152 points

Isn’t Wordpress powering like 40% of the internet? PHP isn’t going anywhere anytime soon.

For me the weirder part of that meme is Python in 2022?

permalink
report
reply
60 points
*

12 years after we learned Flask. 19 years after Django, which also was apparently hot 2 years before it was released.

permalink
report
parent
reply
15 points

Maybe all the AI stuff?

permalink
report
parent
reply
15 points

Its like the C of web, it’ll be a hundred years to kill it

permalink
report
parent
reply
14 points
*

IMO, Ruby is a better Python than Python. It’s simpler, has a cleaner syntax, and if you want to do funky stuff metaprogramming can allow you to do cool, and sometimes unspeakable things. Python has great library support, and slowness and Rails did make Ruby unpopular for a bit, but I would love to see a Ruby resurgence that wasn’t to do with Rails, because it is truly a lovely language to use.

Hell, I would say that in 2023, it’s easier/faster to get something set up and working in Rails than it is with frameworks like Symfony, Express, ASP.NET, etc.

permalink
report
parent
reply
5 points
Deleted by creator
permalink
report
parent
reply
7 points

There are literally dozens of us.

Ruby feels a lot like writing poetry. Especially with microframeworks like Sinatra.

Python feels more like writing JS/ECMAScript without any punctuation.

Then again I cut my teeth on Actionscript (1 ugh, 2 ooo, and 3 nice—oh the iPhone doesn’t support it…), so my opinion is probably pretty worthless.

permalink
report
parent
reply
2 points

I’d wager that most people haven’t used Ruby in anger, so don’t really have the comparison. Those that have used it have probably only used it in a Rails context, which IMO is a fairly limited environment to really play with Ruby.

I definitely love the language, but the ecosystem, library support, and some of the companies that jumped on the initial Rails bandwagon can be extremely backwards and resistant to change in tech.

permalink
report
parent
reply
2 points

Optional parens on function calls, implicit returns, curly brace procs with args in vertical bars 🙃

permalink
report
parent
reply
4 points

Yeah, and node was skipped for some reason.

Django (python framework) is almost 20 years old.

permalink
report
parent
reply
3 points
Deleted by creator
permalink
report
parent
reply
3 points

Was this supposed to be a joke?

permalink
report
parent
reply
-1 points
Deleted by creator
permalink
report
parent
reply
1 point

This just isn’t true though lol, python is one of many.

permalink
report
parent
reply
1 point
Deleted by creator
permalink
report
parent
reply
2 points

I think python is actually the oldest on that list… ??

permalink
report
parent
reply
6 points
*

Python based web frameworks like Flask are a lot newer

permalink
report
parent
reply
2 points

Can you elaborate on the python part? I’m not a programmer ( I don’t work in the field but I studied programming in high school) but I see python mentioned everywhere, is the language obsolete?

permalink
report
parent
reply
6 points

It’s not obsolete, it’s very good, still is. Just that Flask and Django both built on top of Python. So if it’s like late 90s or early 00s. Definitely before either Django / Flask. Python isn’t the new and thing of 2022.

permalink
report
parent
reply
1 point

In 2020 it was used at least in part on over 80% of websites according to w3techs.

permalink
report
parent
reply
114 points

People who say PHP is shit haven’t really used it and are just repeating the memes. It’s a perfectly fine language and there are a number of excellent tools and frameworks for it. It’s reputation is a result of it’s easy entry and widespread use. A whole lot of people who knew just enough to be dangerous made a whole lot of stuff, and it ended up causing a whole lot of problems. But for some reason devs shit on the language instead of shitting on the devs who put them in a mess.

permalink
report
reply
47 points

The only language people don’t shit on are the ones nobody uses.

permalink
report
parent
reply
5 points

I want to shit on Apache Pig Latin, but nobody uses it…

permalink
report
parent
reply
1 point

sad Ruby noises

permalink
report
parent
reply
42 points

Nah, it’s historically been a special kind of shit. It started life as a Perl templating engine, then grew out to its own language where it repeated all of Perl’s mistakes while adding more of its own. Its community was single-handedly responsible for keeping SQL injection attacks in the OWASP Top 10 list for years. Notice that it’s now bundled with “injection attacks” as a generic label for a wider range of similar issues–SQL injection alone would no longer warrant being there. Its conflation of arrays and hash maps meant it took years to wrestle with algorithmic complexity attacks. Perl kept the two separate, and was able to get a patch out for algorithmic complexity almost immediately (though it turned out to have a few bugs of its own, and a true fix came in a few years later; still faster than PHP solved it).

