2023- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
- 2014
- 2013
- 2012
- 2011
- 2010
- 2009
- 2008
- 2007
- 2006
- 2005
2004
Silence- Snowflakes
- Paranoia Pays
- Microsoft Help
- Polyglot 11: More C
- Polyglot 11: C
- Polyglot 10: Smalltalk
- Toronto Wisdom
- Exterminated
- The Last Straw
- BT Broadband Trap
- Polyglot 9: Moo
- Polyglot 8: SVG
- Polyglot 7: POV-Ray
- Polyglot 6: Python
- Polyglot 5: PHP
- Polyglot 4: Euphoria
- Polyglot 3: JavaScript
- Polyglot 2: Java
- Polyglot 1: VB
- POV-Ray
- Etch A Sketch
- Slashdotting
- Flashy Lies
- Scientific Illiteracy
- Creeping Featurism
- VidScope
- Saturn V
- Perspectives
- Slide Rule
- eBay Sale
- Iron Filings
- Gimble
- VBA Security
- Random Morsels
- Exact Change
- Easter Egg
- Diametral Pitch
- mod_deflete
- Ethical Spam?
- Deadlines
- CPU Power
- Fosdem 2004
- Academic Reversal
- Mars Memorial
- Culture Clash
- Watching the Users
- 2003
- 2002
Polyglot 5: PHP
11 September 2004
![[PHP]](/software/icons/php.gif){kind=icon}
Fifth is PHP. Yet another language that taps into GD to do the actual image manipulation. But unlike the others, PHP brings its own version of GD. So one has to go through the pain of linking GD all over again. PHP is an excellent language for quick web scripts. Its online documentation is superb; not only is it easy to use but the contributed comments give it extra depth.
This documentation is fortunate because although the language is well endowed with a large and capable set of libraries, they've grown over time making them inconsistent. Some string functions start with "str", others start with "str_", others don't have any prefix. Some array functions start with "array_", others don't. It's a bit of a mess.
Far more serious is that PHP doesn't use the CGI interface, which means that it doesn't benefit from suEXEC. This makes PHP scripts insecure on multi-user systems since they run with the web server's perms, not the account holders. No big deal for an image script like this one, but unfortunate if it needs to access a password-protected database since the password will be readable by other users.
Still, it's a good language for the web if one isn't planning on doing anything too serious.Here's the PHP source code.
Update: Here's how to do secure multi-user PHP. Either of the two listed approaches appear to remedy the above security problem.
