Shitty PHP DB setup code



  • We've all seen it before, but sometimes you just wonder how people come up with this shit:

        function db_connect()
        {
            if ($this->port != '')
            {
                $init = mysqli_init();
                mysqli_options($init, MYSQLI_OPT_CONNECT_TIMEOUT, 5);
                mysqli_ssl_set($init, NULL, NULL, $this->ssl_ca, NULL, NULL);
                @mysqli_real_connect($init, $this->hostname, $this->username, $this->password, $this->database, $this->port);
                if(mysqli_connect_errno())
                {
                    return FALSE;
                }
                else
                {
                    return $init;
                }
            }
            else
            {
                $init = mysqli_init();
                mysqli_options($init, MYSQLI_OPT_CONNECT_TIMEOUT, 5);
                mysqli_ssl_set($init, NULL, NULL, $this->ssl_ca, NULL, NULL);
                @mysqli_real_connect($init, $this->hostname, $this->username, $this->password, $this->database);
                if(mysqli_connect_errno())
                {
                    return FALSE;
                }
                else
                {
                    return $init;
                }
            }
        
        }
    

    There is active hostility against any error logging too.



  • @gleemonk Because users shouldn't see error messages, the default in ancient versions of php.ini is to show them, and ob_clean() is <whine prosody="stupid">haaaaard<whine>



  • @gleemonk And natch, it's not using PDO, because why would you? Pfft. A safe, secure database interface which is DBMS-agnostic? Better use the vendor-specific one where you have to use functions like real_escape_dangerous_chars_no_really_i_mean_it_this_time() to not get pwned in 5 minutes.


  • BINNED

    @blakeyrat At least they killed a part of it - recently I was bringing a WordPress instance back to life because the host upgraded to PHP 5.5 and a plugin was using mysql_error which is completely missing in newer versions.

    I don't have great hopes that this shit will be removed from the language completely, though.

    Also, I'm not 100% sure on this, but I seem to recall that if you want to connect to Oracle you're sadly stuck with vendor prefixes because I don't think their special snowflake driver works properly with PDO.



  • @onyx said in Shitty PHP DB setup code:

    Also, I'm not 100% sure on this, but I seem to recall that if you want to connect to Oracle you're sadly stuck with vendor prefixes because I don't think their special snowflake driver works properly with PDO.

    If you want to connect to Oracle, you use PostgreSQL and oracle_fdw, of course. :-D

    Or you get this highly experimental (how could it not be) PDO_OCI, and pray it's stable enough for you.

    Or you get a PDO wrapper around OCI8.


  • BINNED

    @wft thankfully, I only had to do this once, and it was only 4 pretty much hardcoded queries. So I did it the prefix way and pledged I will never touch it again unless my life depended on it.



  • @onyx said in Shitty PHP DB setup code:

    Also, I'm not 100% sure on this, but I seem to recall that if you want to connect to Oracle you're sadly stuck with vendor prefixes because I don't think their special snowflake driver works properly with PDO.

    MySQL is Oracle now.



  • @gleemonk "@" makes me cringe.



  • @blakeyrat yes, but you still treat MySQL and Oracle products totally differently in PHP because they have totally different connection libraries, so even though MySQL is Oracle-owned, it still has its own connectors etc.



  • @blakeyrat said in Shitty PHP DB setup code:

    MySQL is Oracle now.

    Easy fix: replace MySQL with MariaDB



  • @arantor Are they like Take2 who bought Kerbal Space Program and haven't done anything with it since? Not even a tiny patch to add their own logo?

    I'm still puzzling over that.

    Why would Oracle buy MySQL and do nothing with it? If the point was to use MySQL as a "gateway drug" to full Oracle, why wouldn't they fix it so they had the same interfaces in the same languages?

    "If you like MySQL you might like Oracle!"
    "Ok, we're sold."
    "Good! Now rewrite your app basically from scratch."



  • @blakeyrat said in Shitty PHP DB setup code:

    Why would Oracle buy MySQL and do nothing with it?

    The plan was clear: stop all improvements in MySQL so people stop using it and migrate to Oracle.

    Let's just say it didn't go as planned



  • @timebandit said in Shitty PHP DB setup code:

    The plan was clear: stop all improvements in MySQL so people stop using it and migrate to Oracle.

