easy entry and widespread use. A whole lot of people who knew just enough to be dangerous made a whole lot of stuff, and it ended up causing a whole lot of problems. But for some reason devs shit on the language instead of shitting on the devs who put them in a mess.
The only language people don’t shit on are the ones nobody uses.
It has also improved a lot in the last years. PHP5 and especially versions older than that weren’t very good and deserved a lot of the criticism. PHP7 and onward are much better languages and don’t deserve the hate.
Nah, it’s historically been a special kind of shit. It started life as a Perl templating engine, then grew out to its own language where it repeated all of Perl’s mistakes while adding more of its own. Its community was single-handedly responsible for keeping SQL injection attacks in the OWASP Top 10 list for years. Notice that it’s now bundled with “injection attacks” as a generic label for a wider range of similar issues–SQL injection alone would no longer warrant being there. Its conflation of arrays and hash maps meant it took years to wrestle with algorithmic complexity attacks. Perl kept the two separate, and was able to get a patch out for algorithmic complexity almost immediately (though it turned out to have a few bugs of its own, and a true fix came in a few years later; still faster than PHP solved it).
The web from 1998 through 2010 or so was absolutely riddled with bad PHP programs. “But that’s not the language’s fault”, you say? Doesn’t matter. Community is an important and underappreciated feature of a language, and PHP had a special kind of shit community. It almost seemed designed to suck away the dross from all other communities.
Consider the plugin system for phpBB:
Is it PHP’s fault that one major application was implemented so poorly? YES! Its community is a feature, and its community is what brought us to this.
You want to claim that the language has done better since PHP7? Alright, that’s fine. I still don’t care. There are so many better options available, and I don’t have time to keep up with all of them. I’m happy relegating PHP to being a long-tail language where it trails off slowly over the years like COBOL.