The web from 1998 through 2010 or so was absolutely riddled with bad PHP programs. “But that’s not the language’s fault”, you say? Doesn’t matter. Community is an important and underappreciated feature of a language, and PHP had a special kind of shit community. It almost seemed designed to suck away the dross from all other communities.

Consider the plugin system for phpBB:

  • Its architecture doesn’t have any kind of hook system for plugins; they’re added by patching the code in place
  • This naturally leads to different plugins interfering with each other
  • Having done that, you might choose one of the patch formats already out there, but phpBB decide to create their own
  • There are, at first, no tools available to automatically patch in plugins, so administrators (often not developers themselves) need to hand edit the source files and modify the database (the plugin format specifies both together)
  • Tools start to emerge over the years to handle it automatically, but they’re buggy and unusable for a long time

Is it PHP’s fault that one major application was implemented so poorly? YES! Its community is a feature, and its community is what brought us to this.

You want to claim that the language has done better since PHP7? Alright, that’s fine. I still don’t care. There are so many better options available, and I don’t have time to keep up with all of them. I’m happy relegating PHP to being a long-tail language where it trails off slowly over the years like COBOL.

permalink
report
parent
reply
9 points

I’d say that PHP allows you to write very bad code (and makes that the default). It’s a language feature.

For example Java has a lot of NullPointerException because it was designed with null and without mechanisms to detect & prevent these errors. Any method can return null and cause a NPE. It’s just easy to ignore them. Modern languages like Go, Rust or Zig force you to handle null errors, and make it easy to do so. NPEs are a lasguage feature in Java.

In the same way PHP allows you to write any ugly code you want. There are no checks, no safety. People can write bad code, people can be lazy, people can be stupid. PHP allows it and empowers them.

permalink
report
parent
reply
1 point

Exactly. I used PHP for years, I haven’t “not used it.” It was the first programming language I seriously learned. Writing good code was tedious if not impossible and that became even more obvious as I expanded to C#, Java, Python and C++; none of which tolerated any of the bad and unconventional practices I’d inevitably picked up. Keep in mind, I was actively trying to avoid bad practices and pay close attention to types but still got kicked to the curb hard when I tried other languages. I haven’t had that since.

I appreciate it’s changed since, I’m happy to see it’s not the same dumpster fire it once was, I also don’t care. I don’t actively trash it, I just think there’s usually a better option.

permalink
report
parent
reply
27 points

I used PHP for the past year. And honestly I still think it is not a good language. Just of the top of my head.

  1. By far the biggest culprit. Arrays. This monstrosity is basically everything. Yes, it is fast but it only teaches bad habits. It is a weird combination of Arrays/Lists/(Dictionary/Hashmap) and you can’t know which one it currently is because there are 0 compile time safety checks. Also when used as a parameter it is passing a full copy instead. But the copy of course is only shallow. I have seen so many problems with that. And even worse when someone thinks the way to fix it, is to just json encode/decode the whole thing in order to get a deep copy before passing it.

  2. Generics. I still don’t get why this is such a huge issue. Like I would rather have a half-baked optional compile time implementation then none at all. The worst part is that IDE tools support generics so you end up inplementing them on the comment level. I shouldn’t be forced to use generics through comments.

  3. $ for variables. I know that this is just based on how the language grew. But god do I hate having to type it. It is not an easy to reach letter and just breaks my typing flow the whole time. You get used to it but still.

4 . The default functions. Yes. You will mostly use framework provided functions or your own stuff. But you still end up in contact with them and the naming schemes are still all over the place, so it is fast to just google it then hope you accidentally stumble upon it through the IDE. And some things are still straight up missing. Like the best way to deep copy an array is json_encode into json_decode. When I saw this the first time I was sure that must be wrong. But no. That is legit the way to do it.

Also I am stuck with PHP7 so some of my other complains seemed to be fixed in later versions. Also please don’t recommend DS for my first issue. I tried to push for it but it got vetoed because “it is too complicated for new devs”.

permalink
report
parent
reply
10 points

The language itself is not that bad. Especially the newest releases are really great, thought out DX improvements. What stinks are its legacy parts and how it needs to be run.

My biggest pain is that for it to actually behave like it should it requires some sort of an actual web server like apache or nginx.

