> -----Original Message----- > From: John Paul Ashenfelter [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 07, 2007 12:28 PM > To: CF-Talk > Subject: Re: Anyone interested in Railo hosting? > > On 2/7/07, Eric Haskins <[EMAIL PROTECTED]> wrote: > > >and neither is that fact that ASP/PHP code is more > > >complicated and therefore will have more bugs. > > That's a fairly ridiculous assertion -- first of all that one specific > language is more complicated than another and second that complexity = > bugs. One could makes all sorts of similar unsupported arguments that > we've all heard: > > "PHP is less prone to bugs because it's open" > "PHP is more prone to bugs because it's open" > "ASP is more prone to bugs because it's on Windows" > etc, etc > > Some of the most common bugs I've seen in web apps I've dealt with > (commercial, open souce, and inhouse) tend to be simple user error > like not checking parameters for type/content (eg SQL injection). > Other common errors are off-by-one errors in loops and simply bad > logic. Few programming languages prevent a developer from doing > something dumb that causes a bug. > > > I find the opposite Russ coming from PHP to CF Cf is alot more verbose > than > > PHP. I am learning CF as I work for a CF shop FullTime as a Web Systems > > Developer. Cant speak for ASP > > > >
I don't think anyone is saying that PHP is more or less prone to bugs because it's open. PHP (the language) has its own bugs/CF has it's own, but I wasn't talking about the bugs in the language itself. I was talking about bugs in the code. CF is so simple, that a lot of non-technical people learn it and are able to create fairly bug free sites. As I've admitted, I am not very familiar with PHP/ASP, but I do believe that CF does prevent inexperienced developers from making mistakes. I don't think I've seen working SQL injection code for CF and MS SQL to date, but I could be wrong... CF auto escapes the query for you, so that the risk of SQL Injection is greatly reduced, if not eliminated. I haven't worked with PHP/ASP, but from the code samples, I looked at, they both seem to be more verbose, and nothing comes even close to the simplicity of the CFQUERY tag. <sarcasm>I don't know about you guys, but personally, I love storing my database usernames and passwords in my code. </sarcasm> Now I'm not sure if PHP/ASP have any facilities that let you abstract the connection information (ASP might through windows datasources, but they're more difficult to create). > > >I don't think PHP has any sort of session management, so it's not even > a > > >contender in the enterprise world. > > > > Can you elaborate on this?? I use session vars all the time in php. I > have > > done apps for Verizon that are php. > > The assertions CF folks make about open source always just make me cringe. > > Of *course* PHP has session management, and quite frankly some far > more sophisticated options including session clustering that actually > works under load (eg memcached) as opposed to the JRun session > clustering that has known issues with performance thanks to what it's > doing with JINI and who knows what else. Plus you've got more options > about where you store the session (eg files on the server instead of > database or memory directly). > > <rant> > In the past few days, I've seen far too many posts that didn't even > take the time to Wikipedia/google/whatever before making assertions > about open source licenses, the capabilities of languages they've > never used, or even verify or source statments that were "the truth". > > Please check your facts, even just briefly before you post. Or save as > a draft, come back an hour later, and still see if you want to post > it. > </rant> > I'm sorry I didn't do my research, but I did mention that I don't have a lot of experience with PHP/ASP. Nice to know that PHP has good session clustering... I think one of the nice things about this list, is if you say something that's not true, someone will call you on it. Plus If I feel that CF is better, and that PHP and ASP don't come close, that it must be true. And that's the truthiness of it. Russ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:269025 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
