> You might consider those scripts poor programming practice. We all do. > But PHP is the language of the unwashed masses, and that was, and is, > part of why it is hugely popular. Somebody who barely understands > programming can pound away at the keyboard and write a bloody useful > web application, breaking 10,000 Computer Science rules along the way.
And in 20 minutes I can hack into that application 20 different ways. This isn't really PHP's fault...or is it? By deliberately catering to the lowest possible denominator is it possible that PHP itself contributes to the proliferation of wildly insecure web sites? I do understand the "unwashed masses" argument, and yet, the security geek in me sometimes questions how "good" this is. (Before someone flames me, I'm not really saying that we should scrap any foundational principles or tell basic users to go hang themselves. This is mostly philosophical musing.) John Crenshaw Priacta, Inc. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