Also, servers written in are actually request handlers - every time a request comes, the whole app is reinitialized, because it just can’t hold its state in memory. In many apps every request means reinitializing connection with database. If you want to keep some state, you have to use some caching mechanism like redis or memcached.

Also had one time when Symfony app was crashing, because someone forgot to close class braces, and everything was “working” until some part of code didn’t like it and was just dying without any error.

And one time when someone put two endlines after php closing tag at the end of the file, confusing the entire php interpreter into skipping some lines of code - also without warning, and only in specific php version.

permalink
report
parent
reply
6 points
*

Back in the day, the way it integrated with Apache was an evolutionary advantage to PHP. It found a strategy that worked in its environment and it thrived. That environment no longer exists, but PHP holds on vestigially.

We didn’t have AWS or other cheap, virtualized hosting way back when. It was all shared plans where you had a directory of your stuff, and it was there with a hundred other people on the same server and Apache instance. You could run whatever you wanted as a CGI, but that was even worse; it forks off a whole interpreter for the language, parses the code, and then used STDIN/STDOUT to communicate. Even if you implemented it in compiled C code (which had all the other problems you would expect), that fork is still expensive.

Projects like mod_perl and mod_python built an interpreter directly into Apache, but there was a problem with how it worked: it was too sophisticated. They could hook into the entire Apache API. That meant that there was no way to separate your stuff from every other thing on the same shared hosting plan. Any one instance would be able to fool around in all other accounts. That’s untenable, so your choices for those languages were to either get a dedicated plan at well over $100/month, or stick with a $5/month shared plan and put up with it being unscalable.

Enter mod_php. It builds the interpreter into Apache, but that’s all it does. Still have a parsing step, but it doesn’t have to fork. Doesn’t try do anything else. Its fast, and it can be hosted on cheap shared plans.

If you’re a startup at this time, operating on frozen pizza and office chairs from a thrift store, then you could get a cheap plan, develop it under CGI, and hope that you can refactor it later when you can afford a dedicated plan. Oh, and keep in mind that CGI doesn’t lend itself to converting easily to the Apache API or whatever else you’re going to use in the future. Alternatively, you could build it in PHP and it will be fast now and acceptable later.

It’s no great mystery why PHP was chosen at the time. There were limited options, and it was the cheap, get it done now option.

permalink
report
parent
reply
9 points

Not sure why you focus on arrays for deep copying. Deep copying objects is a problem in many languages and brings some challenges with itself that make it almost always necessary to delegate it to a library.

permalink
report
parent
reply
5 points

Simply because it was an issue that I ran into at work. And the reason I focus on arrays is because of the previously mentioned default behaviour of arrays being cloned when passed as an argument for a function. The issue here was someone unexperienced wrote a bunch of code and used only arrays (deep ugly arrays) and it ended up being a huge mess of some references staying the same while others changed. So the only solution was to deep copy at one place. That way later operations on these arrays didn’t affect the original structure. Not pretty but refactoring would have been too much effort.

permalink
report
parent
reply
5 points

$ for variables. I know that this is just based on how the language grew. But god do I hate having to type it. It is not an easy to reach letter and just breaks my typing flow the whole time. You get used to it but still.

I’m assuming you’re not using an English keyboard…? Shift+4 is an extremely key combination for me lol

permalink
report
parent
reply
4 points

Right alt + 4 for me lol

permalink
report
parent
reply
5 points

What is “DS”?

permalink
report
parent
reply
1 point

Can’t open the one response you got. So maybe someone already answered. But this here

https://www.php.net/manual/en/book.ds.php

permalink
report
parent
reply
1 point
Deleted by creator
permalink
report
parent
reply
3 points

The answer for the deep copy would seem to be a combination of a static recursive function to copy the array while cloning the objects inside, with setting the __clone() magic function in your objects to break the references, no? Granted it’s not a built in function, but not difficult to implement.

permalink
report
parent
reply
2 points
*

Arrays are passed by copy by default. Every scalar or array value is copied by value. Every other thing (objects basically) is copied by reference.

Passing array by reference passes everything it used to copy by reference.

Attempting to clone an array will result in an error.

Reassignment of a variable containing an array will do the same as if passed to a function by value.

Reassignment of a variable containing an array using the reference operator will do the same as if passed to a function by reference.

