Why people hate PHP

Why people hate PHP, a book from hell

PHP is maturing as a language as well as a technology for building a wide range of applications. PHP 7 is coming out this year and it’s more powerful and faster than it ever was. There’s a lot to look forward to, but there’s still plenty of room for improvement for PHP and for us as programmers.

Part of the reason for the PHP hate circlejerk is often explained as being fueled by its inconsistencies and functional shortcomings. This is definitely true for the older versions, but less and less relevant with every new release. The decisions and performance of the internals developers are another important contributing factor. The short array syntax, as an example, was proposed in 2003 and implemented only in 2012. But the subject of this post is the incompetence of programmers and programming book authors.

PHP programmers handbook

The first book on PHP I read was printed in 2003. Having a homepage was the hottest thing back then. Thanks to free shared hosting even kids could make a simple website in Microsoft FrontPage, upload it through FTP and marvel at their own creation. Flash buttons and frames weren’t enough for me, so I had to learn a scripting language. The book, examples from which are provided below, focused on PHP 4, but offered advice on comparability with PHP 3. It looked fine for a complete beginner. Revisiting it after so many years is quite entertaining.

The strings

You can use double quotes, you can use single quotes, this book uses accents to encapsulate strings. You can use grave accents (backticks) in PHP to execute commands, but you can’t encapsulate strings with them. Acute accents won’t work either. I have no idea how this made it into the book.

grave-accent-accute-accent

Tabs? Spaces? Nope.

no-tabs-grave-accute-accent

 

This line alone is amazing for many reasons. No one bothered running the code, before putting it in the book.

mistyped-fucntion

 

Capitalization is inconsistent.

inconsitent-capitalization

 

This code was supposed to demonstrate how operator precedence works. The authors of the book didn’t bother saving the result.

operator-precedence

The loops

Including a function like count() or sizeof() within a loops execution condition is a bad idea. This expression will be evaluated with every iteration.

while-count-cycle

for-sizeof-beer-cycle

Instead you should use something like this:

$count = count($array);
for ($i = 0; $i<$count; $i++) {}

or this:

for ($i = 0, $count = count($array); $i<$count; $i++) {}

Variables

The names for the variables don’t make any sense.

for-count-loop

code-doesnt-make-sense

If they wanted to show and example for a while loop they could have named the variables $i and $max instead of $my  and $name. That would make more sense.

 The visitor counter

This was my favorite script in the book. It was small, simple and I needed it very much. I copied it, saved and ran it. And it didn’t work. Again no one bothered running the code before including it in the book. Can you find the problem?

broken-visitor-counter1
Broken Visitor Counter page 1
broken-visitor-counter2
Broken Visitor Counter page 2

Apart from the </php  typo, the authors forgot a curly bracket after $counter = 0; .

SQL injection

Here the authors of the book surpassed themselves. Not only is <?php missing after the <body> tag and the $ sign is missing from submit, register_globals  is on and no validation or cleaning is performed before inserting a row.

register_globals SQL Injection

The aftermath

Awful learning materials bred bad programmers who wrote horrible software and more awful books. The momentum was strong and lasted many years. The next PHP book I read was printed in 2005 and still had code with SQL Injections, but at least no more register_globals.

Published by

Alexander

Your friendly, neighborhood, full stack, pseudorandom text generator

16 thoughts on “Why people hate PHP, a book from hell”

  1. Thanks for the entertaining read.

    I like how, in the last example, they assigned the database connection to a variable named `$date`, and then went on to select the database “mydatebase” [sic!].

    1. Thanks for reading.

      I was learning to work with MySQL from that book back in 2003. I actually called all my database connection $date for some time thanks to it. It didn’t make much sense, but it worked. Took some time to unlearn what I have learned back then.

  2. I think the sql injection part is a bigger problem. There are way to many books and tutorials for beginners who learn to use sql in php like this and i know that it is easier but they never metion that it is very unsafe to use it like this.

      1. I’m in agreement here, could you name the book? I’m reading a PHP book right now, and I honestly think this could be the first edition of it (or at least, not far removed). If it is in anyway related, then it shows that PHP books have not improved a whole lot in 10 years (mine is from 2013).

          1. Amazing resources? PHP The Right Way doesn’t even show how to query database with a where clause. Not a single mention of == vs ===. The usual problem points. So that’s not for learning PHP, that’s just a collection of some things people should know. No help for beginner.

            So could you show at least one “amazing” online resource for a beginner, that clearly shows how to do PHP, with all caveats explained? Really interested to know if there is one somewhere, since PHP is full of them. And that’s the reason many people hate it, it’s not a circlejerk, and nothing has been done to for example the idiocy that is strpos() returning false or 0 and a beginner not understanding why there is a need for === suddenly.

          2. PHP The Right Way is amazing, just not for beginners. The first results for “PHP for beginners” in Google do have issues, but Codecademy has a really good course for complete beginners. Aspiring PHP programmers just have to read the instructions on the left. Make changes to the code in the editor and see the result on the right.

            == vs === can be confusing for the uninitiated, I see it, along with PHPs weak type system, as convenience rather than a problem. That being said scalar types in PHP 7 are something to look forward to in terms of static analysis and safety.

  3. Just a data point… The PHP book I learned from was copyright 2004 (PHP5 and MySQL Bible [Wiley]). It did a great job of pointing out bad/dangerous practices, and was correct throughout. I guess I was lucky by the sound of things.

Leave a Reply