Quote:
Originally Posted by HomerSimpson
|
Qft
See the thread below about downloading MP4 files. A very simple script, yet "professionals" routinely make the same three major errors in that type of simple script. Two of the errors cause your server to occasionally crash. The other error let's visitors to your site read the config and password files, thereby being able to take over your server.
There are two reasons these same costly mistakes are so very, very common.
First, people learn the PHP language without first learning programming.
That's like learning the English language and then expecting that by knowing English you'll be able to write an Economics book in the English language.
Just because you know a language doesn't mean what you say in that language won't be stupid.
Programming first, languages to program in second. Included in programming is security 101, a topic many skipped. Then web systems, then web programming.
The second reason 90% of scripters make the same three major errors with that same simple script is because they learn by looking up one thing at a time, until it seems to work. By only studying what's obviously broken without a big picture view of language features like the PHP buffer system, they are unaware of the things they don't know. They work on it until "it sends to work for me." Yeah, and it also works for hackers. What they don't realize is that the next time the site gets busy their script will crash the whole server. "It seems like it's working for me" isn't good enough.
You need to understand the bigger picture and general concepts.
A few months? I've been studying computer science for 30 years and I've been a full time professional for 14 years. I STILL study constantly and I still do dumb every so often. I did a dumb today.
There are two differences with decades of experience. I've learned how to catch my errors in testing, rather than having a server hacked. Secondly, I now learn mostly from more knowledgeable people. I used to study random tutorials, now I study the kernel source and ask questions of kernel maintainers. I'm still studying, though.
Web programming is some of the most challenging to do well because you're code is constantly subject to attacks and may have to serve thousands of users per hour or per minute. Windows programming is much easier because you don't have hackers hitting your software all day, and you only have to serve one user at a time.
What can you learn in a couple of months?
I've hired a couple of people with computer science degrees. I have a couple of people I do peer review with. A reasonable amount of study to code GOOD web software under the supervision of someone more knowledgeable is a couple of years of study. After say 5-10 years I expect someone to be able to work by themselves with peer review rather than direct supervision. For real high quality code, Linus, Ralf, myself, and others who have decades of experience still have a team review the code. So for example about six experienced programmers will review my patch before it becomes part of Apache.
In a few months, you can learn enough to figure out if you want to learn more. In a few months, you can learn enough to shoot yourself in the foot. In a few months, you can learn enough to install and configure scripts other people wrote, and intelligently write good bug reports, feature proposals, etc.