So, in order to deep copy an array, just reassign and recursively traverse the array calling clone on each object. Of course, this would break (or not, depending on the intended use) when the same object is referenced multiple times under different keys.

permalink
report
parent
reply
2 points

Sorry for being lazy so no sources for now. But based on my research back then. Using clone (on arrays) is actually slower then json_encode/json_decode.

So there are some cool optimization tricks going on in the background. But that doesn’t make it any more intuitive for me.

permalink
report
parent
reply
14 points

I used to think that php was a bad language until recently (used php5 when i was just learning to program, cooked some delicious spaghetti). But after 5 years I had to use PHP at work. The language has improved a lot, but I think a lot of the bad parts are still there.

Like, why does stdclass exist? Why not just use associative arrays? Why are there warning, error, fatal errors, exceptions? Some functions throw exceptions, other raise errors, others return false, other fail silently and you have to call another function to check if there was an error (last_json_error). Why do find functions return false instead of -1? Like every other language? Why can’t I use strings with numeric values as maps keys? (I can’t have ["001" => value], it gets casted to ["1" => value].

There are no generics, you have to use mixed everywhere. The stdlib is an inconsistent mess, some_snake_case, someCamelCase, verb_noun, noun_verb, functions are not namespaced, everything is global. A lot of duplicates: die vs exit, print vs echo, etc. You are forced to use PSR & autoload to be able to use namespaces in a tolerable way, not including_once everywhere. No UTF-8 support, only ascii. You have to manually use mb_ functions. Variable scoping is weird. Variable variables? Why?

And all that is just comparing it to the average language. If compared to a modern language like Rust, Zig, Swift, php is light years behind.

It’s not hot garbage, but I wouldn’t call it “good”. There’s laravel, but not much more. PHP still makes you shoot yourself in the foot by default, unless you spend a lot of time learning its edge cases. Just like javascript.

permalink
report
parent
reply
14 points

There are a lot of people who think that if a language or framework doesn’t completely disallow bad practices (and of course the authors have to agree with their very specific subjective ideas of what bad practices are) then it sucks. I’ve always found that weird. Like why are you mad at a tool for being “too flexible”? Why not be okay with learning what not to do?

permalink
report
parent
reply
6 points
*

If you’re going to do that, then you also have to have a community that stresses best practices.

In 1999, Perl was leading the world with a tutorial for DBI (its primary database driver interface then and now) that uses placeholders in its very first code example. The community made that the standard, and it was the first hit on “Perl SQL tutorial” on Google for a long time. Perl applications with SQL injection attacks are out there, but have been relatively uncommon.

Notice that the API doesn’t force you to use placeholders. It’s simply strongly encouraged by the community.

Also in 1999, PHP was leading the world in not having a database driver interface through a common API, but rather a thin wrapper over whatever C libraries were used for individual databases. If that database supported placeholders at all (MySQL didn’t, and guess which database was most popular with PHP?), then it often had a different syntax* for every one. (Note that Perl’s DBI uses a translation interface that can implement “?” as a placeholder for you if the underlying DB doesn’t do anything else or uses weird syntax). You could always use a filtering function, and PHP devs would routinely try to write their own rather than use the one that came with the database API that’s already vetted. Either way, there was no widespread community pressure to use safe practices, and PHP led the world in SQL injection vulnerabilities for well over a decade.

*As a side note, I was recently accused by another dev of having a Python app riddled with SQL injection vulnerabilities. In fact, it was well protected, but it was using the psycopg interface to PostgreSQL, and it has a weird placeholder syntax that the other developer wasn’t familiar with. Thanks, psycopg!

permalink
report
parent
reply
2 points

An interesting thing you may have missed is that the PHP community actually aggressively removed posts from stack overflow suggesting the old broken autoquoter approach. I’d say that PHP actually has an incredibly security minded community at this point.

permalink
report
parent
reply

[This comment has been deleted by an automated system]

permalink
report
parent
reply
3 points

On the flip side, there is VBA which practically enforces bad practices.

permalink
report
parent
reply
14 points

It has also improved a lot in the last years. PHP5 and especially versions older than that weren’t very good and deserved a lot of the criticism. PHP7 and onward are much better languages and don’t deserve the hate.

permalink
report
parent
reply
5 points

I worked a lot with PHP3 and 4, they work by the “Here is a flat C style API and here’s all the functions to use.” principle, and a lot of the work was finding the needed function, and how to use it.

I know PHP5 did a lot of redesign especially with classes, but have never used it, hope PHP5+ feels more like Pythons toolbox.

