Home >headlines >What are the misunderstandings about PHP?

What are the misunderstandings about PHP?

藏色散人
藏色散人forward
2021-08-20 14:34:293532browse

PHP has a bad rap now because it used to be "terrible". This article attempts to answer some common assertions about PHP, with the goal of explaining to non-technical people that PHP is not as bad as many people say.

→This article is translated from: https://www.getparthenon.com/blog/php-isnt-that-like-really-bad/

1. Does it encourage bad practice?

Not anymore. In the past, many developers were taught very poor practices from books, and as a result, the quality of their PHP code was very poor. PHP also used to allow you to do some really weird things that made it incredibly easy to build, but a nightmare to maintain.

These are no longer common questions. With the introduction of high-quality learning materials that are easy to learn and easily accessible, a new developer can learn PHP the right way. This prevents junior developers from writing code that is very painful to maintain because they don't know the correct way to build things.

With the introduction of frameworks, much of the common code that leads to many bad experiences is now done automatically; therefore, developers only need to use the framework and the framework will code it correctly.

Also, some bad practices over the years have been caused by missing features, resulting in things being allowed that shouldn't be allowed. Now in most cases it is not even possible to implement some of the things that were written before to lead to this kind of reputation.

Summary

  • It no longer encourages bad practice...

  • By using a framework Bad practice avoided.

  • Language features are being discussed a lot right now. Bad features are no longer supported.

  • PHP adds most, if not all, features that exist in other languages.

#2. Is its security very poor?

In the past, PHP applications were often poorly secured because the language allowed it. These things are no longer used as PHP application development is completely different now.

Remote and local file inclusion (where PHP reads files from other addresses than originally intended) has been removed by using the autoloader to include files instead of dynamically including files.

Through the extensive use of a template system (which automatically handles escaping and security issues for displaying dynamic content), cross-site scripting attacks caused by using HTML directly in PHP have been avoided (one user changed JavaScript script to be displayed to another user).

By using prepared statements in SQL, SQL injection attacks are avoided (this is caused by the need to build a SQL query and send the query along with the data, where the user can add additional SQL commands to the query). In addition, the use of ORMs is also common, which ensures that user data and queries are sent separately and SQL cannot treat them as separate commands.

Avoid cross-site request forgery (where a user can be tricked into performing certain actions on your site) through a widely used form library that uses a nonce system.

Summary

  • Not anymore.

  • Avoid remote and local file inclusion by using an autoloader (standard in all major frameworks).

  • Avoid cross-site scripting (XSS) attacks by using a template language as standard or a front-end framework such as React.

  • Avoid SQL injection by using ORMs and making extensive use of prepared statements.

  • Cross-site request forgery (CRSF) attacks are avoided by using nonce tokens (automatically supported by all major frameworks).

#3. Is it really slow?

It depends on what you compare it to. If you compare PHP to Java, C or Go, then it is slower. But if you compare PHP to Python, Ruby, etc., then it is not slow. PHP is one of the fastest languages ​​of its kind and is constantly improving in performance.

Most of the time, your application is slow because the server is overloaded or the database query is slow. These problems exist in any language.

Summary

  • PHP is relatively slow compared to compiled languages.

  • PHP is relatively fast compared to other scripting languages.

  • Slow websites are usually not due to the language being used that is not fast enough, but to performance issues caused by the server or database.

#4. Is its scalability really poor?

In fact, any language can be scaled. Compiled languages ​​(such as Go, C, or Rust) are less expensive to scale than scripting languages ​​(such as PHP). However, they are not designed for the same tasks. In fact, they are all the same; it simply comes down to the number of servers you use. If you use enough servers, you can scale any application. PHP is cheaper to scale than other scripting languages ​​because it requires fewer resources to get started and can run on smaller memory servers with more CPUs.

In addition, for scalability, the important thing is the database. If you can scale your database, you can scale your application. Databases are more difficult to scale than application servers. It's easy to add another client that reads the database; however, it's much harder to get the database running quickly.

Summary

  • Any language can scale; it depends on how many servers you use.

  • The real problem with scaling is the database rather than the application language used.

  • If you can scale your data, you can scale your application.

#5. Should I keep using it?

No. Every programming language has its areas of expertise. PHP is great for web applications. You should use it to build websites and APIs.

If you are building a system application where every millisecond matters, use Rust or C.

If you are building an artificial intelligence application, Python is a good option.

If you are building a SaaS application, PHP is a good option.

If you are building an Android application, Kotlin is a good option.

If you are building an application that runs on multiple platforms, Java is a good option.

Summary

  • No, every language has its best use cases.

  • The best use case for PHP is web applications.

  • Go, Rust, C are suitable for system applications.

  • Python is suitable for artificial intelligence.

  • Kotlin is suitable for Android applications.

  • Java is suitable for platform-independent applications.

#6. Conclusion

Many things said about PHP are 10 years out of date. In our opinion, if someone gives you information that is 10 years out of date on a technical topic, that person is probably not a technical expert you want to trust.

PHP is a great programming language for creating web applications and we think it is the best language for web application development.

Summary

  • Many of these complaints are 10 years overdue.

  • We believe that PHP is the best language for building web applications.

Statement:
This article is reproduced at:getparthenon. If there is any infringement, please contact admin@php.cn delete