Rob’s blog

I caused a flame war on the mysql disucssion group.

IMHO…

How to spot a bad php programmer:

• Looking at code
  1. Registered Globals
  2. Unsanitized db queries or include based on user supplied data.
  3. eval
  4. Production code that throws warnings (such as identifying elements of an associative array without using quotes.
     ie $array[element] instead of $array[’element’])
  5. Limited or no code reuse. In particular DB queries should almost always be done in included functions or classes. Unnecessary new lines
  6. Presentation mixed into business logic
  7. Code that goes beyond 120 columns
  8. Magic Quotes
• Looking at example web sites
  1. GZIP’ed not enables on html
  2. Showing errors or warnings (which means code can cause errors or warnings, and then the user is notified)

How to spot a good php programmer:

• Looking at code
  1. Good OOP (I pity those that have to deal with bad OOP)
  2. User supplied data sanitized in a htaccess where possible in addition to code
  3. The ternary operator
  4. For image uploads verifying image validity and resaving the image with gd and a quality setting of 85 or less.
  5. Caching
  6. A templating system (even if it is very basic)
  7. Source code control
  8. Some sort of notification when queries fail.
  9. Insert queries that do list column names
• Looking at web sites
  1. Friendly URL’s
  2. GZIP’ed CSS and JS
  3. 301 redirection (and no more than 1)
  4. (x)html that validates

I have been guilty of many of the above vices at one time or another, and do not yet practice all of the above virtues. Sooner or later I think I will drink the cool aid and embrace MVC, though at this point I despise enforced MVC.

I spent a good chunk of the day creating a ASP classic form.

1. The language is ugly. There does not seem to be power that Perl exudes, the easy of use of PHP, or the intrinsic  structural qualities of Java/Python/C#. Lame.
2. Finding tutorials that are well documented is not easy. Hell, finding documentation of any sort was non-trivial.
3. I want to meet the crackhead that came up with ODBC connection string, and kick his ass.

The reason for this work is that Authentix (actually Web Quota) is a stinking pile of dog turds. The documentation seem to be to designed to get users to buy a support contract.

Why– oh why– does Olive not work on Windows server 2003? ASP.net seems to be a decent language.