NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP dominance on websites (Information Week article)

David Sklar sklar at sklar.com
Thu Nov 13 12:13:43 EST 2003


> I see more and more PHP security bugs
> come out everyday but they are mainly XSS/SQL + other items which
> can't really pertain to the PHP language itself but it will still get
> the rap, because of the coding I guess(?) ...

Indeed. The first question in the last "general intro to PHP" talk I gave
was "I heard that PHP has lots of security problems. What's with that?!" My
answer tried to separate problems with the language with problems in
programs written in the language and turn it into a virtue of PHP: "because
it's so easy to learn, beginning programmers often use it and since they're
beginners, they often write programs that aren't as secure and robust as
what an experienced programmer would do. But if you're a good programmer,
you can write perfectly secure PHP programs."

This is a perfect example of a problem PHP has that can only be fixed with
marketing, not with technology.

David




More information about the talk mailing list