If I should write a web application today, I would start looking at Python based frameworks: Django (I have used it before)/Flask/Etc. as I am not sure I would like to work with JavaScript, or have to re-learn PHP.

permalink
report
parent
reply
3 points

A fun story about the origin of some of PHP’s first function names. The hash function in the table for function names in the interpreter was strlen(), so names were chosen to have a wide distribution of lengths.

(source)

permalink
report
parent
reply
1 point

A fun story about the origin of some of PHP’s first function names. The hash function in the table for function names in the interpreter was strlen(), so names were chosen to have a wide distribution of lengths.

(source)

permalink
report
parent
reply
8 points

I think the worst thing about PHP is all the ancient tutorials that litter the web like landmines. SQL injections everywhere.

And there’s way too many low-budget wannabe web developers who know just enough to blow their own feet off. Or more likely whoever paid for its feet, because that web dev will be nowhere to be seen a week after handing it over.

permalink
report
parent
reply
6 points

Honestly, php is actually pretty fucking sweet for functional programming and metaprogramming… other languages wish they had __invoke and __get.

I also think it has the “right” balance of library functions built in, you can do pretty much anything common and trivial with built-ins but the function list is short enough that you can comprehend most of it.

permalink
report
parent
reply
4 points

__invoke is just for making a class Callable. Java has those with functional interfaces. __get is just dynamic property resolution synax sugar. Instead of something like obj.get("property") you do obj->property.

Instead, I would like to see ADTs, generics, pattern matching, immutability, expressions everywhere and a better stdlib. Then one could call PHP functional.

It’s like how people say Javascript is functional. Sure, it has lambdas, anonymous functions, closures, const. But those alone don’t make it functional.

Functional programming is very different (and at times hard). If you have the time you can check out F#, OCaml, Elixir, Erlang, Rust or Haskell (in order of difficulty imo). Those are more “pure” functional, rather than imperative/OOP with a touch of functional.

See how things work, what features they have and don’t have. How problems are solved in these languages. I think learning about one of them can give you a different perspective on what functional means. I discovered F# one day, got curious and discovered a whole different paradigm, a new perspective on programming. And learning about functional programming really made me a better programmer, even on procedural/OOP.

permalink
report
parent
reply
5 points
*

My issue with PHP isn’t the language, it’s the developers. PHP developer culture is much like C# and Java culture.

I could bring a million reasons I don’t want to program in PHP and every time we talk about it, the PHP developer tells me I should be using it for everything. If I suggest that it may not be the best tool for a particular task at hand, the PHP developer tells me it’s the only language they know so they will use PHP.

The issue is that this type of culture closes doors mentally. In any craft, we should try to use the best tool available for the task at hand. In carpentry you’d use a hammer with nails and a screwdriver with screws. In programming, there are times using PHP makes sense and times it doesn’t.

In container based services, I tend to lean toward a compiled binary because it reduces the size of the container at run time and most modern languages don’t require tons of heavy duty frameworks to scale well there.

In a monolith, a fully interpreted language with an MVC framework could make sense.

permalink
report
parent
reply
3 points

I’ll never understand devs that go “I don’t know that language”. PHP is one of the only languages used in production I don’t know. I have read examples and it looks like you bastardized a Java/c# clone with bash or a string templating language, which isn’t very appealing. But like, if I had to learn it, I’d do so in a month, functionally writing it in a week tops. Learning languages is part of the job, and they all add something to your understanding of paradigms.

permalink
report
parent
reply

I think we need to keep in mind that a programming language isn’t learned in a day whereas the use of most tools can be learnt within minutes, albeit not perfected of course.

The hurdle to learn a new language is higher and also there is only so many langauges you can be fluent in at the same time, until you start mixing stuff up and causing more problems for yourself than being proficient in just a few languages.

permalink
report
parent
reply
2 points

It’s fine to not know every language. I’m not saying you must know every language. I’m saying that only knowing one and refusing to use another is a problem I’ve seen from PHP, Java, and C# cultures almost exclusively.

The only exception I’d say that makes sense is people who are using coding for a small part of their overall job. But full time software engineers should have at least a few options in their belt for backend that they understand and can use in different scenarios.

permalink
report
parent
reply
4 points

It’s also funny how they mention languages and frameworks, but php is just php. No symphony or whatever people use now, php. And somehow people whlent from using frameworks in python to not using them? It makes little sense.

permalink
report
parent
reply
3 points

I’ve never actually used PHP.

