Harry Fuecks at SitePoint – PHP Security: Dumb Users or Dumb APIs?:
„There’s another round of “Is PHP Secure?” debate happening right now. Chris drew attention to it, pointing to a post by Andrew van der Stock (who’s a contributor to OWASP): PHP Insecurity: Failure of Leadership.
So the usual denials have been made (see replies to Chris’s entry)—”Damn newbies”, “Holes in PHP-based app != PHP insecure”, etc., all of which I agree with. But…
[…] What if Andrew does have a point? What if we’re living in denial?“