I do not think PHP is anywhere close to being on its way out. Lately, anyway, we've been having an increase in posts regarding PHP here (I think so, anyway). Personally PHP is my best friend and you can always count on at least one person to be using it ;)

Another possibility is that the server is not reporting PHP installation based on the mechanics [survey.netcraft.com] of the survey. PHP is still at a count of over 6M compared to 284K Python installs. And with so much heavy weight (IBM, Oracle, etc.) throwing into the mix I think you'll see PHP around for awhile.

and if you compare the 284K python installs to the 351K PHP CGI installs python still loses ;)

hehe

looking at this
[securityspace.com...]

PHP still has growth and is still the most popular apache module there is

PHP is definitely getting stronger and will continue to do so

If it is declining I would imagine the reason would be the low speed of PHP. Web-apps are more and more computationally demanding, and PHP just doesn't match up to compiled code.

Most EU gov and many EU biz users are Linux PHP MySQL oriented.
And numbers are still growing.

Don’t’ forget our motto

PHP has grown huge and now challenges Perl as the new defacto cgi scripting language.

PHP just doesn't match up to compiled code

You can compile PHP using the Zend module.

Processor power is dirt cheap these days, too.

TJ

That curve doesn't make sense. I suspect that it doesn't measure an actual decrese in PHP use, but rather an increasing use of some technology that hides the presence of PHP on a specific host. Or maybe the newer installs just show a different signature that isn't picked up by the probe.

It is also worth to note that just because some module is installed on a web server doesn't mean it is actually in use by the site. On the other hand, eg. Python is often installed in a way that is hard to detect from the outside.

One might use "Do not show PHP" in setup
although I do not think that many installs go for it

You can compile PHP using the Zend module.

Processor power is dirt cheap these days, too.

Both of those are relative advantages only. Even compiled with Zend I get benchmarks much lower than with executables written in C.

PHP seems to add an enormous overhead to the code you run, and the handling of large arrays is very slow. Something as simple as taking a 2Mb digital image, reading the bits into an array, running basic manipulation algorithms, and then returning to the browser can take much much longer than it should.

true but C isn't really the direct competition for PHP

Even compiled with Zend I get benchmarks much lower than with executables written in C.

Of course, but it's generally fast enough for most web applications.

Something as simple as taking a 2Mb digital image, reading the bits into an array, running basic manipulation algorithms, and then returning to the browser can take much much longer than it should.

PHP would be the wrong tool for the job.

That example is a perfect case for coding that function in C and optimising heavily.

PHP is a fantastic tool. It shouldn't be knocked because it's bad at doing things it wasn't designed to do.

It was conceived and designed as a basic scripting language for creating dynamic web pages. At that it excels.

It wasn't designed for manipulation of 2mb image files. At that it's probably whack, but then it would be a bad decision to code something like that in PHP, not PHP's fault.

TJ

In the past year I've setup 8 new servers, all of which are set not to disclose the existence of PHP for security reasons. My old servers did not use that mechanism. With the proliferation of PHP-based hacks over the past year, it seems a prudent, simple step to take. I'll bet, along with others, that the practice is pretty widespread, which would cut down the numbers being reported.

I an above post I was wondering about it.

Do we have any stats?
I have no data to agree or disagree.

However my uneducated gut feeling tells me that not many servers use that function.

Second paragraph of Chapter 32 in the PHP Manual:

A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system. By setting expose_php = off in your php.ini file, you reduce the amount of information available to them.

Maybe server admins aren't doing that by default ... but then what else aren't they doing to secure their box? Maybe this helps explain the rise in zombie machines over the past year, too ... ;)

<edit>The link to TPCI-TIOBE [tiobe.com] indicates PHP is holding steady. Ahhh ... data mining fun!</edit>

[edited by: StupidScript at 7:48 pm (utc) on Sep. 7, 2006]

I think StupidScript is pretty smart on this point. (Well...other points, too.;) I've also set my servers to expose off in recent months for security reasons. I hadn't much messed with my php.inis for a long time, and i'm not even sure when the option became available, but when I saw it I did it.

While I don't know what kind of stats there might be on how many others are doing that, the number has to be growing. Even this thread is probably going to encourage some to turn expose off.

Beyond that, statistically, the Netcraft graph doesn't look right at all to me. Even if PHP is facing other competition, it's not like PHP could have gone the way of buggy whips so suddenly. If a downturn were due to PHP being displaced by other technology, I'd expect the graph to look more like a bell curve then the summit of Mount Everest. That alone suggests to me that the sudden downturn shown on the graph is more likely due to admins turning expose off in a security conscious world than it is to programmers abandoning PHP altogether. I know I ain't lettin' it go.