Feeds

back to article PHP devs lob second patch at super-critical CGI bug

The developers of PHP have released updates to thwart fresh attacks against systems that use the scripting language to dynamically generate web pages. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13, as appropriate, after a serious security bug in PHP-CGI-based setups was disclosed. Developers attempted to fix …

COMMENTS

This topic is closed for new posts.
Silver badge

Cue 1000 server admins calling PHP a shit language whilst providing no superior alternative.

4
1

I'm not a "server admin", but here are a few superior alternatives:

Ruby on Rails

Python on Django or various alternatives

Java with Spring

Groovy on Grails

Scala with Lift

Smalltalk on Seaside

Hell, even C# if you're happy with Windows as a platform.

They are all programming languages designed and maintained by people way more competent than those responsible for PHP.

6
10

You're right, all of those are superior to to PHP as a language.

Which is nice when I'm toying around at home, or when I'm working for a business that does their own hosting and is willing to configure their webserver according to my wishes. It's completely irrelevant when you're dealing with hosting providers, who typically provide a choice between static HTML or PHP.

This in turn means that if you're not in the mood to invent your own CMS from scratch, you're doing PHP.

The world would be a much simpler place if technical merit were the only criterion for choosing a programming language.

3
1
FAIL

That means a lot of hosting services need to lift their game.

It's not good enough to just offer PHP or straight HTML any more. My hosting service, Webfaction, also offers Perl, Ruby, and Python as well, as well as their frameworks like Rails and Django. Other firms have similar facilities available.

0
0
Thumb Down

Sorry, but PHP is fantastic as a lightweight front end (website) programming language. It has the smallest, easiest hello world of any of them. It's only a bad language when you write bad code - sure, the difference is in PHP it's easier to write bad code, but that's down to a bad programmer, not a bad language.

I've seen plenty of C# and Java websites that run badly, and have been written badly (not to mention how slow Java and c# are). Don't use a sledge hammer, and all that, PHP is great for it's job - it's why it is used so widely

Don't get me started on how dead Ruby, etc. are.

I'd agree that Python on Diango is a good alternative, but I'd argue against it being superior.

3
0
Mushroom

Twisting the knife

Here's an awesome teardown of PHP for those who haven't seen it yet :

http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/

4
3
Gold badge

Re: Twisting the knife

That's a joke, right? There couldn't actually be a language as bad as the one described in that article. Someone just read about INTERCAL and decided to turn the perversion up to eleven.

2
0
Anonymous Coward

Re: Twisting the knife

And yet, for some reason, everyone uses it...

1
0
Silver badge
Linux

Re: Twisting the knife

@cynic2

That blogger is talking out of his arse.

0
2
Thumb Up

Re: Twisting the knife

That article changed my life.

After 13 years of PHP I'm now using Python. I haven't felt this alive in years.

1
0
Silver badge
Joke

Pick a side!

...releasing a new set of patches on Tuesday, 8 May 8.

Now I know El Reg tries to be accommodating to us on this side of the pond, but we can read dates in your format, backwards as it may be. There's no need to try to splice the two formats together.

0
0
Mushroom

Re: Pick a side!

That's just John Leyden for you. He doesn't know whether he is British or American.

His brain immediately forgets the keys his fingers press as he is typing. If his eyes were ever to move back along the line of text to verify the words he has just written, then his head would immediately explode. Not to mention the implications for the space-time continuum.

Even the sub-editors daren't read his work as it will forever haunt them in their sleep.

1
0
Unhappy

WTF? Thanks El Reg...Not

Since this 'revelation' was posted, I'm now getting a ton of hits at some WP sites with the query-string '?-s' . And other article-related shit besides.

Never had one of those before today.

I have it covered, but I wonder if you guys ever expect consequences?

0
4
Anonymous Coward

Re: WTF? Thanks El Reg...Not

Yeah, because El Reg is the only website that's published the exploit that's being doing the rounds of the security sites for the past 3 weeks.

2
1

Re: Re: WTF? Thanks El Reg...Not

AC@20:20, you might want to take a moment to ponder over that?

'...the only website that's published the exploit...'

I despair.

0
2
Anonymous Coward

I despair too...

I despair of your ability to detect sarcasm.

2
0
Silver badge
Alert

Re: WTF? Thanks El Reg...Not

Dude, any nerd knows, if it ain't on ElReg, it ain't worth knowin.

0
0
This topic is closed for new posts.