No PHP for large projects? Why not? [closed]

php scalability projects

Solution 1:

I really hate it when people say flat out that PHP is a terrible language because you can write code which mixes presentation with logic, or that it lets you allow SQL injection. That's nothing at all to do with the language, that's the developer.

PHP has proved itself to be highly scalable: Wikipedia is one of the largest and most popular sites on the Internet and it runs PHP. Enough said?

There are a lot of tools/libraries out there that give you a framework to work in, making it less likely that someone will write poor, less-maintainable code: see CakePHP, Symfony, PDO, Smarty, etc etc etc.

It has received a bad rap because it's a language which has very low barriers to entry: it's free, you can get very cheap PHP hosting, the documentation is the best there is, there's plenty of tutorials online, plus it makes a lot of things very easy (eg: open a URL and get the contents of the file: file('http://www.google.com');). This means that a lot of newbies picked it up and made a lot of very dodgy sites with it, but that's going to happen with whatever language you choose as your first.

Work with a solid ORM framework (there's about 30 questions on SO about which is best), and it will treat you good.

Solution 2:

A lot of people who say not use it are really saying don't use PHP 4. It comes down to this

you can write good code in any language

and

you can write bad code in any language

PHP can very often lend itself to becoming tangled spaghetti code libraries and make your 'application' really just a series of scripts (see Moodle for a good example of this...)

I think a lot of the 'Don't use PHP for large stuff' is coming from PHP being hacked up from it's original purpose: a templating language. Which I can understand, but there are lots of projects that prove you can do it (Drupal, mediawiki, Facebook).

Solution 3:

Theres no reason you can't use PHP for large projects. After all, Facebook is built on PHP. There will be issues however but there are issues with any large project.

What makes PHP so pervasive is the low barrier to entry and cheap hosting. It runs as an Apache extension and you can pretty much just start coding. If you go to more enterprise platforms such as .Net or Java, they have a much higher barrier to entry but they also come with a lot of infrastructure to help you make applications that scale.

For example, the database abstraction in PHP is (imho) woeful. It's vendor specific. With MySQL, people tend to do things like:

function get_users($surname) {
  mysql_query("select * from users where surname = '$surname'");
  ...
}

which is bad for several reasons:

  • It makes poor use of the query cache;
  • It doesn't handle escaping of characters (which, of course, can be done with mysql_escape_string() but you'll be surprised how often people don't do this); and
  • It's fairly easy to code in such a way as to allow SQL injection attacks.

Personally I prefer mysqli for all the above reasons but it has it's own problems: namely that using LONGTEXT fields crashes mysql and has done since at least 2005 with still no fix (yes I and several others have raised a bug).

Compare this to Java (with which I'm more familiar) and JPA or Ibatis are vastly better ORM solutions with higher startup costs but they will help you on an enterprise scale.

So you're not prohibited from doing large projects on PHP. It's simply harder in that you have to do increasingly more work yourself to replicate what other platforms provide you.

That being said, PHP + memcached/APC + beanstalkd goes a long way.

Oh that's the other problem: PHP doesn't really support background processing or threading. You need something else for that (or standalone scripts). If you're using something else, why not use that for the Web stuff too (eg Java, Ruby, .Net, etc)?

Solution 4:

As the question I linked was deleted, I'll place some of it here:

Question

I made a tongue-in-cheek comment in another question thread calling PHP a terrible language and it got down-voted like crazy. Apparently there are lots of people here who love PHP.

So I'm genuinely curious. What am I missing? What makes PHP a good language?

Here are my reasons for disliking it:

  • PHP has inconsistent naming of built-in and library functions. Predictable naming patterns are important in any design.

  • PHP has inconsistent parameter ordering of built-in functions, eg array_map vs. array_filter which is annoying in the simple cases and raises all sorts of unexpected behaviour or worse.

  • The PHP developers constantly deprecate built-in functions and lower-level functionality. A good example is when they deprecated pass-by-reference for functions. This created a nightmare for anyone doing, say, function callbacks.

  • A lack of consideration in redesign. The above deprecation eliminated the ability to, in many cases, provide default keyword values for functions. They fixed this in PHP 5, but they deprecated the pass-by-reference in PHP 4!

