On Mon, Nov 04, 2002 at 01:05:28AM +0000, Dave Wilson wrote:
> b) The number of bad PHP programmers:
>
> A properly coded PHP project should be just as secure as it's perl or
> C (or insert-language-here) counterparts. It is the
> "In-24-hrs-Newbie" who is writing code like
> 'system(getenv("USERNAME"));'. This could just as easily be done in
> any other language. (please skip the perl tainting rants :).
Here are a couple of articles on developing "Rock Solid PHP",
http://www-106.ibm.com/developerworks/library/wa-phprock1/?t=gr,lnxw10=PHBvariables1
http://www-106.ibm.com/developerworks/web/library/wa-phprock2/?t=gr,lnxw10=PHBvariables2
(via
http://www.linuxformat.co.uk/modules.php?op=modload&name=News&file=article&sid=550 )
Let's not lose sight of why we're here - software is for most of us
probably more practical than theoretical. That means writing and using
the stuff. I'm personally glad to see people writing software. We all
had to start somewhere - if PHP is an entry point for people then great,
we get to use more software (there's no shortage of examples of major
pieces of extant PHP software that aren't matched in the perl world).
Those people will learn to write code, become part of the open source
community, and they'll get better and write better software.
Who knows, they may even graduate to perl... :-)
Paul
--
Paul Makepeace ....................................... http://paulm.com/
"What is the likelihood of promotion? Desperate thrashing in a
supermarket."
-- http://paulm.com/toys/surrealism/
