
Learn PHP – Free interactive PHP tutorial - ronreiter
http://learn-php.org
======
antirez
PHP is probably the language with the best return on investment (of time spent
learning) currently. It is extremely easy, and is fast to prototype stuff
because of the high level nature. While the language is not as expressive as
other languages such as Ruby or Python, it is easy to move on later, but PHP
provides everything to get things done and deploy easily your simple
application in minimal time.

A lot of good programmers today started their web experiences with PHP. Now
probably they are using the latest cool thing, but it served as the "BASIC" of
our times, and is still active and trying to fix its issues.

Also, and this is not a PHP merit, but a disaster with other dynamic languages
such as Ruby, the performance you get by default with a simple PHP
application, is good enough that is almost always the DB to blame, not the
front-end, when there are issues under load.

~~~
shubhamjain
I have been a PHP programmer since long and while I do wish to go up for
Django or RoR but I usually get put off by the amount of time I need to spend
getting around both. On the other hand, it is so easy to get started with any
PHP framework (except Zend, of course) and thats what I love, easiness to get
encouraging productive output but seeing the people's prejudice, I feel that I
would have to more or less go up for them.

I hate the fact how difficult is to associate yourself as "good PHP developer"
amongst clueless 3$/hr script kiddies but if you are able to call yourself as
a Django developer, you are automatically in the category of a good
programmer.

~~~
ris
> I do wish to go up for Django or RoR but I usually get put off by the amount
> of time I need to spend getting around both

Is this a joke?

If not I think it heavily reinforces my view of PHP developers and clueless &
lazy.

~~~
Thunderer
Why clueless and lazy? We know the strengths and weaknesses of PHP and other
programming languages. Thing is, while we really do appreciate what others
offer it's still easier / cheaper / better (choose whichever sounds good to
you) to "import" good ideas from <insert language> than to change whole stack.

~~~
ris
Clueless and lazy because the amount of time to "get your head around" django
and python is so absurdly minimal for anyone who has done any web development
at all. It is incredibly straightforward, and finding that "too much" pretty
much disqualifies someone from being a competent developer.

~~~
shubhamjain
I don't wish to take it personally but these kind of remarks make me furious.
Should I build you something in Django if thats what it takes to show you?
because I am sure I will. By getting my head around, I didn't necessarily
meant I was too foolish to understand anything but I had my problems. There
wasnt any default schema for urls, each route needed a new one, managing
database and creating tables required a console based code generator, setting
up django with apache required an effort, the abstraction of app vs website
was quite peculiar, and some other issues I don't recall. Call it my
ignorance, stupidity, daftness that I failed at so basic stuff but thats my
side of the story.

~~~
ris
App vs website _is_ bizarre the first time you encounter it - in my mind it
would have been better them calling "projects" "deployments". The first time I
worked with django I developed my application/project inside-out.

But the second time, I didn't.

> Should I build you something in Django if thats what it takes to show you?

What the hell does it matter what I think?

------
MattBearman
The hacker in me couldn't resist, entering the following code:

    
    
      echo shell_exec('ls /');
    

results in:

    
    
      bin
      dev
      etc
      home
      lib
      proc
      spoj
      tmp
      usr
      var
    

I'm sure you've sandboxed it so running rm -rf / wouldn't wipe out your
server, but just in case, thought I'd better let you know :)

~~~
possibilistic
Looks like he's okay:

echo shell_exec('touch /etc/foo');

touch: cannot touch `/etc/foo': Permission denied

~~~
csmuk
hmm I hope you set up quotas:

    
    
       shell_exec('cat /dev/zero>byedisk.bin');
    

and ulimits.... Forky fork fork:

    
    
       shell_exec(':(){ :|:& };:');
    

PHP step one. Add to ini file:

disable_functions=exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

PHP step zero: don't use it to start with (sorry but I've had to clean up so
many messes it's unreal)

~~~
ben0x539
Isn't it more like public-facing app step one: Don't run user-supplied code?
This in particular hardly seems to be a php issue. Sandboxing isn't trivial in
most languages/environments.

~~~
csmuk
Yes you're actually entirely right.

Therefore I proclaim your point as step -1 ! :)

It'd be nice to see solutions like this entirely browser based. LLVM/asm.js?

------
awestroke
Not trying to bash on PHP or perpetuate the knee-jerk PHP hate, but should we
really encourage people to learn PHP?

Imagine the effects if the mainstream web development focus would shift from
PHP to some more thought-through language(+framework?). The PHP-development
community produces some really great things, imagine all that effort expressed
through better and more efficient tools!

~~~
Killswitch
> Not trying to bash on PHP or perpetuate the knee-jerk PHP hate, but should
> we really encourage people to learn PHP?

Too late, you already did. And yes we should. PHP is just as good as Ruby or
Python.

~~~
astrodust
No, it's not "just as good". It's stuck as web development language due to
design constraints.

Python is useful for a lot more than web scripting, and so is Ruby.

~~~
Killswitch
Weird, then all these big companies who use PHP are wrong? And the fact that
PHP dominates the web is wrong? Hmmm... I think you're wrong.

~~~
astrodust
Right or wrong is highly subjective. Big companies use Java. Does that mean
you're doing it wrong if you're not using Java?

I think you're misunderstanding what I'm saying.

