Hi
very interesting post about how PHP is badly designed compared to other languages
http://me.veekun.com/blog/2012/04/09/ph … ad-design/
I can relate when I was totally stuck on an incomprehensible error during half an hour because I had a silent cast somewhere on my code.
Now I do more Java than PHP, I'm really pleased to have a software that won't compile at all when I do strange things.
Some gems I discovered:
NULL < -1 and NULL == 0
Variable names are case-sensitive. Function and class names are not.
The __toString method can’t throw exceptions. If you try, PHP will… er, throw an exception.
create_function is not garbage collected [that's really dangerous in a loop !]
and obviously the big inconstancy of the API (bin2hex, strtoupper, etc.)
I don't meant to drop PHP and migrate to Java or Python. PHP is really awesome by it's simplicity to deploy and learn.
But I think anybody should be aware of the underlying syntax and security problems in order to build strong scripts.
---
Just a word about Piwigo: I would like at least to migrate all our database access to MySQLi and it's prepared statement and queries parameterizers, this would allow to remove much headaches with mysql_real_escape_string, addslashes and so on.
Personally I'm also totally for the use full OO architecture with a strong back-end framework (not Symphony or Zend which are really too heavy), but I would require too much rewrite work so it's not realistic.
Offline
mistic100 wrote:
Just a word about Piwigo: I would like at least to migrate all our database access to MySQLi and it's prepared statement and queries parameterizers, this would allow to remove much headaches with mysql_real_escape_string, addslashes and so on.
[Forum, topic 23721] mysqli prepared statements
mistic100 wrote:
Personally I'm also totally for the use full OO architecture with a strong back-end framework (not Symphony or Zend which are really too heavy), but I would require too much rewrite work so it's not realistic.
I don't think it is a good idea to switch Piwigo on such frameworks. But I think these frameworks are very useful, depending on the situation.
Offline
NULL == 0
This is obvious in php (and I don't say I agree with it), use identical ( === ) operator if you want to make sure types are the same. 0 false "" (empty string) are equal using equal operator "==". Refer to docs: http://php.net/manual/en/types.comparisons.php for more info.
Offline
please don't take things out of context, I quoted exactly
NULL < -1 and NULL == 0
THIS is not obvious
--
I didn't openned this topic for discussing about should we use either == or === etc, many topics on stackoverflow already exists with many people talking in circles :)
Offline
:)
I ment only using equal operator. The thing with NULL < -1 is funny thing indeed, but well its like comparing apples to oranges, interpreter has to work it out somehow, and it would be funny in other
direction too :)
NULL > -1 :P
and this case would be hilarious :D
NULL == -1 :D
Offline