Surely NOT Ruby (way more scary than PHP), and probably not C++/CGI (too esoteric and crashworthy), probably not Python/web (still not ready for the bigtime), and don't even mention Java (the world will be a better place when people finally stop using it).
Nothing wrong with Java running server side. The security hell that is java applets needs to die. I personally don't install java client side not because it is any direct risk but out of fear that some browser exploit will enable java applet access. If java applets were killed off an no longer supported by modern browsers I would have no issue with java client side either. Most financial institutions and large enterprises use java server side.
Well there are problems with Java server side - high memory and CPU use, slow execution, occasional required restarting of backend infrastructure, and code bloat (Karpie's Bitcoin PHP class would take 5000+ lines of Java). Also Java server architecture didn't start off HTTP/REST-based - PHP was specifically designed for it (albeit recklessly). Finally, Java bugs always take longer to FIND AND FIX than any other language's - a major cost.
The issue isn't so much PHP as the way it was used. As a side note, you can shoot of your own foot with any programming language, PHP just makes it easier than others. I would use Python over PHP because dynamic typing and implicit (warningless) conversion between types just makes it to easy to create bugs which only occur run time. Combine that with no test driven development and you got a recipe for hard to identify bugs.
very true - php5's execution is SCARILY NON-DETERMINISTIC from time to time...
Someone up thread said testing, testing, and testing. That doesn't mean let me try to manually "test the hell out of this" it means things like unit testing, code coverage, mocking, automated test validation in build process, etc. That is impossible with the code as written. The code as written is untestable, unmaintainable, and undocumented. Everything is a bunch of static methods, magic constants spread throughout, SQL code interspersed with business logic, mixed with formatting. The few places where a constant should be used they decided to use a literal 100000000 for conversion from satoshi to Bitcoins. Money values are handled as floats. Everything is tightly coupled and poorly documented so if Mark ever did bring on additional programmers that would just be a timebomb waiting to go off. You can get god's gift to programming but if other "lesser" programmers can make fatal mistakes with your code because it is fragile ... it is bad code.
Hard to argue these points - nonetheless the old industry saying of "it's not a bug unless a customer finds it" holds true... With PHP a lot of poop can be swept under the rug or offloaded to the web server...
I forgot to mention node.js as an option for web infrastructure - I am not a fan of anything google and I hate Javascript...
Karpie might be polishing his coding skills up in a cell in the US soon...