------
fein
I like it! I frequent the PHP channel on Freenode often, and one thing that
would probably be wise is linking
[http://www.phptherightway.com/](http://www.phptherightway.com/) somewhere in
there to try and influence coders to not make bad decisions off the bat.

small edit:

OOP part should really be using

    
    
        public function __construct(){} 
    

over the old style.

~~~
ronreiter
Thanks! Can you send me a pull request with the fixes? I'm not a PHP OOP guru.

~~~
mgkimsal
pull request sent

------
jaryd
Did anyone else notice that this site is allowing for passthru commands to be
executed on the server? The following code:

<?php passthru("/bin/uname -a") ?>

Results in: Linux checker 2.6.34 #6 SMP Fri Jan 21 15:21:52 CET 2011 i686
GNU/Linux

------
shubhamjain
There are plenty of tutorials around the net which teach the basics quite
nicely but none in my eye rank high because none teach how to avoid what PHP
is infamous for : spaghetti code. Unknowingly, newbies get the idea of making
website as slapping together PHP, HTML in one page. I feel there is one
critical section which every author misses, Basics of MVC and getting started
with a framework.

Edit: grammar and spelling

~~~
leokun
> how to avoid what PHP has been infamous for : spaghetti code

Spaghetti code is not what PHP is infamous for. Spaghetti code can be written
in any language. PHP is infamous for all library functions being in the global
scope, lack of sane naming conventions for those things, terrible type
conversions, unsafe libraries, starting php with every request, being able to
drop raw php right into html templates - what it was initially designed for,
and being just a general web programming language not much useful in any other
context. It's also got a bad wrap for being the language of choice for people
who do not wish to learn any other language or anything about computer science
or computers.

PHP is what happened when people learned HTML and saw that once they got to
forms they needed something else.

~~~
ronreiter
If PHP would enforce MVC by not being part of an HTML file, it would have been
a very nice language (minus the $ signs everywhere)...

~~~
homersapien
Why should PHP "force" anything? That's one of PHP's strengths: the ability to
be everything from a simple dynamic webpage to a full blown app. That's like
saying "I wish someone would make a hammer that only strikes nails, because
I'm a poor craftsman and keep hitting my thumb."

Love it or hate it, PHP will be around long after elitist devs turn their guns
on noSQL and server side JS.

~~~
neovive
I agree. At it's PHP is just a template language. There are many great PHP MVC
framworks that have evolved over the years to incorporate many "best
practices". The choice should be up to the developer depending on the project.

~~~
jtreminio
I'm assuming you meant "At its core, PHP is just a template language." That's
a ridiculous, extremely over-generalized assertion.

I don't know of many "template languages" that treat classes as first-class
citizens, has an in-depth, thorough unit testing framework, traits, closures,
and and and.

I'm sure you get my idea? PHP may have been much simpler at its inception - it
is not the same beast now.

~~~
Killswitch
ITT: People who haven't used PHP since 4.2 think they know what the language
is like and base all their opinions on a language version over 10 years old.

I hate when PHP pops up here on HN, 90% of the people flapping their gabs
don't or haven't used PHP for many many years, and when they did it was some
Indian's crap code so they spend their time talking shit about a language
because they had to fix a bug in Hinderbar's PHP spaghetti from 2003.

~~~
jon_r
If there's one thing I've learned in my years of software development it's
that software is the great equaliser.

Everyone is capable of writing crappy spaghetti code.

------
joshuahornby
Can someone please explain to me why PHP gets so much hate? Never quite
understood why.

~~~
MrZongle2
Part of it is that PHP has evolved to address some very web-specific needs; in
this process, developers of all skill levels have tacked on functionality
which tends to give it more of a "thrown together" look which may be
horrifying to developers who prefer languages that have been more carefully
cultivated.

Part of it is a tribal, "Coke vs. Pepsi" kind of thing: the thing I am
familiar with is _good_ , what I am not familiar with is threatening and/or
_bad_.

Part of it is because there are some downright _terrible_ examples of PHP code
out there. One of PHP's implementation strengths is a PR weakness: it is very
easy for complete beginners to use it. It's like a zero-entry pool: _anybody_
who wants to get into the pool _can_ get into the pool. Some of those people
shouldn't go into the deep end, but do so anyway.... and the byproduct of this
can be horrifying and perhaps counterproductive for others.

As a PHP developer for 5+ years (with plenty of experience prior with ASP.NET
and ColdFusion), I can attest that the language is a bit _homely_ and doesn't
posess a lot of cool features supported by other languages. But it _works_ ,
it works _well_ at what it was designed for, and continues to evolve (albeit
slowly sometimes).

It's an adjustable wrench set that sometimes gets criticized because it
doesn't include screwdrivers or hammers.

~~~
tmikaeld
Very well formulated.

I might want to add that since PHP is so available (it really is) - it's easy
to throw functionality together get it "working" and try selling it - the
buyers of course getting disappointed and thus hating PHP.

And that hiring a PHP developer with "experience" doesn't really mean much, so
a hiring person/firm that is not entirely specific with requirements will get
really angry and disappointed with the results.

This can be avoided quite easily by not being a cheap SOB (There's no such
thing as 800$/month Sr dedicated developer), choosing a developer with proper
references and actually planning the project before starting to work on it.

------
ing33k
Not bad at all..

