PKJ.no

Petter Kjelkenes, a blog about technical stuff.

PHP, the good and the bad

Posted on 27. September, 2018

PHP is probably amongst the most hated programming languages around the world. Some people love it, some people say its a toy language, some people hate it with a passion.

PHP has grown a lot within the last couple of years. PHP now supports proper OOP, and have concepts like Classes, Interfaces, Traits, Closures / lamdas, Generators, Strict types, and more.

This article will be a list of what I think is good, and what I dont like about PHP.

The good

  • PHP is really easy to get started with. Put a script on a web server and run it. This can also be bad.
  • You dont have to learn basic concepts like how the http protocol works, just create a script and start echoing stuff out. This can also be bad.
  • PHP 7+ is really fast, it beats the contenders such as Ruby and Python.
  • PHP has composer which can be compared to gem, pip and npm. Composer was probably the best thing that happened with PHP.
  • PHP has plenty of well tested blogging systems and cms systems. E.g. Wordpress, Drupal, Joomla and eZ Publish. This alone is huge, and might be a big reason that PHP is still alive.
  • PHP has great libraries for doing advanced integrations and large legacy systems.
  • Creating complex libraries is great because PHP supports almost full type safety in classes.
  • Well tested frameworks used in production for years: Symfony and Laravel.
  • PHP Documentation is readable and indexed greatly by google. Just google that function and you are good.
  • PSR. PHP Standards Recommendation. This project is great, it means that libraries written can work with each other. Also PSR consist of a coding standards guide, which leads to better code.

What i personally dont like

Global function mess.

PHP's mess around global functions can be frustrating.

<?php
$array = [1,2,3];
// Can just this:
$array = array_merge($array, [4]);
// Be this?
$array->merge([4]);

Dollar signs $ :(

Dollar sign in front of variables shouldn't be necessary. I would rather use literals to concatenate.

Security.

Because PHP is so simple by default, it doesn't have good defaults for security such as XSS injections.

<?php 

$opsIForgotToEscapeThisVariable = $_GET['xss-attacks-are-welcome-here'];
echo "Hello $opsIForgotToEscapeThisVariable";

Too easy to learn.

I mean it. Its way too easy. PHP is so easy to learn, which leads to really bad code written by junior developers which just started learning to code.

I did not sign up for Java

I dont like Java. Actually I dont like Java at all. PHP is starting to feel more like Java. This can be great, but often leads to overly complex code. E.g. use a simple array instead of creating 10 value object classes that implements each of its own interface?

Legacy code

When working with PHP projects you would often work with legacy code. This legacy code was e.g. written by really bad programmers or was written for PHP 4 with no OOP at all. Working with such code makes you feel like a sad -sad Panda. Often these systems are also full of bugs.

Legacy code can be true for other programming languages as well. But I solely think PHP has the worst legacy code. PHP 4 was really bad and the eco system was not there.

PHP 7.4, typed properties RFC

Posted on 19. September, 2018

There is an ongoing vote process for typed properties. Typed properties would be really good for PHP, as PHP has already gone on the way to be a strict types language.

Edit:

The RFC has been accepted, and PHP 7.4 will now include typed properties.

The benefits of the new typed properties:

  • Relying on dockblocks for code completion in IDE's.
  • Runtime errors if wrong types are used.
  • Future performance improvements can be done internally in PHP.
  • Less type checking code, meaning cleaner code.

This is an example of how you can define typed properties, in reference to the RFC:

Less code

First of, the obvious. There are no longer needs for types in dockblocks and getters / setters to ensure type safety. This alone is a huge deal. Today, per property there are at least 21 lines of code that can be removed. This given the PSR coding standards.

<?php

class Example {
  /**
   * @var string
   */
  private $title;
  
  /**
   * @var string $title
   */
  public function setTitle(string $title)
  {
      $this->title = $title;
  }
  
  /**
   * @return string
   */
  public function getTitle()
  {
      return $this->title;
  }
}

Which can be converted to 3 lines of code.

<?php

class Example {
  public string $title;
}

Sometimes you would need a getter / setter in cases where the contents of the variable mutates to something else. Still the dockblock would not be needed.

Hello

My name is Petter Kjelkenes. I live in a small country named Norway.

I am a full-stack developer, mostly using tech like: PHP, Symfony, Node.js, React and CMS tech like eZ Platform + sanity.

Contact me

Petter Kjelkenes

(+47) 482 913 65