Wichert Akkerman wrote:
Previously Arran Cudbard-Bell wrote:
Alan Dekok wrote:
Arran Cudbard-Bell wrote:
And what do you have against PHP ?
Vulnerability vulnerability vulnerability ...
Like what ?
You have to be really quite stupid to write PHP code with vulnerabilities ...
Unfortunately security is a complex subject and there are lots of people out there who are not familiar with its intricacies. And a fair number of them seem to want to write PHP applications. Yes it's a fluffy language, and so attracts fluffy people. But it's fluffy reputation isn't justified, it's also a great hacking language. It's just as happy writing out configuration changes to hundreds of switches using interactive ssh sessions, as it is running a web forums... I guess it's just a preference, I learned PHP while others learned Perl, Python and Ruby. Additionally PHP itself is not without its own share of problems, as is immediately obvious if you look at http://www.php-security.org/ for example.
I'm sure Perl has it's fair shared of security issues, just the people who write it tend to be sysadmins, used to annoying people breaking things in new and horrible ways.. Whereas the people who tend to write PHP tend to be web designers, more concerned with how pretty the page looks than how secure it is. Two completely different ways of thinking...