Comments by "Cees Timmerman" (@CTimmerman) on "this is a warning to anyone using php" video.

  1. Because it's easy and it works without installing a package manager to install a package manager to install a package manager to transpile and polyfill and bundle your handwritten routes to factories that output webcomponents or whatever the current thing is in the topmost of thousands of frameworks, runtimes, managers, and servers.
    1
  2. I think an exploit usually puts a "GOTO address_of_my_evil_code" in that overflow, so random code past that buffer will run the exploit payload.
    1
  3. Inconsistency, lack of safety (mostly mitigated since getting rid of magic quotes), and it's so easy that anyone can do it so the thousands of hours some put into ever-changing frameworks are useless.
    1
  4. Can React + Next make a header, content, footer, session, login site in less than an hour and have it work correctly without rerendering issues?
    1
  5. PHP was written in the C programming language by Rasmus Lerdorf in 1994 for use in monitoring his online resume and related personal information. For this reason, PHP originally stood for "Personal Home Page". Lerdorf combined PHP with his own Form Interpreter, releasing the combination publicly as PHP/FI (generally referred to as PHP 2.0) on June 8, 1995. Two programmers, Zeev Suraski and Andi Gutmans, rebuilt PHP's core, releasing the updated result as PHP/FI 2 in 1997. The acronym was formally changed to PHP: HyperText Preprocessor, at this time. (This is an example of a recursive acronym: where the acronym itself is in its own definition.)
    1