Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
  1. #1
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Friend says Java's better than PHP

    My friend says that it's better to develop a site in Java instead of using PHP. He says that Java is more secure and future proof. And he says that PHP has too many security issues.

    I know nothing about programming so maybe someone could inform me on whether or not this is true. I've been told by several people that PHP is the way to go over Java. Why or why not?

    thanks,
    -Justin

  • #2
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    It really depends on what you want to do. PHP is a little more versatile than java. For java to even work you need a runtime environment installed. Many users don't even have that. PHP is free and is allowed on most webhosts. Java will take time to learn because there is just so many things involved. PHP will easier to learn because things start getting repetitive. IMO though you might be taking on more than you can chew if you don't know any programming. Start with HTML/CSS, move on to HTML/CSS/Javascript (this is NOT java), then try a server side language.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #3
    ess
    ess is offline
    Regular Coder
    Join Date
    Oct 2006
    Location
    United Kingdom
    Posts
    866
    Thanks
    7
    Thanked 30 Times in 29 Posts
    In few words, Java is more powerful and stable than PHP.

    It is true that PHP is easier to learn etc. but the fact still remains, PHP IS NOT STABLE, and NOT VERY SECURE scripting language.

    If you do a google search on PHP security, or look at Security Focus website, there is not a day that goes by without a security hole or a bug being discovered in PHP.

    Here is a good article about PHP security.
    http://news.com.com/2100-1001-847092.html

    Also, the fact that a leading member of the official security team has left PHP because of the lack of corporations between team members is alarming to say the least. You can visit the following website to learn more about this.

    http://www.memestreams.net/users/rat...mputersecurity

    Further, if you look at most mission critical websites, you will find that they have been developed in Java or .NET for the reasons stated above.

    Good Luck
    Ess

  • #4
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks. Really good to know!

    Quote Originally Posted by ess View Post
    In few words, Java is more powerful and stable than PHP.

    It is true that PHP is easier to learn etc. but the fact still remains, PHP IS NOT STABLE, and NOT VERY SECURE scripting language.

    If you do a google search on PHP security, or look at Security Focus website, there is not a day that goes by without a security hole or a bug being discovered in PHP.

    Here is a good article about PHP security.
    http://news.com.com/2100-1001-847092.html

    Also, the fact that a leading member of the official security team has left PHP because of the lack of corporations between team members is alarming to say the least. You can visit the following website to learn more about this.

    http://www.memestreams.net/users/rat...mputersecurity

    Further, if you look at most mission critical websites, you will find that they have been developed in Java or .NET for the reasons stated above.

    Good Luck
    Ess

  • #5
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,073
    Thanks
    11
    Thanked 98 Times in 96 Posts
    The code is as secure as the coder writing it and the platform it lives on, any fool can write insecure JAVA or insecure PHP.

    Future proof is a strange boast for JAVA since JAVA has been relying on future hardware performance boosts for a very long time now.

    To REAL issues...
    JAVA would have a much steeper learning curve than PHP, to purists its a prettier language as it has `stronger` object-orientation than PHP (4 or5)

    JAVA is seen historically as an `enterprise-grade` language .. that means nothing more than your interpretation of `enterprise` & PHP runs enough sites on any scale to put that argument to bed anyway.

    In theory (we are told) JAVA should be faster , in my experience it seems to be the opposite , JAVA heads boast of pre-compilation of code ... of course that `bytecode` still has to be run via the virtual machine so its not compiled in the normal sense, moreover JAVA just seems very resource intensive (hence all the JAVA-heads waiting for quantum computers)

    I can find you a thousand benchmarks telling you that JAVA is faster .. in the real world its much harder to spot.

    JAVA (like PHP) is of course cross-platform which is a + for any language

    PHP was created to solve the `web problem` and that it did, talking to databases, filesystems, IPC's etc is a breeze in PHP , as is image-manipulation, XML (with PHP5's SimpleXML) and many many other web-related issues.

    PHP is EASY!!, thats the point, nor is that a bad thing, just because something is easy does not make it a bad thing, as long as performance & scalability do not suffer and in PHP's case they do not.

    I still don't get the future proof bit, where is it that JAVA is going that PHP is not ? open-source? ... PHP is already there, SUN have the $$ but PHP has a community that now earn $ from their labours, there are many commercial enterprises based around PHP and its applications, I don't see them going anywhere for a while.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #6
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by _Aerospace_Eng_ View Post
    It really depends on what you want to do. PHP is a little more versatile than java. For java to even work you need a runtime environment installed. Many users don't even have that. PHP is free and is allowed on most webhosts. Java will take time to learn because there is just so many things involved. PHP will easier to learn because things start getting repetitive. IMO though you might be taking on more than you can chew if you don't know any programming. Start with HTML/CSS, move on to HTML/CSS/Javascript (this is NOT java), then try a server side language.
    "[...]you need a runtime environment installed. Many users don't even have that."

