If you’ve spent any time around programmers, you may have noticed that many are vocal opponents of PHP. In many ways, PHP is the Nickelback of programming languages – somehow widely popular, yet widely hated at the same time. In my experience, most people who defend PHP as a good programming language don’t have much experience with other languages and thus have no basis for comparison. While PHP can certainly get the job done, there’s a lot of legitimate reasons people dread working with it – here are what I see as the top reason why programmers hate PHP.
1. Popularity Means Widespread Abuse
PHP is incredibly popular and widespread and has been for quite some time. Being the backbone of WordPress is one of the biggest reasons for its popularity – currently 28% of websites are run on WordPress, a number that has been steadily rising.
As a result of its popularity and ease of getting started, there’s a lot of old, crappy, hard to follow PHP code out there that others have inherited. PHP is also a loosely typed language, meaning you can’t force a variable’s type when you declare it. While this may add some “flexibility” to your code, it can also lead to some real pains in the ass like this –
[php]$boolean = someFunction();[/php]
Where $boolean can really be any data type once it gets returned. Again, this isn’t necessarily the worst thing in the world and neither is being a popular programming language, but when you couple all of this with beginners cobbling together apps that are prone to bugs, it leaves a bad taste in a programmers mouth when they become responsible for it.
2. No Syntax Standards
In my opinion, this is what makes PHP the least fun to use. No one wants to be forced to memorize syntax for PHP’s built-in functions, but since there is no real standard naming convention for them that’s what you’re forced to do.
For example, you have strpos and strlen, but then there is str_replace and str_split.
Then there is empty, is_null, and isset. No rhyme or reason as to why some functions have an underscore in there name and others don’t, you simply need to memorize these differences.
Speaking of which, knowing which you want to use – empty, is_null, or isset is a battle in its own right. Check out the table on this site which has a great explanation. Here are some of the most confusing and counter-intuitive results from these functions –
A variable set to “false” is considered empty, but not null.
[php]$false = false;
Even more confusing, a variable set to “0” or 0 (string or integer) is considered empty!
[php]$zero = "0";
It’s very easy to screw up your logic if you’re not careful in learning exactly how and when to use each of these operators.
3. Security Vulnerabilities
PHP wasn’t originally intended to become the programming language it is today. First created way back in 1994, PHP slowly morphed from a simplistic early web tool into a full fledged programming language that we know today. Without having the vision of where PHP and the Internet as a whole was headed, a lot of poor decisions were made that resulted in some serious security issues.
While many of these issues have been made better over time, like the decision to remove the “register_globals” setting which at one point was enabled by default, it still carries this bad reputation forward and there remains many security issues you need to be aware of. While an expert programmer can avoid these security flaws, PHP still seems to be the most vulnerable programming language so there’s still much room for improvement.
So is PHP Really That Bad?
It’s truly a matter of opinion on just how bad you think PHP is to work with. It would be just about my last option for starting a new web project, but at the same time I do some WordPress development and once you get used to things, it’s certainly manageable. I just can’t imagine someone actively looking to start a project with it for all of the flaws listed above, and there are just so many more pleasant languages and frameworks to work with that were designed with web development in mind from the ground-up.