Comments by "Cees Timmerman" (@CTimmerman) on "People Who Say PHP Is Insecure Are Uninformed | Prime Reacts" video.

  1. PHP is a language designed for the web, whereas Rails is a framework in an allegedly more readable Perl. Ruby is probably more consistent argument-order-wise, but requires learning sigils and odd control flows. PHP is often just HTML with some dynamic server side code that does everything you need as opposed to yet another template language that doesn't quite.
    12
  2. Magic quotes were removed in PHP 5.4, but 0 is still equal to "on".
    5
  3. You prefer it, so why is Symfony better than Laravel?
    4
  4. There are managed PHP hosts and deprecation warnings are logged before features like magic quotes are removed in the next version. Tests should be automated anyway, because the website probably changes more often than there are mandatory upgrades to a new backwards-incompatible version.
    3
  5. As PHP and WordPress are so easy to use, they're quite popular, and thus a more likely target to exploit for monetary gain. More popularity also means more code/bugs.
    2
  6.  @furycorp  In JavaScript, 0 != "on", but a 1000+ line chess program does get unwieldy with implicit types.
    2
  7.  @metznoah  Python doesn't have it in stdlib? python -m http.server
    1
  8. #NotAllWebsites And there should be a SQL injection tool in Kali. #NotAllPHP uses prepared statements.
    1
  9.  @MrVampify  It's not a pain, just a hassle similar to delivering your own pizza. People pay for convenience.
    1
  10.  @yahmix_dev  Why? Don't those offer their secure API to anyone who pays for an account?
    1
  11. Even so, does either prevent rawdogging SQL or equating random types like a secure framework might at least warn you for?
    1