SitePoint Sponsor

User Tag List

Results 1 to 22 of 22
  1. #1
    SitePoint Member
    Join Date
    Feb 2001
    Location
    Canada
    Posts
    23
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Which BIG Players use PHP & mySQL

    OK first of I like to say PHP Rocks!!!

    I'm trying to convience a buddy at mine
    work who is Java Guru.... I don't want
    to convert him but at least open his
    eyes and let him know that there are other
    things out there then just Java.

    One his arguements is no "real" organization
    with heavy transacations & high security
    would use PHP & mySQL....
    I know this isnt' true!!!

    Does anyone know any well known big
    companines that use PHP & mySQL... that
    have thousands maybe millions of hits
    per / transactions per day



    Thx in advance!!!, long live PHP

  2. #2
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, PHP might work fine for large project, but it would be bloody insane to use mySQL for applications of that magnitude. mySQL is good in many ways, and especially, it's very, very fast. However, it does not scale well at all. When you get a lot of connections to the database at the same time, mySQL chokes.

    So there are probably no big players out there that uses mySQL for big projects, at least not efficiently. I bet PHP, on the other hand, used by many. It's MUCH faster than JSP.
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com

  3. #3
    SitePoint Guru Husain's Avatar
    Join Date
    Sep 2001
    Posts
    620
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Does Sitepoint fourm use MySQL?

  4. #4
    Wanna-be Apple nut silver trophy M. Johansson's Avatar
    Join Date
    Sep 2000
    Location
    Halmstad, Sweden
    Posts
    7,400
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by husain
    Does Sitepoint fourm use MySQL?
    Yes, SitePoint uses mySQL, I belive. However, it was also mentioned in another thread that they are porting vBulletin to another database because mySQL really can't handle the load. (I might be totally off, though) I'm sure Wayne can fill us in here.
    Mattias Johansson
    Short, Swedish, Web Developer

    Buttons and Dog Tags with your custom design:
    FatStatement.com

  5. #5
    SitePoint Guru Husain's Avatar
    Join Date
    Sep 2001
    Posts
    620
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yahoo! Finance uses MySQL database. [more]

  6. #6
    SitePoint Guru Husain's Avatar
    Join Date
    Sep 2001
    Posts
    620
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Some more websites that use MySQL database are listed in the MySQL.com website. This is where I got the Yahoo! Finance bit.

  7. #7
    SitePoint Guru
    Join Date
    Jan 2001
    Location
    Alkmaar, Netherlands
    Posts
    710
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    One his arguements is no "real" organization
    with heavy transacations & high security ...
    transcation and MySQL! u dont mean it, do u?

  8. #8
    SitePoint Addict
    Join Date
    Feb 2001
    Posts
    302
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Which BIG Players use PHP & mySQL

    Originally posted by jason604

    One his arguements is no "real" organization
    with heavy transacations & high security
    would use PHP & mySQL....
    I know this isnt' true!!!
    Your friend is correct to a certain to degree although some large companies use PHP such as parts of NASA or Bang and Olufsen, none that need a very high level of security such as banks will touch it, because out of all the languages available it is the weakest when it comes to security. This is due to several things, but the most obvious is that you do not have to explicitly create variables see the link below for a full list of the security concerns over PHP.

    http://www.securereality.com.au/studyinscarlet.txt

  9. #9
    SitePoint Wizard silver trophy Karl's Avatar
    Join Date
    Jul 1999
    Location
    Derbyshire, UK
    Posts
    4,411
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Neil - The variable problem is easily solved by changing the default error reporting level of PHP. Personally I never write an app that needs to be secure with register_globals set to on, I always make sure it is turned off. I then access the vars trough $_GET, $_POST, $_COOKIE etc. arrays.

    PHP can be just as secure or unsecure as any other language can, it all depends on the skill of the programmer using it.

    I know Ford use(d) PHP, British Telecom use it in places. There are lots of big people that do use it.
    Karl Austin :: Profile :: KDA Web Services Ltd.
    Business Web Hosting :: Managed Dedicated Hosting
    Call 0800 542 9764 today and ask how we can help your business grow.

  10. #10
    Mlle. Ledoyen silver trophy seanf's Avatar
    Join Date
    Jan 2001
    Location
    UK
    Posts
    7,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Re: Which BIG Players use PHP & mySQL

    Originally posted by neil100
    out of all the languages available it is the weakest when it comes to security
    I disagree with this too. Take a look at this:
    http://www.php.net/manual/en/security.php

    Sean
    Harry Potter

    -- You lived inside my world so softly
    -- Protected only by the kindness of your nature

  11. #11
    Database Jedi MattR's Avatar
    Join Date
    Jan 2001
    Location
    buried in the database shell (Washington, DC)
    Posts
    1,107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP is as secure as your web server (or as you write your code).

  12. #12
    SitePoint Addict
    Join Date
    Feb 2001
    Posts
    302
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Karl I admit that lot of the security problems (such as explicitly creating variables, exec() and file uploading can be solved through reconfiguring the php setup and careful programming. However many of these changes greatly restrict your programming in PHP. Also part of the problem with PHP is because it is so loose it allows people to get away with sloppy programming and thus create security issues. I know this happens with other languages aswell, but to a much lesser extent.

    I agree that some big companies do use PHP in parts, however I have yet to find a company that uses it for areas that need to be very secure if you find me a bank for instance that uses it then I will shut up

    Also jason504 asked if large companies with high security use mySql - cue the laughter, just a couple of things foriegn keys and stored procedures.