    How does that help when DB2, Postgres, SQL Server, MariaDB, etc. all exist?

    They might be able to buy the janky open source one, but they're delusional if they thought Microsoft or IBM would sell theirs.



  • @blakeyrat they did do some stuff, but all the connection libraries haven't changed because you don't just break all the existing connectors and clients just because the server changed ownership.



  • @arantor They could at minimum make Oracle work with PDO then deprecate all the mysqli bullshit once and for all.

    But it's Oracle, so.



  • @blakeyrat unlikely, given that the same connectors also work with MariaDB because they share the same protocol.

    Plus then you'd have to break an awful lot of pre-existing software. We're literally only just getting over the hump of getting rid of the old mysql_query etc. functions. Given the speedhumps involved, it'll be years before mysqli is viable for removal.



  • @arantor
    Yeah, but PHP's allowed to do all sorts of breaking changes with 7.x major releases these days, so just throw a blog article out into some obscure corner of the Internet, bite down on the stick, and drill, baby, drill delete, remove, delete! 🍹



  • @izzion Nah, it just means a bunch of places never migrate beyond 5.6. Such as the places I currently write code for.

    In fact... I had to write some code to do what the splat operator does because the client's still on 5.5...



  • @arantor The nice thing about .net is they actually design shit up-front so they rarely need to go back years later and pull it out.

    It's almost as if it were written by actual software developers and not just monkeys swinging on the vines like 99.999% of software is.


  • :belt_onion:

    @arantor said in Shitty PHP DB setup code:

    @izzion Nah, it just means a bunch of places never migrate beyond 5.6. Such as the places I currently write code for.

    In fact... I had to write some code to do what the splat operator does because the client's still on 5.5...

    No kidding. One of the main problems with PHP is ironically its early popularity. A lot of economy Web hosts threw it on their servers never to look at it again. So while newer versions of the language are making really good improvements, there's still a significant compatibility gap because old versions of the language still have to be supported by the heavy-hitting Web applications.


  • And then the murders began.

    @blakeyrat said in Shitty PHP DB setup code:

    @arantor The nice thing about .net is they actually design shit up-front so they rarely need to go back years later and pull it out.

    There's stuff they should pull out but still haven't, even in .NET Core. (Non-generic collections and DateTime, I'm looking at you.)


  • Considered Harmful

    @unperverted-vixen said in Shitty PHP DB setup code:

    @blakeyrat said in Shitty PHP DB setup code:

    @arantor The nice thing about .net is they actually design shit up-front so they rarely need to go back years later and pull it out.

    There's stuff they should pull out but still haven't, even in .NET Core. (Non-generic collections and DateTime, I'm looking at you.)

    I mean, 2.0 means they're less likely to pull it out, given that NuGet deps which use Framework can be used in Core.


  • And then the murders began.

    @pie_flavor said in Shitty PHP DB setup code:

    I mean, 2.0 means they're less likely to pull it out, given that NuGet deps which use Framework can be used in Core.

    Yeah, now that they're trying to be runtime-compatible they need to be in there. But there's no good reason .NET Core 1.0 should have had them. And unless there's some compatibility idiosyncrasy I'm not aware of, I'm also not sure why .NET Standard 2.0 didn't slap them with ObsoleteAttribute to stop new code from using them...



  • @heterodox Well, its early popularity was that it was 'easy' to get into and, well, wasn't Perl.



  • @blakeyrat No argument, though in whatever passes for a defence, PHP was never designed to be anything more than a personal project - the original meaning was 'Personal Home Page'.

    The problems started when something that was 'good enough for one guy' got reworked and didn't get solidly designed because they wanted to just keep what they had working.


  • Considered Harmful

    @arantor said in Shitty PHP DB setup code:

    @blakeyrat No argument, though in whatever passes for a defence, PHP was never designed to be anything more than a personal project - the original meaning was 'Personal Home Page'.

    The problems started when something that was 'good enough for one guy' got reworked and didn't get solidly designed because they wanted to just keep what they had working.

    That is generally the path of enterprise software, no?


  • :belt_onion:

    @arantor said in Shitty PHP DB setup code:

    @heterodox Well, its early popularity was that it was 'easy' to get into and, well, wasn't Perl.

    Yeah, I'm not saying the early popularity wasn't for a good reason.


Log in to reply