Does it still have random Hebrew in error messages like ‘unexpected T_PAAMAYIM_NEKUDOTAYIM’?

permalink
report
parent
reply
1 point

One could argue that people who say PHP is fine only suffer Stockholm syndrome !

permalink
report
parent
reply
-5 points
Deleted by creator
permalink
report
parent
reply
-14 points

I think PHP is shit because I used it about 14 years ago (+/- 1/2 years), where it was crystal clear that the language was written by a complete amateur. I’ve example off the top of my head: you couldn’t reference an element of an array returned by a function in the same line, you had to first assign the function’s output to a variable and only then were you able to reference an element of the array in the variable. Like, WTF!!!???

It may have improved over time, I just don’t care enough to find out. It doesn’t deserve my attention.

permalink
report
parent
reply
6 points

Yea, I used Rust 14 years ago and it didn’t even have a compiler, what a fucking clown car of a language!

(Also, they fixed that with a really smooth syntax… and 14 years ago, you actually could do it with list())

permalink
report
parent
reply
-2 points

I’ve designed languages from the ground up, and written interpreters and compilers, so maybe I’m a bit of a snob regarding that kind of thing.

With all the levels of abstraction nowadays it’s impossible for anyone to understand the whole stack, so I don’t blame you for not caring how things are implemented under the hood.

But that issue with PHP (one of many) made me want to find the person who wrote that abomination and slap them with a baseball bat.

permalink
report
parent
reply
83 points

There are two kind of programming languages:

  1. The ones everyone complaints about
  2. The ones nobody uses.
permalink
report
reply
66 points

It’s hard to justify using anything other than JS or if you wanna be fancy, Web Assbly, for the FE.

Any other front end language involves generating Javascript from your language, which inevitably ends up with you making a weird Frankenstein project that mixes the two.

I’d rather just use stuff like Webpack or Vite to compile my JS front-end out of JS (or TS) from the start. It always ends up being a cleaner result.

My backend though can be whatever the fuck I want it to be.

But if you ever think dynamically compiling/transpiling a JS front end on the fly on demand is a good idea, instead of simply just delivering static pre-compiled/transpiled pages, you’re part of the problem for why the web is so slow and bloated.

It’s wild how crazy of projects people will build that take 3 entire seconds to just deliver a 500kb static form that doesn’t even need angular to do anything. They turn a couple hundred kb into several mb for no useful reason, it’s wild.

permalink
report
reply
19 points

On that last bit. I agree with you, but people are getting paid to produce, and since they probably just know angular, they use angular everywhere.

permalink
report
parent
reply
17 points

I prefer html personally :x

But yeah, I mostly blame the project managers that encourage this behavior, it’s wild how much overengineering goes into basic stuff like making mostly static websites.

permalink
report
parent
reply
7 points

Same, plain old HTML, and if I need some reactivity then Stimulus. And if need even more reactivity, then VueJS / Alpine. If the form can’t be submitted via a regular submit button, it infuriates me.

permalink
report
parent
reply
7 points

To my understanding, you can’t really use WebAssembly for the frontend - it doesn’t support manipulating the DOM, so you still need to offload a lot of the work to JS. It’s an uncontested language when it comes to web frontend.

permalink
report
parent
reply
12 points

It does support it, it’s just slower than JS. WA is faster in other aspects though, so frameworks that compile to WA (like the Rust framework Leptos) still end up being faster than a lot of JS ones.

permalink
report
parent
reply
3 points

I find that the only reason for SSR existence is to be able to just move a JS frontend to the backend for SEO/client performonce reasons with almost no effort. If the frontend really needs to be highly interactive then yeah, a FE framework makes things easier. But then you are locking yourself to using JS in the backend. Voluntarily locking yourself to use an objectively bad language.

Then there are the react/angular/other people, who build everything in these frontends.

I really hope tools like htmx gain traction, since it looks like a model able to solve the current JS madness.

permalink
report
parent
reply
2 points

I’m not liking htmx, I checked it out, it seemed promising, but it has giant gaping security holes in it so I can’t endorse it.

I have been sticking to using Ejs with html-bundler-webpack

The combo is lightning fast and gives me a solid usability of html partials so I can modularize my front end in re-useable chunks.

It compiles to the static site fast for iterative development, it has everything I need baked in for common needs (minification, bundling, transpiling, cache busting, integrity, crossorigin, tree shaking, etc etx)

I like how it let’s me just focus on actually writing the html + js + css and not have to muck around with thirty boilerplate steps to just make the app run.

