'Month of PHP Security' Finds 60 Bugs
darthcamaro writes "More than 60 bugs were reported in PHP over the last 30 days by the Month of PHP Security project. Most of the flaws, however, are ones that developers themselves can protect against with proper coding practices, according to Andi Gutmans, CEO of commercial PHP vendor Zend. He argues that PHP security is a matter of setting expectations. In his view, PHP — like all development languages — is only as secure as the code developers write with it. 'People should not expect PHP to be able to enforce security boundaries on a developer [who] has permissions to run custom PHP code,' Gutmans said. 'It's an inherently flawed scenario — and it's the wrong layer to protect in. People must rely on properly configured OS-level permissions for securing against untrusted developers.' Gutmans also praised the MOPS effort for elevating the profile of PHP security throughout the community, and for responsibly alerting the PHP project first with the bugs they found."
Oh right. There is over a million on MS Windows.
Clearly you are a moron.
The Parent is not "insightful", it is ignorant and biased. Insecure PHP is a function of the low bar to entry that allows noobs to produce code that does stupid things. The same (and worse) are possible with many languages...
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
The issues you relate, particularly the image problems come from bad code (indeed when you described your image issue, I immediatly said to myself "I've seen that noob code error many times". These things are unrelated to the usability of PHP, but rather code monkeys who don't know their language. I could explain the image issue, but obviously you have no interest in learning professional PHP.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck