Is Python any good with MySQL?

Jon Ribbens jon+python-list at unequivocal.co.uk
Tue Nov 7 08:26:30 EST 2000 

"Stephen R. Figgins" <fig at monitor.net> wrote:
> > I have extensive experience with PHP, which has eventually driven me
> > to give up on it and move to Python. I really, really dis-recommend it.
> 
> Could you contrast the two for us, and why it is you have moved to python?

Well, firstly Python appears to be almost exactly what I want from
a language. It has a simple syntax, it is object-oriented, it has
exceptions, it is interpreted but uses an intermediate byte-code
for efficiency.

There were two main reasons I avoided Python in the past - lack of
strong typing, and the, uh, unusual syntax. I would have preferred
a language with a syntax more like C, but I seem to be getting along
fine. (I especially like that when increasing an 'if' statement or loop
from a single statement/line to multiple statements/lines, or vice versa,
you don't have to fiddle around inserting/removing braces.)

The typing issue also appears not to be too much of a problem, because
Python does not go around randomly silently converting things between
types for you. Objects themselves do have proper types, that they stick
to.

Fundamentally, Python is simple, does what you tell it to, and does not
do what you do not tell it to. These are the most important characteristics
required of a language from my point of view. It does not fight you if you
are trying to write secure code. This differs markedly from languages like
Perl and PHP, which will try and be 'helpful', and exhibit effectively
random behaviour, which makes it impossible to write correct code.

(As an example, try and enumerate the situations in which the following
PHP function would return a 'true' value:

  function check_password($password) {
    return ($password == "s3kr1t");
  }

Hint: There are more than one.)

PHP is terrible when it comes to security. Features such as 'register_globals'
(which is on by default), which inserts all sorts of untrusted data (such as
cookies and CGI variables) into the global namespace of the script, or
'magic_quotes', which automatically SQL-quotes input data for you, thus
causing confusion as to which variables contain quoted data and which do not.

Plus, there is too much stuff lumped into the interpreter itself. You have
'n' different database connection modules (each with a different interface),
image manipulation functions, functions to create PDF files, GIF files, the
list is endless - and the killer here is that you don't select them yourself
in your script using 'import' or 'use' or somesuch, they're just there, all
the time, in the global namespace! Bad luck if in the future some extension
or other happens to define a function with the same name as one of yours
- your script will suddenly stop working when you upgrade (the extension
function names are 'magic' and can't be redefined). 

Plus the syntax is limited and ugly. Want to iterate through an array?
You need:
  reset($array);
  while(list($key, $value) = each($array)) {
    // do something
  }
(Arrays and hashes are sort-of the same thing. You can't tell the difference,
anyway.)

And finally, it is *such* a relief to finally get away from those
g*dd*mn '$'s everywhere!

Cheers


Jon

More information about the Python-list mailing list