If I need a lot of reactivity I’ll use vue or angular but I so so rarely need that.

And now with the template element, half the time reactivity can just be done with those.

Only time I actually need react/vue is when I have to frequently mutate/delete in the DOM.

But if I purely am additive, adding things to the DOM, template elements are plenty.

permalink
report
parent
reply
3 points

Could you elaborate on the htmx security holes? I only know about xss attacks, and for those it’s trivial to sanitize in the backend.

I too gravitate towards just templating for static or simple interactivity, but for pages that need SEO and interactivity I’m still wondering what’s a good solution that doesn’t involve SSR and a js framework. For a recent project I had I generated the html in php and sent a lot of pure js for dom manipulation

permalink
report
parent
reply
66 points

PHP is amazing

If you’re thinking of PHP version less than 8 you need to have another look

Totally stateless. Uncached server side rendered response times in double digit milliseconds.

Types

Extremely battle, highly tested frameworks.

Excellent tooling for tdd, bdd, static analysis, automated browser testing, coding standards and auto fixing. Even fully automated refactoring for things like package upgrades (Rector)

Regular, solid, releases bringing updates and fixes

Arguably one of the best package management systems, Composer. And only one, none of this constantly changing tooling that some other ecosystems seem to do

Properly open source platforms to power all kinds of web projects from e-commerce, CRM, social, scraping, analytics, monitoring, API, CMS, blogging

Basically if your target is server side web stuff then it’s really good

Or, you can continue to demonstrate how out of touch you are by continuing with the old “PHP bad” jokes if you want!

permalink
report
reply
20 points

Uncached server side rendered response times in double digit milliseconds.

Thirst thought, that sounds slow. But for the use case of delivering html over the Internet it is fast enough.

permalink
report
parent
reply
16 points

Get this man some water.

permalink
report
parent
reply
3 points

Double digit milliseconds sounds slow to you?

permalink
report
parent
reply
4 points

For a bit of templating? Yes! What drives response times up is typically the database or some RPC, both of which are out of control of PHP, so I assume these were not factored in (because PHP can’t win anything there in a comparison).

permalink
report
parent
reply
3 points

not only that but you just install it with the lamp stack setting in ubuntu tasksel with apache and mariadb. the beating that these can take (except maybe the sql) and survive is great. you also have access to the whole of linux to do more advanced stuff, while other languages/ stacks shy away from exec

permalink
report
parent
reply
7 points

other languages/ stacks shy away from exec

I’m sorry, what?

permalink
report
parent
reply
11 points

Turns out arbitrary code execution is actually great(!)

permalink
report
parent
reply
3 points
*

All of that can be the same as other stacks except the Apache bit. You can stand up a Go application on Ubuntu hitting MariaDB as its persistence layer. Or Python. Or Node. Or Java. Or even Ruby. Shit, Haskell can do it.

Also, exec is a code smell. Arbitrary code execution is a massive security risk, and the effort to mitigate that risk is often less than explicitly building out the required functionality.

I think you need to explore more technologies, my friend. And read up on some security things

Edit: I now realize you mean exec as in calling out to a shell. All languages have this. Still, the overhead of spawning and managing a new process is often more than just implementing the logic in your application itself.

permalink
report
parent
reply
1 point

I personally prefer hestiaCP but yes

permalink
report
parent
reply
2 points

Extremely strong functional programmer support, too!

permalink
report
parent
reply
1 point

What’s wrong with version 8?

permalink
report
parent
reply
27 points

Dude was saying that 8 is good, but people still think of version 5 when talking about PHP. Not recommended to still use in 2023.

permalink
report
parent
reply
5 points

Even 5.3 was good enough.

4 was hilariously bad though

permalink
report
parent
reply
2 points

he meant 8 is great

permalink
report
parent
reply
1 point

On the opposite - version 8 is great.

permalink
report
parent
reply
1 point

On the note of testing, Pest is still one of the best testing options I’ve seen across a variety of langs.

permalink
report
parent
reply

Programmer Humor

!programmerhumor@lemmy.ml

Create post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

  • Posts must be relevant to programming, programmers, or computer science.
  • No NSFW content.
  • Jokes must be in good taste. No hate speech, bigotry, etc.

Community stats

  • 3.7K

    Monthly active users

  • 1.5K

    Posts

  • 35K

    Comments