    In reply to seanf, you pointed me to the PHP manual to prove how secure it is, BRILLANT! Perhaps you would expect it to say in it's own manual that PHP is less secure than JAVA or ASP.NET/C#.

    Lastly MattR all languages are as secure as the webserver and as you write your code, but PHP is so open and loose it asks for trouble.

  13. #13
    Database Jedi MattR's Avatar
    Join Date
    Jan 2001
    Location
    buried in the database shell (Washington, DC)
    Posts
    1,107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by neil100
    ...PHP is so open and loose it asks for trouble.
    Howso? I use PHP a lot and aside from some dumb programming practices by users I haven't seen anything wrong.

  14. #14
    will code HTML for food Michel V's Avatar
    Join Date
    Sep 2000
    Location
    Corsica
    Posts
    552
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can not expect a relatively simple language like PHP to be as secure as fixing security holes in a programmer's code, this just won't do. One could make an insecure web app in Java and ASP aswell, and I wouldn't blame the language they use, it's all in their coding practices.
    For example if I make a login script that checks for the variable $is_logged at the beginning of the script but doesn't really pay attention to where it would be set, would PHP/ASP/Java/Perl be the guilty party when someone passes the variable in the querystring ?

  15. #15
    Grumpy Mole Man Skunk's Avatar
    Join Date
    Jan 2001
    Location
    Lawrence, Kansas
    Posts
    2,067
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Unfortunately in that case PHP would be the guliy party because none of ASP, Perl and Java allow you to set global variables within your scripts just by appending ?is_loggedin=yes to the URL That said, as long as you make sure you ALWAYS empty a variables before use in PHP you should be OK (i.e put $is_loggedin = false; at the very top of your script).

    PHP and mySQL are used by many large companies but PHP isn't used for ultra high security things and mySQL definitely isn't used for things with a very high load, as everyone else on this thread has pointed out

  16. #16
    SitePoint Wizard silver trophy Karl's Avatar
    Join Date
    Jul 1999
    Location
    Derbyshire, UK
    Posts
    4,411
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Turning off register globals makes it no more difficult to program in PHP and it removes one of the greater security threats.

    A poor craftsman should not blame his tools.
    Karl Austin :: Profile :: KDA Web Services Ltd.
    Business Web Hosting :: Managed Dedicated Hosting
    Call 0800 542 9764 today and ask how we can help your business grow.

  17. #17
    Database Jedi MattR's Avatar
    Join Date
    Jan 2001
    Location
    buried in the database shell (Washington, DC)
    Posts
    1,107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by Karl
    A poor craftsman should not blame his tools.
    And as they say;

    A great craftsman is known by his tools.


  18. #18
    SitePoint Member
    Join Date
    Jun 2001
    Posts
    22
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Good list here

    There is a good list of companies using PHP here:

    http://www.imakenews.com/badblue/e_article000033275.cfm

    The BadBlue newsletter routinely tracks enterprise/corporate use of PHP. You can sign up at this newsletter site or download the very compact (200K download) Win32 server that works well with PHP.

  19. #19
    SitePoint Enthusiast
    Join Date
    Aug 2001
    Location
    NJ
    Posts
    68
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I know that hondamotorcycle.com used mysql, but i dont know if it uses php, and they are pretty big. . .
    signature

  20. #20
    Talk to the /dev/null Theiggsta's Avatar
    Join Date
    Mar 2001
    Location
    Tampa, FL
    Posts
    376
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The truth is....PHP is a great scalable language...and building large, database driven applications means using database such as postgresql, oracle, sybase, DB2, informix. However the most popular for large scale e-tailers seems to be Oracle, however they are all seeming to find out the wonderful possibilities of making proprietary C/C++ solutions that scale and suit thier needs.

    PHP is very secure...when you know how to secure it with special techniques. You can use the built in session functions, or write a database driven one for a larger application. PHP and any other database such as postgre can work faster under larger amounts of pressure, not to mention it can easily take advantage of the hardware once you apply simple tweaks to its ram usage.

    Mysql is more for the beginners and smaller applications that do not demand as much power or toughness unlike the larger applications that need something different.

    To put it short....any site that currently uses vBulletin is using PHP and Mysql (However I have seen sites port this to other databases such as sybase)

    Not to knock JSP or anything...JSP is actually a fairly fast language to use (Java is soo powerful it scares me) and scalability is easily done, however is mainly objetc oriented unlike PHP....where its not completely oriented on objects and more so structured code.

    Thats what I have to say as an answer though...
    Aaron "Theiggsta" Kalin
    Pixel Martini
    Ruby and Rails Developer

  21. #21
    SitePoint Enthusiast allusion's Avatar
    Join Date
    Aug 2001
    Location
    San Francisco, CA
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    SourceForge is done *entirely* in PHP. There's some really amazing stuff if you look at the code.

  22. #22
    Mlle. Ledoyen silver trophy seanf's Avatar
    Join Date
    Jan 2001
    Location
    UK
    Posts
    7,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by neil100
    In reply to seanf, you pointed me to the PHP manual to prove how secure it is, BRILLANT! Perhaps you would expect it to say in it's own manual that PHP is less secure than JAVA or ASP.NET/C#.
    Don't take the piss

    The manual shows you how you can change your setup to make PHP as secure as possible

    Sean
    Harry Potter

    -- You lived inside my world so softly
    -- Protected only by the kindness of your nature


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •