The dark side of PHP

Did you know PHP is Evil?
Kommentare

PHP is a wonderful little language in a lot of ways. It’s quite easy to learn, it’s wonderfully fast to work with and there is a mountain of functionality only a few keystrokes away. Unfortunately, it has had a reasonably troubled upbringing and much like a insidious school bully, it has been quietly working against you.

Unlike a lot of languages, PHP was never formally designed as such; instead it kind of grew and evolved from its rather humble initial goals into what it is now: To make it easy to embed dynamic content into otherwise static HTML pages. This has resulted in a number of questionable language decisions as well as ‘gotchas’ that you should be aware of, otherwise your precious little web app might spring to life and devour everything you love and hold dear.

Don’t believe me?

Open a PHP console and try a few examples:

print (int)“0″; // prints 0

print (int)“0asdf“; // still prints 0

print (int)“asdf“; // prints 0 (why not FALSE?)

print (int)array(); // prints 0

print (int)array(0); // prints 1. Yes, really. 1.

Things like this are important to note, as casting to an int is often used as a way to sanitize user input, this behaviour is the same as the intval() function.

Thankfully the growing number of solid PHP frameworks goes a long way to plastering up and painting over these issues, however they are still there and it’s still quite important to be aware of what is happening behind the scenes.

THIS IS A PREVIEW DOWNLOAD APRIL 2013’S ISSUE TO READ THE FULL ARTICLE.

Unsere Redaktion empfiehlt:

Relevante Beiträge

Meinungen zu diesem Beitrag

X
- Gib Deinen Standort ein -
- or -