[thelist] What tools should I use?

Matt Warden mwarden at gmail.com
Mon Sep 12 13:01:53 CDT 2005 

Ian,

I'm following you and agreeing up until this point:

On 9/12/05, Ian Anderson <ian at zstudio.co.uk> wrote:
> You don't have to pay a penny more than this and the Windows XP Pro that
> you probably already have on your PC to have a production environment
> suitable for development and testing.

Just because it is pre-installed on the PC, doesn't mean the cost
should be dismissed. You still pay for it, and it should be factored
into the total cost of developing with Windows-only technology.

> 1. Poor documentation and specification of standard features

Major OSS solutions do not have this problem. It is only fair to
compare major OSS solutions with MS solutions. And, in my experience,
MS's documentation could learn a few things from that of the major OSS
solutions out there.

> 2. Differences in deployment on different servers; some ISPs have older
> versions of PHP and MySQL, and it really matters.

Is this kind of how MS drops support for Win95/98? At least we're just
talking about applications when we talk about versions matter.

> For example, older
> MySQL doesn't support subqueries. It cost me two days to find this out

Why's that? The issue is VERY well documented.

> when a site that worked perfectly on my hosting broke when ported onto
> the client's web space and a lot of SQL and PHP code had to be
> rewritten. Now I know to check the version of PHP and of MySQL before I
> start, and most importantly do a phpinfo() on the new box to check its setup

There are going to be configuration concerns no matter what platform
or vendor you choose.

> 3. PHP setup varies immensely. e.g.; to protect against SQL injection
> and to allow ' in form input, you should use the addslashes function on
> all content from the browser, including cookies, GET and POST data.
> EXCEPT, if the server has the magic quotes feature turned on, which does
> this automatically, then you must not use it! Because you get the
> escaping of ' done twice. 

Yeah. This is one of my biggest gripes. However, there are functions
out there that can make your code 100% gpc-quote-agnostic.

> How can you
> write portable code?

http://us2.php.net/ini_get

Likewise, I'd like to see you write a send-mail script in classic ASP
that's completely portable.

Again, configuration differences are a certainty no matter what
platform/vendor you choose.

> You have to use a specific function to test if
> magic quotes is on then write two different versions of the code that
> imports any input from the user! It's a joke.

Two different versions of code? I might review how modular my code is
if I were you.

> There is also much more scope for errors when learning LAMP; for
> instance, when setting up MySQL tables under PHPMyAdmin you are asked to
> specify which table types to use. Beginners should not be exposed to
> this sort of thing, and costly errors are very easy.

You do not have to specify a table type in MySQL. It has a default.

> In my opinon the learning curve with Classic ASP was easier than that
> with PHP; I am glad I learned ASP first, but I am also glad I now know PHP.

I am also a Classic ASP person who know codes (almost exclusively,
except when supporting legacy code) in PHP. Learning ASP was easier
than learning PHP. That doesn't mean that its overall cost is lower,
though.

> In the UK commercial web design market, PHP and LAMP is probably more
> desirable to have in terms of getting freelance work, but is likely to
> be slower and more frustrating to learn, IMO.

Agreed. In the freelance market, I would say it applies in the US as well.

Thanks,

-- 
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.

More information about the thelist mailing list