  • Poor execution of name spaces (formerly no name spaces at all). Now that name spaces exist, what do we use as the dereference character? Backslash! The character used universally for escaping, even in PHP!

  • Overly-broad implicit type conversion leads to bugs. I have no problem with implicit conversions of, say, float to integer or back again. But PHP (last I checked) will happily attempt to magically convert an array to an integer.

  • Poor recursion performance. Recursion is a fundamentally important tool for writing in any language; it can make complex algorithms far simpler. Poor support is inexcusable.

  • Functions are case insensitive. I have no idea what they were thinking on this one. A programming language is a way to specify behavior to both a computer and a reader of the code without ambiguity. Case insensitivity introduces much ambiguity.

  • PHP encourages (practically requires) a coupling of processing with presentation. Yes, you can write PHP that doesn't do so, but it's actually easier to write code in the incorrect (from a sound design perspective) manner.

  • PHP performance is abysmal without caching. Does anyone sell a commercial caching product for PHP? Oh, look, the designers of PHP do.

Worst of all, PHP convinces people that designing web applications is easy. And it does indeed make much of the effort involved much easier. But the fact is, designing a web application that is both secure and efficient is a very difficult task.

By convincing so many to take up programming, PHP has taught an entire subgroup of programmers bad habits and bad design. It's given them access to capabilities that they lack the understanding to use safely. This has led to PHP's reputation as being insecure.

(However, I will readily admit that PHP is no more or less secure than any other web programming language.)

What is it that I'm missing about PHP? I'm seeing an organically-grown, poorly-managed mess of a language that's spawning poor programmers.

So convince me otherwise!

Top Rated Answer

I'll take a stab at responding to each of your bullet points

PHP has inconsistent naming of built-in and library functions. Predictable naming patterns are important in any design.

I both love and hate this topic. Because at its core, this issue is correct. Why are some bi-word function split with an underscore, and some aren't? Why do needle and haystack parameters swap positions in the argument signature sometimes? It's ridiculous. But at the end of the day... does this really matter? My IDE with intellisense and php.net just a browser click away, this is just plain not that big of a deal. Is it a negative against PHP as a language? Yes. Does it hinder my ability to be an effective programmer? No.

The PHP developers constantly deprecate built-in functions and lower-level functionality. A good example is when they deprecated pass-by-reference for functions. This created a nightmare for anyone doing, say, function callbacks.

Personally, I think this is not a good point. Deprecation is necessary to the evolution of a language, especially one that has as much kruft as PHP does. PHP gets a lot of flak for "making it easy to be a bad programmer*" but at the same time, the PHP group also gets in trouble when they try to remove stupid constructs from the language, such as call-time pass-by-reference. Eliminating call-time pass-by-reference was one of the best moves they ever made. There was no easier way for a novice developer to shoot themselves in the foot than with this "feature".

A lack of consideration in redesign. The above deprecation eliminated the ability to, in many cases, provide default keyword values for functions. They fixed this in PHP 5, but they deprecated the pass-by-reference in PHP 4!

I don't think there's a general lack of consideration at all, I think you just got stung by this particular change and have been left with a sour taste in your mouth. Language changes are often known months if not years ahead of time. A migration guide was provided for the move from 4 to 5, and the version differences are documented in the manual. Call-time pass-by-reference was a horrible "feature" and doesn't give the developer any expressive power they can't get by other means. I'm glad it is gone (along with other crap like magic quotes)

Poor execution of name spaces (formerly no name spaces at all). Now that name spaces exist, what do we use as the dereference character? Backslash! The character used universally for escaping, even in PHP!

I have mixed feelings about this. Part of me thinks "who cares, character escaping has no meaning outside of a string anyway", and part of me thinks "surely they could use something better". But could they? I don't know, I'm not a developer for the Zend parser. Is it a huge oversight that until 5.3 PHP never had namespaces at all? Yes, absolutely.

Overly-broad implicit type conversion leads to bugs. I have no problem with implicit conversions of, say, float to integer or back again. But PHP (last I checked) will happily attempt to magically convert an array to an integer.

I think it's ok to disagree with how PHP does this, but disagree that it makes the language "bad". But ask me how much I want to sit in this topic and argue about weak vs strong typing. (P.S. I don't, at all) For the record: PHP will issue an E_WARNING level error when the type of an argument matters and cannot by solved by coercion.

