PHP Sadness

(<5.5) PHPE9568F34-D428-11d2-A769-00AA001ACF42

Update 2013-01-07: As of PHP 5.5, access to these via URLs has been removed.

Update 2012-08-06: A patch has been submitted to move all these images from URLs (which fixes the security holes) to data URIs (which probably makes the cruft worse). Net change: positive!

PHP is full of cruft.

For example, PHP <5.5 has a "feature" wherein if you add ?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 to the URL of a PHP script, it produces the PHP logo.

You can get this ID with php php_logo_guid.

There is also php zend_logo_guid and an undocumented php_egg_logo_guid() function:

You can also get the PHP developer credits with php phpcredits or ask any PHP script using another code URL:

All of this data is loaded into memory every time a PHP script runs. This takes approximately 21kb of memory (after all the images, credits, and HTML therein) per PHP process, even though these are never used for production applications. Disabling this requires a custom source modification (as of 20100712).

It should be noted that setting up some kind of filter, redirect, or rewrite for these URLs does not "solve" anything - this data is still present in the PHP binary and is loaded whenever it starts up.

It looks like this feature is now available in Perl as well!

Significance: Efficiency

Efficiency at the language level are a critical concern in any language. Large applications compound even the smallest efficiency problems; this is especially true for efficiency problems within the core of a language. If your application gets many hits per second, and your hardware must spin up and bootstrap the language engine and then execute the critical code paths within the language engine (not to mention the logic in your code you've asked it to run), this can easily incur large unnecessary costs for businesses.