Python web development, really

Ian Bicking ianb at colorstudy.com
Thu Jan 23 19:57:24 EST 2003 

On Thu, 2003-01-23 at 16:33, Paul Rubin wrote:
> I don't find PHP to be horrible.  It's just kind of limited.

That might be how I'd describe Tcl, say, but PHP really has some stupid
properties.  Like say a function foo() returns an object, and you want
to call a method on the object.  You'd expect to be able to do
"foo()->method()".  But you can't, you have to use an intermediate
temporary variable to hold the object.  I don't know why this is the
case -- either the PHP parser is braindead or there's something very
weird going on with PHP objects.

And it has weird reference stuff going on, probably taken from Perl -- I
guess it's not surprising, but there's just no *point* to using that
technique.  It gains you *nothing* except maybe some misguided notion of
safety across function calls (because the variables get copied), and it
adds a lot of inefficiency (because of unnecessary copying), and/or the
confusion of references.

The layout of the standard library is truly horrendous.  Python isn't
great, we have has_key after all... but it's nothing like PHP.   

And the string functions particularly annoy me.  PHP is *meant* to
produce strings.  That's *all* it's meant to produce.  It should do that
really well, no?  But it has no decent syntactic string handling, you
have to use functions for everything, and the functions are all over the
place.  Regular expressions are even worse with the \'s doubled all over
the place and other nonsense.  

Oh, and string literals are worse.  Python doesn't have $ variable
substitution unlike PHP, but PHP is just idiotic and wastes this
feature.  The thing that annoys me the most is that " (double-quotes)
gets used all the time in HTML, and ' (single-quote) doesn't.  But if
you want to do variable substitution you have to use ", so you get all
these things like "<input type=\"text\" value=\"$value\">".  Or even
worse you get people doing "<input type=text value='$value'>".  

And the quoting is crazy.  There's nothing to help you quote literal
text for HTML so you have to use the htmlentities function all the time
if you want to be thorough.  Ditto SQL and shell.  And that's why
there's all these security problems, once again PHP fails to make string
substitution reasonably easy to do right.  And then they try to fix it
with magic quoting, which quite frankly is fucked up.  Depending on your
installation you don't know if you have to unquote things, quote them,
or just leave them alone.  So you get all these websites where the name
O'Connor gets turned into O\'Connor and other nonsense.

Well, you didn't really ask for it, but that's my PHP rant, or at least
the things I can think of off the top of my head this evening :)

-- 
Ian Bicking           Colorstudy Web Development
ianb at colorstudy.com   http://www.colorstudy.com
PGP: gpg --keyserver pgp.mit.edu --recv-keys 0x9B9E28B7
4869 N Talman Ave, Chicago, IL 60625 / (773) 275-7241

More information about the Python-list mailing list