> However, all this mitigating points taken together do not suffice to
> convince me that PHP is the language to choose if you want to lead a
> quiet, secure life.
Language has very little to do with it. The code that is
written in the language is ususally the problem :)
...
> [1] Though this is a bit of an abuse in statistics; open source web
> applications are full of easy-to-find holes, and since PHP has almost a
> monopoly there and is almost never used elsewhere, so are almost all PHP
> applications. It would not be unreasonable to say that a large portion
> of web applications is just badly written.
> The point stands that PHP makes it too easy to write bad code, but
> still.
...
People write bad code in everything. The way people write software
and heave it out the door to the slobbering masses that don't care
about how bad it works has everything to do with it. Nothing will
change until programmers of the applications are in general, smarter.
That won't change without some evolutionary pressure to make them so,
the only thing that will do that is people refusing to run crap and
pushing back. Turning "I don't like running crap" into "I don't like
running language X" is not helpful in this regard - the crap writers
just move to another language-du-jour, make another application and
pop up somewhere else - it's like playing "whack-a-turd". I don't
like running crap no matter what it's written in.
Yes, I'm sometimes forced, I spent today fixing imp/horde and mysql
issues. My crap-o-meter is overfull, I feel dirty - someone needs
to send me some nice wholesome german scheisse porn so I can be
convinced that not all the world is so smeared full of crap as
the software I spent today looking at.
-Bob
--
| | | The ASCII Fork Campaign
\|/ against gratuitous use of threads.
|
