[mrtksn]

Exactly, I used to be much more productive when using PHP because I could simply write some code, put it in a folder and refresh the browser and it would work.

How do you go into production? You put the file in a folder on the Web server. It works everywhere the same.

The code writing part itself is very straightforward and there's nothing counterintuitive as long as you don't try to do something that it's not designed for.

>there's nothing counterintuitive as long as you don't try to do something that it's not designed for.

Maybe that's the key. Instead of trying to write programs with tools that are not made for this but are somehow bullied into doing it, just use the right tools.

For generating HTML based on a request and data in the database, PHP it is. Don't try to make a language made for DOM manipulation process data and generate HTML.

For Web UI, DOM + JS it is. Learn how browser works and write the JS that will modify the DOM as needed which will result in interactive UI. Don't stack abstraction.

[arp242]

> How do you go into production? You put the file in a folder on the Web server. It works everywhere the same.

Well, not really because you have this massive php.ini file with tons of settings and whatnot, and scripts not working due to that was always a common point of failure back when I was using PHP. Also: not having some extension, which are almost always in C and require server installation (which is quite different from many other languages, where the user can usually specify most or all of their dependencies).

Maybe all of this changed? I don't know. But PHP in general has been the most fickle and unreliable environments I've dealt with. Give me any random servers, and I find it very hard to tell if my PHP script will run.

[mrtksn]

Right but all that was handled with stuff like XAMPP or some server control panel because it was all straightforward and if you don't use control panel all you had to do was to edit some .ini file.

That's of course for singe server applications. However, because everything is straightforward and built for purpose and not trying to pretend being something else, more complex systems were still easy to setup and manage.

The joy of coding PHP usually died off with frameworks like Symfony where they built complex abstractions for the pleasure of the "Enterprise" projects with many moving parts.

[arp242]

That's all fine if you're the one in control of the servers, but in reality that's not always the case. And actually even if you're in control, it's just a huge bunch of moving parts that can (and do) fail.

I also have to say that php.ini is probably one reason PHP became so successful in the first place, by having things like safe_mode and such so it could be easily used on shared hosts with ease. All the $2/month shared hosts were offering PHP, not Perl or Python, because of this (and mod_php).

But other settings like that automatic $_GET/$_POST importing ... yeah, that was a lot more misguided. Even error_reporting really should never have been a system setting: always let the code handle these sort of things. And even safe_mode is mostly outdated and useless now, because no one is doing shared hosting any more.

[mrtksn]

I think shared hosting is now called “cloud” :)

Unfortunately all cloud providers I know bank on JS. I like JS but when it is in the browser, on the server it’s a disaster.

[arp242]

Current cloud providers have very different execution environments; the typical shared webhost had one Apache process with mod_php and every account was just a different system account. What you needed as a hosting provider was a way of preventing file_get_contents("/home/someone-else/secret.txt"), which is what open_basedir gave you. And system(nefarious-stuff), which is what safe_mode gave you.

Today that sort of thing is very rare; you will run in a virtual machine or container, and have an execution environment all to yourself.

[CoolCold]

quite a lot of Wordpress setups run on sort of shared hostings to the date. Plesk and Cpanel are still a thing in this area. And Wordpress is still massive share of websites.

PHP-FPM which has options to specify system user per pool is basically how restrictions on file_get_contents are enforced.

[jiggawatts]

Many other frameworks copied this approach from PHP.

For example, both ASP and ASP.NET can be developed using Notepad.exe directly on an IIS web server, and you can similarly test changes by simply refreshing your browser.

Personally I'm allergic to this style of development, the "banging on it with a rock until it starts moving" approach tends to result in poor outcomes over the long term.

I much prefer that a compiler go over the entire codebase and check everything when I hit the compile button.

Sadly, this bad habit from PHP still lingers in ASP.NET Core to this day, and causes me endless grief.

Just over the last couple of months, I have encountered the following:

- DEV, UAT, and PRD are out-of-sync with each other and the source code. When I asked the developers why that is, they said they make changes to individual files instead of "building the whole thing", because "that's faster". Okay, they saved the two minutes the pipeline takes to run, great. Now I have to spend a week disentangling the mess.

- I refactor something, hit build, it comes back with all green ticks, I deploy... and the site is broken with HTTP/500 a day later because these scripting-style frameworks don't build the page code until runtime.

- A security vulnerability code scanner was enabled, and it broke the build. Why? Because it actually builds the code, all of it! Except that these frameworks have two sets of page template files that contribute to the "final product": 1) the list of page templates registered with the build system or VS project file, and 2) the list of files physically in the Git repo. Some build steps consider only the former, the web server considers the latter. You can remove a page from a build system, and it'll remain working. It's like removing C code from Linux and still have it turn up in the kernel! That's nuts, and a security nightmare. Cough-xv-cough.

PS: It's possible for ASP.NET Core to be configured to both compile every page on publish and support hot-reload and automatically include every file in the build if it's physically in the folder structure. This really ought to be the default, but isn't... to pander to ex-PHP devs or something.

[mrtksn]

>I'm allergic to this style of development, the "banging on it with a rock until it starts moving" approach tends to result in poor outcomes over the long term.

I was sold on this too, that's why I left PHP for sexier stuff and never regained my productivity. As it turns out, most of the time I don't have a complete idea on what I'm doing but instead I have a direction and banging on it with a rock until it starts moving *in the right direction* is very productive because the design happens at the same time with the development.

My PHP code was complete "garbage" but it worked as expected and made me money and/or satisfaction of building things. Later I improved my coding skills and become much more aware of patterns and structures and found myself optimising the code instead of the product, destroying my productivity because as it turns out computers don't actually care or reward you for beautiful code. All that matter is, what that code is doing regarding the expectations of the humans who benefit from it.

[throwaway92748]

I worked with PHP XX years ago, and we didn't have that problem. I think that once you have access to a machine, it will always be possible to make direct changes. It's just that PHP made it easier, and in some cases it was also acceptable that the prod environment was temporarily broken until the developer undid their changes. You would just mess up a single page (or route).

Example 1:

I developed internal tools on a single server. The way I would do it was to have a personal folder on the server that I could use for development. Then I would commit the files to CVS which was the used for "deployment" to the main "production" folder. This worked well for me.

Example 2:

We also had a customer facing website where this practice was not allowed. We had proper build pipelines that created RPM packages which was installed by hand on the production machines.

My point is that there were many ways of avoiding editing the files directly in "production", even back when PHP ruled the world.

[jiggawatts]

“The problem didn’t happen to me” doesn’t mean the problem doesn’t occur. It’s like speeding.

PS: I saw a developer take out an 80K user enterprise because they tried to change the look and feel of a login page live on the prod server. They didn’t know any better because they were used to editing pages in live systems. That bad habit resulted in about a million dollars of lost work.

Oops.

[1oooqooq]

that shop could be using the latest academic language with full guarantee syntactic checks and perfect compiler and testing... you would still have the same problems.

[jiggawatts]

I've found that you can steer any group of people towards the pit of success instead of the pit of failure.