Tuesday, November 13, 2007

That must be a big number

Alan over at http://www.akbkhome.com/blog.php in a recent post claimed to have an idea for the perfect way to take the P out of LAMP. He proposes the idea of an Apache module that will talk directly to MySQL and return JSON for a JavaScript applet on the requester's computer. I can see a somewhat limited place for such a change, but I don't see it as the PHP killer Alan would like.

The biggest issue will be getting the web content spidered by search engines. Spiders have zero understanding of JavaScript and completely ignore that content. Thus if you want decent ranking in the search engines, you will need some sort of standard HTML delivered to those, as well as being able to deliver the dynamic content to your regular users. PHP fills this need very well.

Using this, you would also need to work with users, such as myself, that browse with JavaScript turned off unless needed. Firefox's NoScript extension is great. It keeps malicious sites (or insecure sites with malicious content added...) from being able to do anything to my computer. Until these security holes are fixed (and I don't expect that to ever be finished), I will continue to browse without JavaScript and ignore sites that require it just to move past the home page.

There is are also the problems of performance and portability. Many things are often quicker for PHP to do after requesting data from MySQL than to run using stored procedures in MySQL alone. As for portability, it can be more complicated to move your applications from one MySQL server instance to the next. There is also the possible problem that such an extension would be a effectively a direct connection to the database server. We all know the issue of SQL injection when user input isn't properly filtered and validated before being sent to the database. Now we would either have to add a new application layer inside Apache to handle this or have the database open to such issues.

If it can overcome the portability, performance, and SQL injection problems, I do see one space where it can be useful. Web services are becoming more and more common. This is a great idea to make the services more accessible. But even there, PHP is already very capable as a web service provider. It will take more than just being the "cool new thing" to draw me away from a language that I am very comfortable using.

No comments: