Eric Gorr wrote:
PHP has to many security issues and should not be used with a
user authentication system.
We should use XXX.
Well, people's complaints about PHP probably stem from some security
pitfalls built-in for simplicity's sake. (The most common being
register_globals.) For that reason, I strongly agree with the general
sentiments of many posters: code is as secure as the least capable
developer can make it.
I write code in C, python, Perl, PHP, Java, C#, JavaScript, etc, etc...
I don't find PHP to be inherently less secure than any other language.
I've recently run into a company that has a payment web service that
handles outgoing transactions. They have a hole in their system that
could be used to rip off e-commerce sites accross the internet. (Site
thinks the person has paid, where they have not.) Their code is written
in ASP. Is it ASP's fault? No. It's the programmers who failed to
recognize the hole in their protocol.
jon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
