Rants

Why PHP is still an immature language

Tags: 

A thread came up on Slashdot today about the security problems of PHP and software written using it. Given that this is as much of a major problem today as it was five years ago when version 4 was released (that was supposed to start fixing the security problems), and given how bad most PHP code still is today, I added in my own $0.02:

From my experience the main cause of insecure PHP software is developers not turning the error validation to the highest during development, so when an unsuspecting user downloads the software little do they know that their system can and often is wide open to stupid bugs and security problems. When you leave error_reporting to the default setting you miss lots of important details, like array keys being passed as constants, variables being referenced before they're created (especially with arrays), incorrect return types, etc, etc, yet people wonder why their code is so buggy? I was installing vtiger, which is a pretty comprehensive CRM that has lots of potential to hit it big, the other night for a client and was slamming my had against the wall at the sheer number of stupid syntax bugs that were in the system.

How many programs out there tell you to turn on the old register_globals that everyone knew was a huge security problem?

How many programs tell you to turn down the error_reporting level to hide their development incompetence?

I was actually considering starting a movement to have the PHP community clean up their act, we'll see if its still needed after the dust settles from this.

Personally I think that with PHP 5 they should have stopped supporting deprecated coding practices, like accepting invalid variables and invalid array keys, so that this stupidity could finally stop.

That's why I don't do much with PHP anymore, a large portion of the open source projects that clients want you to "make work" are riddled with utterly stupid mistakes that you spend days if not weeks cleaning it up before you can actually start doing any work.

Two reasons to dislike MS Exchange

Tags: 

After the last few weeks I'd like to mention, perhaps re-itterate, two reasons I particularly dislike Microsoft Exchange:

  1. Information Store. Imagine having millions of messages in your inbox. Imagine all of your attachments are stored with all of the messages, including those joke emails your friends insist on sending, the daily reports your boss sends and the work-in-progress files from your outside consultants. Lets say with a small company you end up with 16 gigs of data, with a reasonable expectation that your email traffic is going to continue to grow. Now lets throw in a random data error, or maybe your version of Exchange hits a storage limit forcing you to do some maintenance. You turn off the Information Store service and start up some maintenance utilities (which are all DOS-based BTW) and groan as it takes four+ hours to fix the database. Now imagine that you had also started using some public folders so had a few hundred meg in them, all on the same drive. Now imagine your drive is 32gb in size. Now imagine that the Exchange tools need 16gb of free space to do its work on your 16gb of email data, and it must be on the same drive. Now do some maths: 32gb total - 16gb mailboxes - 300mb public storage = less than 16gb. Now imagine that after waiting for four hours for Exchange to do its thing it gets 97% finished and fails because it ran out of disk space. Now imagine having to start it all over again. Now imagine doing that during a work day for a business that does most of its communications via email.
  2. Intelligent Message Filter (IMF). Available as part of the Service Pack 2 update for Exchange 2003, IMF is Microsoft's first attempt to bring a spam filter to Exchange. in comparison to every other spam filter on the planet its functionality is limited - messages get shuffled either a per-user "Junk Email" mailbox or a file-based archive, it has a basic Bayesian filter to do the grunt work, a blacklist for domains/addresses you never want to receive email from, a whitelist to.... oh wait, there's no whitelist! So despite the fact that Microsoft believes you may want to set certain addresses/domains to never send you email, it is so confident in IMF's ability to correctly filter email that it doesn't think you'd ever want to have it force addresses to be considered ok, nah that's just a silly feature that lesser products support, they don't need it. So, despite the fact that it regularly sticks good email in my junk mailbox (false positives), Microsoft doesn't think I should worry about it. Riiiiight. I should also add that for the Bayesian filter there's a whopping one configuration value for this - you set a number between 1 and 9 as to how sensitive you want it to be and that's it, no tweaking, no "be harder on people attaching pictures", nothing. Thanks, but I'll take my industry-standard, thankyouverymuch.

Rant off.

Macs go Intel, then go Windows? (UPDATED)

Tags: 

After the announcement in 2005 that Apple were going to change their Macintosh computers from the IBM/Motorola PowerPC range of processors to Intel's x86 line everyone thought they were nuts. Well it seems the insanity continues as Apple have just announced a program called Boot Camp that allows anyone with an Intel-based Mac to run Windows! Yowzers!

UPDATE: A 3rd party company has developed a $50 program called Parallels which lets your Intel Mac run a huge array of operating systems while you are still running OSX, i.e. no reboot required, thus giving you much more flexibility. While audio doesn't work and you can't access the CD/DVD drive, for standard applications I think this is a better way to go. Nifty.

MSFT looses brain learning AJAX

Tags: 

While developing their competition for Google Maps, MSFT seem to have forgotten how to develop good applications and gone back to the philosophies they used to develop Bob. I present, to you, one of the worst pieces of crud ever:

While it is true that this maps application is still under development, there's almost no way they could turn this into something usable without throwing out probably two-thirds of its functionality, which I doubt they'll do. Yet another example of why MSFT drastically needs to learn the concepts of KISS, as others have to great effect: Google Maps and GMail, 37 Signals's Basecamp, Campfire, Backpack, TaDa List and Writeboard, Carson System's DropSend, etc, etc, etc.

Damien

New PC for work

Tags: 

Next Friday I'll be receiving a new PC at work:

  • AMD Athlon64 X2 3800+ (dual-core)
  • 1gb RAM
  • 160gb SATA-150 HD
  • DVD reader (I already have a DVD burner to throw into it)
  • Asus Geforce 6800 video card
  • Creative Labs Audigy LS
  • Mitsumi 13-in-1 floppy / memory card reader
  • Windows XP Pro
  • MS Office 2003 Standard

A pricely machine, but one with enough horse-power to keep me going for a good while.

One thing I'm not sure on is what motherboard it have. Given that they offer SLI I'm going to assume it is an nForce4 SLI of some sort, but there's a tonne of them so it coould be anything.

So why did they decide to get it for me? At work I tend to do a lot of extras beyond my description of "web developer" - general IT work, etc. Lately they've started doing more and more with videos - making DVDs, editing & converting video footage, etc, and then it became apparent that my old 1.8GHz PentiumIV wasn't doing so well they offered to let me order a replacement.

The PC is being built by Vision Computers in Atlanta, my boss' boss has been listening to advertisements for them on the radio for a while now and wanted to try them, and given that the machine will be delivered in a week after being ordered (most built-to-order places take longer than that just to build it, never mind delivery times) I must say I'm impressed so far. Along with that comes 3 years parts & warranty service (you cover shipping charges) as standard it becomes an even nicer deal for management, who are always concerned about these things. I must say, though, I was surprised to see them offer only one AMD option whereas they had eight Intel options for desktops, along with their eight Intel-based servers and nine Intel-based laptops.

Anyway, it arrives next Friday and I suspect I'll be spending most of that day installing the beastie with all the software I currently use - Directory Opus, Dreamweaver, Window Blinds, Firefox, Thunderbird, etc, etc.

Yay! :-)

Pages

Subscribe to Rants