[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Flame bait - recommendations for web devlopment language?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Flame bait - recommendations for web devlopment language?
- From: Joachim Schipper <j_(_dot_)_schipper_(_at_)_math_(_dot_)_uu_(_dot_)_nl>
- Date: Thu, 15 Dec 2005 17:32:41 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Thu, Dec 15, 2005 at 07:08:00AM -0800, Dag Richards wrote:
> I have a php app that I inherited, and moved to an OBSD server.
> I can make it run but only by -u -ing it. It makes a bunch of
> really risky calls to shell utils ( cp, rm, openssl for example).
> So I will rewrite the app so it will run in a properly chrooted web
> server, not shell out, and use a database not the file system
> to store data.
> I have read on the list over the last couple of months, that php is
> deprecated for website development, and that java development is
> problematic on OBSD. I assume that CGI's with calls to OS binaries would
> not be recommended ...
> Php is what I am comfortable doing what I used to do with PERL CGI.
> So what are the recommended languages for developing ...
> <buzz> Interactive Data Driven Websites </buzz>.
> Hoping not to be savaged too badly by the list.
Why would you be savaged? It's a sensible question, it hasn't been
discussed to death. Of course, you did forget to post a dmesg, but I
think this can be forgiven in this particular case... ;-)
Rewriting sounds good. If it means scrapping everything and starting
from scratch. Don't use too much old code - it will likely be as buggy
and insecure as the portions that are most obviously broken.
I dislike PHP (it's far too easy to do really stupid stuff, plus the
language itself is full of holes), and am pretty much in the position
you are in right now. I've not decided yet, but feel good about perl -
it's far more common than ruby or python. Either of which are good
languages, BTW, but learning a new language is time-consuming, and
especially working with lots of people, using a language that is
reasonably easy to write  and reasonably well-known is a plus.
(It also looks like there's no mod_python in the source tree; I don't
know why, but I never really used python so that's not surprising, but
it might be an argument against python. There is a mod_perl, mod_ruby,
and it might be supported via another port - but I don't see it in
python. And the mod_*s are quite a bit faster than CGIs.)
As an off-the-wall remark, FastCGI looks really nice, too. I'll try it
 Being easy to read would be a plus, too...