PHP is an abomination

I wonder if there are many reasons besides historical for PHP to still be alive.
Of course there is cheap hosting reason, but let’s then call every site running on PHP “cheap” (-;
Here we are on, and it’s in PHP. Why? Probably because I pay nothing to use it ((-:

Somehow web-developers became the lowest forms of software developers life – and that’s probably because of PHP.
What can explain all the security vulnerabilities revealed by recent hack in PHP BB site?

Now some nail in PHP coffin.

Credits: problem originally posted (russian language) by LJ user AlexClear.

echo $dec-$jul."\n";
echo $dec-$aug."\n";
echo $dec-$sep."\n";
echo $dec-$oct."\n";
header('Location: I want warning here');

Some might already see the problem, but I wonder if you know what result will be. And it is…

> $ php -l ./Documents/test.php
No syntax errors detected in ./Documents/test.php
> $ php ./Documents/test.php

Warning: Cannot modify header information - headers already sent by (output started at /Users/sauron/Documents/test.php:14) in /Users/sauron/Documents/test.php on line 18

Of course the dumb thing considers 0\d+ numbers as octal because the dumb legacy standard from C (which managed to make it’s way into Java too. Why, Sun? This is part of C syntax trash that should’ve been thrown out), no surprise here.
And this is not really a problem – for first seven months nothing really changes so who cares if 07 is octal or decimal 7, same difference so far. But you cannot consider 08 or 09 an octal, right? There should be either error (in both C and Java you’ll have compile time error, which is logical) or, if you prefer inconsistency over errors, those must be accepted as decimal numbers.

And this is where PHP is really dumb – it considers the number to be octal, but parses it until first 8 or 9 occur! Thus for example $n = 0139 in PHP is equal to $n = 013. Wonderful, isn’t it? Code like $n = 07b will give syntax error, so why $n = 078 won’t? And instead it half-works – n is 7.

$n = 078;
echo $n;

> $ php ./Documents/test.php

Tada! PHP core devs, what would you say about this?..

And most depressing thing about this is that it won’t even give you a warning on conversion failure. It’s like it parses octal number as 0[0-7]+, but checks syntax as \d+, so neither syntax error nor warning at runtime will occur.
You may have this kind of bug and you’ll never know, so you’ll be left wondering why august and september go before june and july in your PHP calendar etc.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s