PHP5 - Where does all the evil code come from?

Hi,

even though I'm still quite new in this forum, I've noticed that certain bad code patterns keep popping up. I'm talking about stuff like

or document.write() or ancient HTML markup.

It happens so often that you almost have to begin every reply with a long preamble of why this and that is bad and what you should use instead.

I wonder where this code comes from and why it doesn't die out. For example, the MySQLi extension is more than 8 years old. Yet still nobody seems to know it, and instead the 12 year old(!) mysql_ functions keep being used. Do books spread this stuff? Or is it the bad tutorials?

I mean, 12 years ... That's when the Internet Explorer 5 came out, and nobody uses that any longer.

It is quite rare to see mysqli on forums. I suppose people starting out associate PHP and MySql and think mysqli must be something more advanced . I suppose, also, there must be so much legacy code out there that is never updated. (It is largely a question of just replacing mysql with mysqli. Although, migrating to the object-version or PDO would be preferable.)

We constantly see ancient JS code (language="JavaScript1.6"!!) as well. I suppose most JS tutorial-sites were written many years ago and never updated; and, generally, their pages don't show a date.

My personal bug-bear (although off-topic - sorry!) is the use of form, button, image, etc.. as variable names (in JS and others). People show a distinct lack of imagination . It makes their code very difficult to read and might bite them some time in the (near) future.

Google PHP MySQL Tutorial and see what the first few links pull up. You'll have your answer.

They should have named it MySql2, then the intent is obvious (I myself tend to forget that the i stands for 'improved').

It is because there is so many tutorials out there using the old way of doing things and they still dominate the search engines.

That probably is it.

Well I think people just use mysql_* because they think it's easier. And tbh, it looks it too. At least, from a beginners view.

I think it's also down to OOP. Most beginners are not just beginners to PHP, but beginners to programming in general. So they see the OOP approach and they think 'WTF'. I know I did it when I first started.

Although PDO and MySQLi is beginning to over take mysql_* in most search results, there are still high ranked sites advising people to use the old mysql_* ways - such as w3schools.

But give it some time and keep advising people to use PDO/MySQLi, and hopefully, this mysql_* rubbish will be at an end.

Well actually, mysql_* has now been depreciated in the latest version of PHP. So when hosts start updating their PHP versions, we should see some better results.

You're probably right about the bad tutorials. I'm still baffled by how much influence they have. It's like every single newbie reads the same bad tutorial, because they all use "mysql_query() or die(mysql_error())".

It's so sad. I'm waiting for a PHP version that will finally remove the old baggage and force people to update their sh*t. Or will we have to same discussion in 10 years?

I'm not sure, but this seems to be a PHP issue. In Ruby, for example, you do have people still using the old (and now deprecated) version, but you won't find code somebody has dug out of an 90s tutorial like it's the case with PHP.

As I was forcefully reminded earlier today: Its deprecated not depreciated.

Well MySQLi is in somewhat of an awkward situation. The advanced programmers tend to use more powerful and flexible PDO, while beginner coders just stick to mysql basic functions since they dont know OOP. Where does MySQLi fit in the picture? Sure some people use it for preference, but its really isnt that special.

Id say the reason why some people stick to mysql_query() or die() is that this has been the way they were taught PHP. For procedural programmers, thats probably sufficient for their web development. Sure it has issues, but in many circumstances a beginner coder only realize the severeness of the issue once they are hit hard. Its difficult to change the old habit once it grows on you. PHP is easy to learn and use, but on the other hand it does not promote good application design.

I am a 66 year old programmer/DBA/network engineer/retired person. I have been coding a LAMP application as a hobby for about 2 years. [Wow! No schedules! No time pressure! [ Ahem, back to the topic Rich.]] I started out using the old MYSQL API. [I was totally unaware that it was deprecated.]

Earlier this year I found out. I immediately stopped working on the project, did a survey of the two alternatives and gave my self a brief crash course on mysquli, my choice over PDO. I am currently recoding all database access to take advantage of this new API.

My point is that some of the users of the old API are probabily doing it out of ignorance. Putting a brief note about mysquli and PDO in all those out of date examples could work wonders!