| It's not "supposed" to be that way. It just happened to end up that way because Rasmus Lerdorf just doesn't give a shit. ¯\_(ツ)_/¯ And I've written and maintained lots of PHP code for decades, so I know from first hand experience what its problems are, and I'm not just complaining about something I've never used. And I keep receipts. >"We have things like protected properties. We have abstract methods. We have all this stuff that your computer science teacher told you you should be using. I don't care about this crap at all." -Rasmus Lerdorf The point of the quote is not about abstract methods and properties, it's about a culture of not giving a shit, and being proud of it. If you really didn't already know about Rasmus Lerdorf's anti-intellectual attitude (who admits to being "really, really bad" and a "terrible coder", but still thinks he's "better than you"), then here are some more quotes: >"There are people who actually like programming. I don't understand why they like programming." -Rasmus Lerdorf >"I'm not a real programmer. I throw together things until it works then I move on. The real programmers will say "Yeah it works but you're leaking memory everywhere. Perhaps we should fix that." I’ll just restart Apache every 10 requests." -Rasmus Lerdorf >"I do care about memory leaks but I still don't find programming enjoyable." -Rasmus Lerdorf >"I don't know how to stop it, there was never any intent to write a programming language [...] I have absolutely no idea how to write a programming language, I just kept adding the next logical step on the way." -Rasmus Lerdorf >"I was really, really bad at writing parsers. I still am really bad at writing parsers." -Rasmus Lerdorf >"I really don't like programming. I built this tool to program less so that I could just reuse code." -Rasmus Lerdorf >"I actually hate programming, but I love solving problems." -Rasmus Lerdorf >"For all the folks getting excited about my quotes. Here is another - Yes, I am a terrible coder, but I am probably still better than you :)" -Rasmus Lerdorf https://en.wikiquote.org/wiki/Rasmus_Lerdorf And who remembers how careless, reckless, and blithe he was with the PHP 5.3.7 release he didn't bother to test because running tests was too much of a hassle because there were already so many test failures that wading through them all to see if there were any new ones was just too much to ask of him, the leader of the widely used project, in charge of cutting releases? >5.3.7 upgrade warning: [22-Aug-2011] Due to unfortunate issues with 5.3.7 (see bug#55439) users should postpone upgrading until 5.3.8 is released (expected in a few days). No seriously, he's literally as careless as he claims to be (when he says that repeatedly, you should believe him!), and his lack of giving a shit about things like tests and encryption and security that are extremely important has caused actual serious security problems, like breaking crypt() by checking in sloppy buggy code that would have caused a unit test to fail, but without bothering to run the unit tests (because so many of them failed anyway, so who cares??), and then MAKING A RELEASE of PHP 5.3.7 with, OF ALL THINGS, a broken untested crypt()! http://i.imgur.com/cAvSr.jpg Do you think that's just his sense of humor, a self deprecating joke, breaking then releasing crypt() without testing, that's funny in some context? What context would that be? Do you just laugh and shrug it off with "Let Rasmus be Rasmus!" https://www.reddit.com/r/programming/comments/jsudd/you_see_... >r314434 (rasmus): Make static analyzers happy >r315218 (stas): Unbreak crypt() (fix bug #55439) # If you want to remove static analyser messages, be my guest, but please run unit tests after http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/php... https://plus.google.com/113641248237520845183/posts/g68d9RvR... [broken link] >Rasmus Lerdorf >+Lorenz H.-S. We do. See http://gcov.php.net >You can see the code coverage, test case failures, Valgrind reports and more for each branch. >The crypt change did trigger a test to fail, we just went a bit too fast with the release and didn't notice the failure. This is mostly because we have too many test failures which is primarily caused by us adding tests for bug reports before actually fixing the bug. I still like the practice of adding test cases for bugs and then working towards making the tests pass, however for some of these non-critical bugs that are taking a while to change we should probably switch them to XFAIL (expected fail) so they don't clutter up the test failure output and thus making it harder to spot new failures like this crypt one. And don't even get me started about mysql_real_escape_string! It has the word "real" in it. I mean, come on, who would ever name a function "real", and why? That implies the existence of a not-so-real mysql escape string function. Why didn't they simply FIX the gaping security hole in the not-so-real mysql escape string function, instead of maintaining one that was real that you should use, and one that was not so real that you should definitely not use, in the name of backwards compatibility? Or were there actually people out there using the non-real mysql escape string function, and they didn't want to ruffle their feathers by forcing those people with code that had a security hole so big you could fly a space shuttle through to fix their gaping security holes? The name of the function "mysql_real_escape_string" says all you need to know about the culture and carelessness and lack of security consciousness of the PHP community. Melania Trump's "I REALLY DON'T CARE DO U?" nihilistic fashion statement sums up Rasmus Lerdorf's and the PHP community's attitude towards security, software quality, programming, standards, computer science, and unit tests. ¯\_(ツ)_/¯ https://www.youtube.com/watch?v=l5imY2oQauE |