    Didn't think of that.


    I took a semester of Java 3 years ago back in high school, which was right after taking 2 semesters of C++. I'd say I have a background.
    I think that Java would be the best choice and I'm not in too big of a hurry; I have time to learn. Where could I find a good primer and/or detailed information on developing Java based websites at the GUI and class based tiers of the web development. (My friend is perfectly able of developing the database and class based tiers of the site, but he wanted me to work on the GUI and I'd need some class interface knowledge)

    Any help would be great.

    cheers,
    -Justin

  • #7
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by firepages View Post
    The code is as secure as the coder writing it and the platform it lives on, any fool can write insecure JAVA or insecure PHP.

    Future proof is a strange boast for JAVA since JAVA has been relying on future hardware performance boosts for a very long time now.

    To REAL issues...
    JAVA would have a much steeper learning curve than PHP, to purists its a prettier language as it has `stronger` object-orientation than PHP (4 or5)

    JAVA is seen historically as an `enterprise-grade` language .. that means nothing more than your interpretation of `enterprise` & PHP runs enough sites on any scale to put that argument to bed anyway.

    In theory (we are told) JAVA should be faster , in my experience it seems to be the opposite , JAVA heads boast of pre-compilation of code ... of course that `bytecode` still has to be run via the virtual machine so its not compiled in the normal sense, moreover JAVA just seems very resource intensive (hence all the JAVA-heads waiting for quantum computers)

    I can find you a thousand benchmarks telling you that JAVA is faster .. in the real world its much harder to spot.

    JAVA (like PHP) is of course cross-platform which is a + for any language

    PHP was created to solve the `web problem` and that it did, talking to databases, filesystems, IPC's etc is a breeze in PHP , as is image-manipulation, XML (with PHP5's SimpleXML) and many many other web-related issues.

    PHP is EASY!!, thats the point, nor is that a bad thing, just because something is easy does not make it a bad thing, as long as performance & scalability do not suffer and in PHP's case they do not.

    I still don't get the future proof bit, where is it that JAVA is going that PHP is not ? open-source? ... PHP is already there, SUN have the $$ but PHP has a community that now earn $ from their labours, there are many commercial enterprises based around PHP and its applications, I don't see them going anywhere for a while.
    Thanks.

    My friend has basically written off PHP as an option because of security issues. Anything you would tell him to convince him otherwise?

  • #8
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    Yes... things like that change quite fast. The article about PHP security linked to in this thread is very old relates to PHP versions which are not used anymore.
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #9
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,073
    Thanks
    11
    Thanked 98 Times in 96 Posts
    I can find you hundreds of `PHP` vunerabilites, the sad fact is that most of them are not PHP vunerabilites but PHP application vunerabilites, e.g. bad code (I have written a fair bit of that myself)

    There have been a few php core vunerabilites but the number I suspect would be less than those found in the JVM itself let alone JSP implementations etc, of course with PHP's open-source transparency many bugs and potential vulnerabilities are discovered before they can create too much havoc, unless of course one believes in security via obscurity.

    Its a bit like suggesting that C/C++ is insecure because mozilla (written in C/C++ (as is PHP/apache/Mysql)) has had vulnerabilities discovered and exploited.

    Because PHP is so powerful and easy to use there is an awful lot of crap code out there (see PHPBB PHPNuke etc), but thats down to the application developers NOT PHP itself... I can write you an insecure JAVA routine if that helps ?
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #10
    Senior Coder nikkiH's Avatar
    Join Date
    Jun 2005
    Location
    Near Chicago, IL, USA
    Posts
    1,973
    Thanks
    1
    Thanked 32 Times in 31 Posts
    "[...]you need a runtime environment installed. Many users don't even have that."

    For web applications, Java need not be installed by the user. It is compiled into bytecode and run on the server.
    However, just like PHP, the web server needs to support it and have the JVM.
    IME, Java is great for Enterprise level applications when you use EJB and a good server like BEA. Having worked with it, I'd never choose it for "normal" applications. There's just too much crap to it. To get good performance, you need a WAR file (pre-compiled) and very good design of your classes.

    I would likewise never choose PHP for an Enterprise application simply because J2EE already has so much there for you to use that PHP does not (pre-made classes, security, and many more things I won't go into because it would be a book). But I'm talking BIG applications, which are not overly common (banking/financial sites for example).
    The vast majority of sites would do just fine with PHP, and it is as secure as Java IF the coder wrote the application properly. IME, it's simply easier to write secure code in Java, but that doesn't make Java inherently more secure.

