PHP Programming (was JOB: LAMP Artisan)

Levi Pearson levipearson at gmail.com
Thu Mar 6 19:38:53 MST 2014


On Thu, Mar 6, 2014 at 5:41 PM, Joshua Marsh <joshua at themarshians.com> wrote:

> I don't think I'm shrugging it off. I just think that zealots and academics
> don't typically represent reality. The blog post was clearly inflammatory
> and he didn't iterate anything that wasn't already known to me or the
> public in general. Everyone has an opinion. He clearly has one about PHP.
> Regardless, people still use it and new projects are using it.

I think that by grouping "zealots" and "academics" together, you show
that you don't appreciate the connection between the reality of
programming and its foundations in academia.  It's a really bizarre
phenomenon, and I see it much more in my programming-trained
colleagues than in my EE-trained colleagues.

> Don't get me wrong, I see your point about moving forward. I'm constantly
> suggesting new tools and languages for projects. New and sparkly is fun for
> academics and my basement. It may even work out well in the startup market.
> The problem is that we haven't figured out what all the risks are of using
> these new technologies. PHP has been around long enough that the risks and
> remedies are fairly well defined, some of the remedies have even been
> automated. That risk analysis tends to be more important (at the company I
> work for, substantially more important) than language design or the poor
> standardization of function names.

I am not talking about "new and sparkly".  The "new and sparkly" stuff
is often just rehashed "old and broken" stuff without a lot of real
benefit, and it pays to look deeply into things before adopting them.
Trendiness is no better than clinging to old, broken ways.  But there
are plenty of old, good and proven ideas that we are completely
failing to take advantage of.  And there are all sorts of old ideas
that were simply impractical before now.  They mostly *aren't* new and
sparkly, which is why the trend-hoppers never quite seem to get them,
and continue flitting about on the whims of fancy.

What astounds me is that people say stuff like, "we know all the
risks, we don't make make mistakes and do stupid things like those
other people" and continue to use their old broken tools that they
know are put together by sub-standard engineering.  Witness the
unceasing security flaws that are uncovered in critical packages on a
regular basis.  Clearly, the remedies are not well-defined enough!  Or
all these macho programmers are not actually following the disciplines
required to use thier unsafe tools safely.

I hate to break it to you, but programming is *hard*, and human beings
are *really bad* at it.  You are too, and so am I.  We need all the
help we can get from good tools, because we suck at gettign all the
details right all the time.  We get lazy or tired or just plain
unlucky, and errors skip past our notice.  Now, I have no idea what
you do, or what sort of risk analysis you do at your job.  Maybe it's
perfectly sound analysis, and your PHP code is always flawless (aside
from the flaws baked into the PHP interpreter itself, of course) and
you're really deriving some benefit from PHP that you wouldn't get
from some better tool. There are definitely reasons to use poor tools,
regrettable though it is.  But there are no good reasons to call poor
tools anything other than poor tools, or to be apologetic about their
flaws.  You don't have to like your tools to use them well; in fact,
you will probably use them better if you don't convince yourself you
like them. :P

        --Levi


More information about the PLUG mailing list