Poor recursion performance. Recursion is a fundamentally important tool for writing in any language; it can make complex algorithms far simpler. Poor support is inexcusable.

PHP is a DSL for the web. I've been doing it full-time for 8 years and have maybe used recursion 4 or 5 times, usually for some type of annoying directory or XML traversal. It's just not a pattern that is needed for web development that often. I'm not excusing the slow performance, but this is an academic issue far more than it is a production issue. If you need really powerful recursive performance, PHP is already the wrong language for you.

Functions are case insensitive. I have no idea what they were thinking on this one. A programming language is a way to specify behavior to both a computer and a reader of the code without ambiguity. Case insensitivity introduces much ambiguity.

I totally 100% agree with this.

PHP encourages (practically requires) a coupling of processing with presentation. Yes, you can write PHP that doesn't do so, but it's actually easier to write code in the incorrect (from a sound design perspective) manner.

*Hmmm, this topic sounds desperately familiar...

But seriously, I find it remarkable that people will complain about a language that will absolutely 100% let you implement any output system you want (the sheer volume and style of PHP templating systems alone speaks to this) - OR - skip all that overhead and just output directly. This does not make PHP bad at all. It's part of what makes PHP good.

PHP performance is abysmal without caching. Does anyone sell a commercial caching product for PHP? Oh, look, the designers of PHP do.

Do you mean bytecode caching (like an accelerator), or output caching?

If the former, then I don't really know how much I care about this topic. Accelerators are free and easy to run. We could argue about why it isn't part of the language but in the end, I don't think it matters much.

If you are talking about output caching then I don't know what to say to you. ANY web project with significant traffic needs caching (seed podcast #27, for example). This is not a PHP-specific issue at all.

In summary, I think you consider PHP a "bad" language in a very academic fashion. And in your previous post you were probably voted down by people like me who use PHP to "get things done".

Second Top Rated Answer

All your criticisms (and some more) are valid. You are allowed and even expected to hate PHP.

But, then again, it has some benefits:

  • Ubiquitous
  • Fast (especially using opcode caches)
  • Huge community (and great documentation)
  • Works

Finally, you can overcome many if not all the downsides by writing good code you'd write in any other language. You can write solid, secure and good smelling code in PHP, which many times will run faster and be easier to host and to scale than many alternatives.

Third Top Rated Answer

What is it that I'm missing about PHP? I'm seeing an organically-grown, poorly-managed mess of a language that's spawning poor programmers.

Simple. The fact that poor programmers get very defensive about their language. ;) PHP is easy to learn, much easier than the alternatives, and once you've learned it, it's not exactly obvious 1) what's wrong with PHP, 2) how the alternatives are better, and 3) how to switch to, and learn, one of the alternatives.

And perhaps the fact that, well, what alternatives do people have? ASP? That has plenty of problems on its own, from being unable to run on the majority of webservers (Apache), to some ridiculous and overengineered design choices on its own (webforms? Viewstate? AJAX where your asynchronous" requests are intercepted and run sequentially?) Ruby on Rails? Well, perhaps, except how many webservers support it again? It's not exactly easily approachable at the moment. And it's slow. So perhaps PHP's "strength" is really that no good alternative exists. At least this is why I stay away from all web programming when at all possible. PHP sucks, and I'm not too keen on any of the alternatives either.

PHP has so many fundamental problems that it's not even funny. From the lack of unicode support, to the many implicit type conversions which often lead to unexpected security holes, to the complete mixing of presentation and... everything else, or to the default database module which doesn't (last I checked) use parametrized queries. We're talking about a language made for two things, database access and generating HTML, and which is terrible at both.

It's just a nasty mess, a language designed by people who aren't qualified, or able, to design a language. ;)

Related

checking if number entered is a digit in jquery
How does a modulo operation work when the first number is smaller?
Powershell: Reference a property that contains a space
How to declare a constant Guid in C#?
ASP pages in IIS using Localhost 401.3 Error do not have permission
CMake with include and source paths - basic setup
How to change the current day's hours and minutes in Swift?
Add row to class diagram
Windows 10 Bash (Ubuntu) - How to scroll up? [closed]
Open current editing file in explorer tree
Execute multiple command lines with the same process using .NET
what does O(N) mean [duplicate]