    JMHO

    If this post contains any code, I may or may not have tested it. It's probably just example code, so no getting knickers in a bunch over a typo, OK? If it doesn't have basic error checking in it, such as object detection or checking if objects are null before using them, put that in there. I'm giving examples, not typing up your whole app for you. You run code at your own risk.
    Bored? Visit
    http://www.kaelisspace.com/

  • #11
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    ok, so the security issue of PHP is pretty much a mute point.

    Are there any downfalls of developing a site in Java(besides the learning curve) as opposed to php?

  • #12
    Senior Coder nikkiH's Avatar
    Join Date
    Jun 2005
    Location
    Near Chicago, IL, USA
    Posts
    1,973
    Thanks
    1
    Thanked 32 Times in 31 Posts
    It requires more money to operate the host, so you pay for it. Java requires more resources than PHP.
    It is harder to find a host to support it.

    Assuming you do not own the server and are paying money for hosting. You get way more options and better deals with LAMP. Finding a new host, should the need arise, is much simpler.

    If this post contains any code, I may or may not have tested it. It's probably just example code, so no getting knickers in a bunch over a typo, OK? If it doesn't have basic error checking in it, such as object detection or checking if objects are null before using them, put that in there. I'm giving examples, not typing up your whole app for you. You run code at your own risk.
    Bored? Visit
    http://www.kaelisspace.com/

  • #13
    New Coder
    Join Date
    Nov 2006
    Location
    La Mirada, CA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by nikkiH View Post
    It requires more money to operate the host, so you pay for it. Java requires more resources than PHP.
    It is harder to find a host to support it.
    Could you expand upon this statement a bit?

  • #14
    Regular Coder ralph l mayo's Avatar
    Join Date
    Nov 2005
    Posts
    951
    Thanks
    1
    Thanked 31 Times in 29 Posts
    Just to be contrarian to both offered positions, I'd say go with Ruby. It's more OO than Java (no primitives! even nil has methods!) it's dynamically typed but type safe, all numbers are automatically and transparently big numbers (no integer overflows), and it's got all the best idioms of perl and Lisp in one package. Along with a hugely popular MVC framework.

    edit: if Java is the only other option, do it. Everything this side of COBOL .NET is better than PHP, imho
    Last edited by ralph l mayo; 12-28-2006 at 11:08 PM.

  • #15
    ess
    ess is offline
    Regular Coder
    Join Date
    Oct 2006
    Location
    United Kingdom
    Posts
    866
    Thanks
    7
    Thanked 30 Times in 29 Posts
    Ruby on Rails is a great platform for web development. However, Java is more powerful than Ruby on Rails or PHP.

    In any case, it really depends on what you want to achieve.

    As for memory management in Java. Well, yes...there few issues with memory management, but that very much depends on the developer than on the language itself. That is to say that if you leave resources open when you are not using them, such as you open a file for a read operation and you never get around to close it, than there would be memory leaks. However, this is the case for any language really and as a developer, you need to take care of that.

    As for performance. JSP pages are compiled once and a cached version will be sent with every request. When you compare this with PHP for instance, you will find that PHP interprets every single line of code every time a page is requested.

    This is also the case with .NET applications...but .NET manages compilations on the fly better than Java does. The reason is a simple one. That is, .NET applications are built for Windows OS, whilst Java is built to run on any OS that supports Java such as Linux, Mac OS, Windows, Unix, Solarios etc...

    To summarize, Java is quite a large language to learn...and you will need to spend sometime to learn it. in contrast, PHP is simple when compared to Java, C#, VB6, or VB.NET. However, in my experience, I find that maintaining applications written in Java or C# are much easier to do than those written in PHP.

    The reason is a simple one. Java and C# have been greatly influenced by the development of C++, whilst PHP...well...I could write a book here, has been influenced by Python, Perl, Java, C#...etc. The problem here is that those languages belong to a different set of families of programming paradigms (C++, C#, Java are based on the C language, the others are not and should not be seen in the same category).

    As such, when you are programming in PHP, you will find that some functions, methods, routines, whatever you want to call them...are not written to a convention like it is the case with Java, C++, or C#. As such, you could easily get lost in PHP...because convention changes because of the fact that the language itself has been influenced by conventions that are not related, or based on a common convention.

    Someone stated "you need a runtime environment installed."
    I am sorry, but I going to state the obvious. tell me, if you program in PHP, exactly what do to use to run those applications. Do you not need to install PHP, Apache or IIS, etc. Well, it is the same thing, you need to install Java to be able to compile Java applications that you wish to write etc.

    Also, someone stated that PHP is platform independent. That is not TRUE. I have developed applications in PHP...they worked fine on Linux OS...but was not the case when I tried running them on Windows. PHP is not 100% platform independent. Java is 100% platform independent...which means you can write your application on Windows OS, compile it...and you would be able to run it on Linux, Mac OS...etc.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •