Also the language that runs half of the web.
Also the language that has made me millions over my career with no degree.
Also the language that allows people to be up and running in seconds (with or without AI).
I could go on.
Also the language that runs half of the web.
Also the language that has made me millions over my career with no degree.
Also the language that allows people to be up and running in seconds (with or without AI).
I could go on.
> Also the language that has made me millions over my career with no degree.
Well done.
> Also the language that allows people to be up and running in seconds (with or without AI).
People getting up and running without any opportunity to be taught about security concerns (even those as simple as the risks of inadequate input verification), especially considering the infamous inconsistency in PHP's APIs which can lead to significant foot-guns, is both a blessing and a curse… Essentially a pre-cursor to some of the crap that is starting to be published now via vibe-coding with little understanding.
PHP is a fine language. It started my career. That said, it has a lot of baggage that can let you shoot yourself in the foot. Modern PHP is pretty awesome though.
Pretty sure we've seen people coding in essentially every other programming language also shoot themselves in the foot.
Every language has foot-guns of some sort. The difference is how easy it is to accidentally pull the trigger.
PHP makes it easy.
Yeah of course PHP isn't the only programming language you can write bugs in. I don't think you can make it impossible to shoot yourself in the foot, but PHP gives you more opportunities than some other languages, especially with older PHP standard library functions.
One thing I particularly hate is when functions require calling another function afterwards to get any errors that happened, like `json_decode`. C has that problem too.
Problems don't make it a _bad_ programming language. All languages have problems. PHP just has more than some other languages.
The language is not what makes you nor the product. You could've written the same thing in RoR, PHP was just first and it's why it still exists
PHP performance is significantly better than Ruby on Rails, which I think plays a part in its continued popularity.
Also the language that runs half of the web.
The bottom half.
;)
Try not to take criticisms of tools personally. Phillips head screws are shit for a great many applications, while simultaneously being involved in billions of dollars of economic activity, and being a driver that everyone has available.
I use it on the backends of my stuff.
Works great, but, like any tool, usage matters.
People who use tools badly, get bad results.
I've always found the "Fishtank Graph" to be relevant: https://w3techs.com/technologies/history_overview/programmin...
People who use tools badly inflict bad results on other people, quite often far more so than they do so on themselves.
Yeah. It's funny how companies don't like to hire people that use tools correctly, but insist on creating tools that allow them to hire cheaper, less-qualified people.
PHP works fine, if you're a halfway decent programmer. Same with C++.
Yep, that's the sad truth - a language popularity often has nothing to do with it's security properties. People will happily keep churning out insecure junk as long as it makes them millions, botnet and data compromises be damned.
PHP is insanely great, and very fast. The hate has no clout.
I can't edit nor be bothered to reply to all of the negative responses so I'll put it here.
Pretty much all of you missed the larger point. PHP was what allowed me to not work in retail forever, buy a forever house, never have to worry about losing my job (this may change in the future with AI) or being at risk for redundancy, having chosen to only work for small, "normal" well run profitable businesses.
Unless you're building a hyper scale product, it does the job perfectly. PHP itself is not a security issue; using it poorly is, and any language can be used poorly. PHP is still perfectly suitable for web dev, especially in 2026.
Perl still runs the other half?