Report: P-Languages Better For Enterprise

When developers start talking about minding their P’s and Q’s, they might just be referring to scripting languages that are proving their worth next to more established counterparts.

PHP , Perl , and Python (the P-Languages) have really come into their own over the last four or five years because of their ability to augment general-purpose programming languages, such as C++, Java, and C# (sometimes called the G-Languages), according to IT research firm Burton Group. The firm’s report suggests P-Languages are performing well enough in mission-critical tasks like enterprise scripting that they should be preferred over their G-Language counterparts.

Yahoo and Jupitermedia (the parent company of this site) use PHP extensively. Other Websites that use PHP include the social networking site
Friendster, which switched from JSP to PHP in 2004, and Freshmeat.org,
an open source resource site that uses PHP to process between 600,000
and 700,000 page views a day.

In the report, analyst Richard Monson-Haefel points out that PHP makes dynamically
generating HTML and processing HTTP requests very easy. Perl is
frequently used for batch transformations of text data and in the system
administration of Unix and Linux systems. Python is frequently used as
“glue” code as well as for system administration, text processing, and
even application development.

“The P-Languages are not replacements for the G-Languages,”
Monson-Haefel said in his report. “On the contrary, the P-Languages
complement the use of the G-Languages and should be viewed as
additional, albeit first-class tools that information technology
organizations can use to solve enterprise-scripting problems.”

In many ways, the P-Languages also streamline the development
process. Burton said it found that one line of code in a P-Language program
could, on average, accomplish the same number of tasks as five lines of
code in a G-Language.

“This means that developers writing code have less code to write and
debug,” Monson-Haefel said. “It also means that developers maintaining
code have significantly less code to work with, which eases the learning
curve associated with unfamiliar systems.”

One area that the P-Languages are seeing pick up is with open source
platforms such as LAMP, an acronym for the terms Linux
operating system, Apache web server, MySQL database, and the PHP, Perl,
and Python programming languages.

Burton Group also noted that Perl and Python are no more or less susceptible to hacker attacks than most programming languages.

The exception is PHP. Although the language itself
does not appear to be any more or less secure than other languages,
products built on PHP seem to be especially susceptible to
vulnerabilities. In fact, Burton found commercial and open source
products built on PHP had over 300 vulnerabilities reported to the Open
Source Vulnerability Database (OSVDB) between January 2003 and December
2004. By comparison, Perl and Python had less than a dozen in the same
period.

“In truth, there is no omnipotent programming language that is
suitable for all development tasks. The set of challenges encountered in
enterprise computing is simply too broad to be served by a single
language,” Monson-Haefel said in his report, “The P-Languages: PHP, Perl, and
Python for Enterprise Scripting.”

Monson-Haefel also said the PHP community will need to work much more
diligently to harden the language. In February 2005, an initiative
founded by Chris Shiflett called the PHP Security Consortium was formed
to address security concerns and misinformation about PHP security.

Burton Group called the initiative, “a good first step in the right
direction for the PHP community.”

The firm recommends that its customers consider the
P-Languages in future architectural decisions and leverage these
languages where appropriate. Customers should understand the limitations
and benefits of these languages and how they fit into an overall
enterprise architecture, Burton found.

“Particular attention should be paid to evaluating tools, frameworks,
and IDEs ,” Burton’s analysts said. “Although some good free and
commercial products are available, the total third-party market for the
P-Languages is much smaller than it is for the G-Languages, which limits
an organization’s choices.”

News Around the Web