My developer friend, Scott Sloan, has been working on his DB class for some time now and it’s quite a useful tool for doing queries simply. Part of the ongoing movement, between him and myself, is designing a rock-solid set of framework classes that will aid in rapid PHP development. Of course, his project has some stuff to show for it while mine are still awaiting a beta release. But I really do love this class and others from Scott, and I use them in Droplet and contribute as I find need to break them.

The most recent change to this DB class was the addition of exception based error handling, making database connections an entirely simpler creature to deal with. This class does a lot of abstraction, and up until now it’s been virtually impossible to debug it, or any db interactions, without stack traces. Unfortunately, every silver lining comes with a dark cloud.

This cloud, not dealing with Scott, happens to be PHP’s development traditions. Just like most functionality, exceptions are good, maybe even necessary, but the implementation of them was very poor from a security perspective. The fact that you can’t disable the printing of the stack trace from an uncaught exception is inexcusable at best. But I can guess how that conversation went:

-Should we have an option to disable stack printing (specifically of method parameter values) for select Exceptions?
-Why?
-Well, maybe they wouldn’t want the end user to see what was passed in a particular method?
-But you just catch the exception!
-But what if you don’t catch the exception? They see everything!
-Are you suggesting that we write code to protect programmers who are breaking rules? Plus, all production servers have warnings/errors disabled for output, unless their people are idiots.
-Oh….I suppose you’re right.

Here’s my beef: you need to plan on some mistakes. No offense, but haven’t you ever forgotten to catch an exception? Since this is a scripting language, you don’t have the parental compile time warnings or blocks, like Java, to say “Yo, you didn’t tell me to do anything when this code freaks, and believe me it can. Fix yo’ code, homes.” (I assume that a PHP compiler would use a similar compile error vernacular). The reality is that there are many production systems that don’t hide warnings/errors, and even if they did you wouldn’t want password information getting written to a log file whenever you fail to connect to a database.

The key here is a “who needs to know” system, just like I talked about in my blog entry about keys. There should never, ever, ever,ever,ever be a way for the language to “accidentally” print a system password to a user. Even if the developer is a complete idiot! If he passes a password or hash into a function,  he’s not going to think about what would happen if that function would error. He’ll fix that when it happens. It probably sounds like I’m defending the Cro-Magnon programmers of the world, but I’m not…..really.

An even worse PHP prospect is the ability to dump a class with private class values onto a page with one motion (i.e. var_dump). I know that these are all helpful tools in debugging, and that private variables were never meant to be a security constraint in this fashion, but the way they did it DOESN’T MAKE SENSE!! That function should not, I repeat ‘NOT’, be able to print private access variables unless there are appropriate accessor functions. That’s what object oriented design is all about.

I wouldn’t be so hard on PHP if it weren’t for the fact that these examples are the ones that give PHP a bad name. When someone’s data gets stolen on a PHP site it isn’t that PHP is a bad language, it’s that the programmer wasn’t thinking about that specific hole. But there are a lot of spots where developers can not know the rules, or forget a step and accidentally release loads of information to an eager hacker. As part of the group defining how the tool gets made, we need to be careful that the tool doesn’t have a cigar cutter that’s big enough for our “baby developers” to fit their arms in.

Anyways, code smarter not harder!

A new section of my personal website has just been opened and will hopefully see a lot of growth in the coming years: the Open Source Section. While I’ve been contributing for a while to a colleague’s open-source projects, this is my first time creating my own projects from the ground up.

I’ve described my reasons for opening this section on the home page and a few others, but it’s really important to hear. Actually, I’ve been really hesitant to make my code open source for a while now, but I realize that it’s not acceptable. After about a year of thinking about it and finding out what my problems were, I’ve decided that it’s in my best interest to break out and try it. That’s not to say that I didn’t have valid reasons to hold me back.

My first concern was credit. While I’m not terribly attached to my code, like other programmers I do feel the need to be at least partially recognized for the work I’ve put in to it. To be honest, it’s from a long line of experiences I’ve had where people have been unsupportive of hours of work or ideas that I’ve created. I’ve grown to hate the idea of someone devaluing or stealing my work. Unfortunately, this has lead me down the path to the Dark Side(see also) of proprietary ideas and opening myself to other opinions.

The fact of the matter is that I’ve benefited from other tools in my work but I’ve never credited the developers then. But there’s a reason why that’s okay. It’s not about the programmer(s)…it’s about the code. While every programmer wants to make a life out of this, it’s not appropriate to take every little action and demand credit for it. If I write something pretty nice, which isn’t quite likely, maybe someone will use it and tell a friend about it: “this is pretty nice“. If I need credit, I can my potential employer “I did this” or “I contributed to this”. But notice that the pride is in the finished product and you can enjoy your work on it…not on the casual afternoon of programming that you have the urge to brag about. I’ve been guilty of this a thousand times over.

The other issue is code quality. While I like to think of myself as a pretty solid programmer, I’m definitely not comfortable with showing my code off to the world. Actually, my first project, Droplet, saw a complete redesign the day before I put it online because I was worried about what my peers might think of my half-decent code. After reading Jeff Atwood’s post on programmers who fear outside eyes, I realized that I was part of my own problem and that this was a good way to break out of that.

In any case, I hope that you check out the open source website and try out Droplet. I really have enjoyed using the software and I hope you do the same. It’s not pretty, and it’s not a money-maker…but it’s a nice tool that you can share with everyone. Please share your comments and suggestions, and write a few lines of code yourself…I’m still waiting on my first user-submitted patch!

If Droplet isn’t your cup of tea, I have a few more on the way including a couple PHP classes and a fun few items in Java.