how do you enforce something 100% without going for a big brother solution? there are only so many cops.

Firstly, you don't have to enforce something 100% for it to be very effective. Even if the enforcement rate was 5%, that's still a 1 in 20 risk of getting caught, which is enough to put almost everybody off doing it.

Secondly, driverless cars are outfitted with a whole load of cameras and sensors. It would be relatively straightforward to save the most recent data in the event of a crash, which would make enforcing the laws trivial in the event of a crash.

They're not entirely code related, and I'm not sure what that means

Hint: If you consistently get a bunch of people telling you that your questions don't belong on Stack Overflow, then they don't belong on Stack Overflow. There's tremendous amounts of people who have no problem posting questions that are on-topic. If you keep getting told that yours are off-topic, then the problem is with you.

Finally, he did not respond to being told "we don't want that type of content on our site" by posting. He left.

Read his comment again. He was talking about what usually happens to him. Meaning this is a common pattern of behaviour.

The bottom line is you've got a community-driven website continually telling you that they don't want certain types of content. The people who keep trying to force it onto the website are behaving like spammers. Yes, that's abusive.

This is "The Soup Nazi" approach to helping people with their questions.

It's not. This is the equivalent of somebody going to a soup stand and asking for ice-cream, then complaining when the soup stand won't serve ice-cream. That's not what the soup stand is for and just because you really want ice-cream, it doesn't mean it's their responsibility to serve it to you, and it doesn't make them nazis for refusing. Where does this misguided notion that Stack Overflow shouldn't be allowed to define boundaries come from?

But I never, ever post there, because I am not thick-skinned enough to take the harassment from the junior dungeon-masters about the appropriateness of my question -or- answer.

If you have a question that Stack Overflow is designed to answer, then post it. If you have a question that Stack Overflow doesn't want, then don't post it. This is simple stuff and has nothing to do with how thin your skin is. Does successful moderation of off-topic things on Slashdot down to -1 make you afraid to post comments here?

Flash didn't ask to become the de facto scripting language for the web. It only became that because

Flash has never been the de facto scripting language for the web. That has always been JavaScript.

the HTML standard lacked scripting and programming capability which Flash provided.

No, the HTML standard didn't lack scripting capability, it offered hooks for scripting languages, and they were in use since before Flash existed.

blame the folks in charge of the HTML standard. They dragged their feet for over a decade, and didn't update HTML to provide many of the capabilities Flash provided until HTML5. HTML 4.01 was standardized in Dec 1999. HTML 5 was standardized in Oct 2014. It should have been made standard in 2001-2003.

Wow, that's a total misrepresentation of what happened. Client-side scripting was not part of HTML. HTML provided hooks, scripting languages used those hooks to integrate into a page. This is an entirely sensible separation of concerns between content and behaviour. At some point, client-side scripting got glommed onto the HTML 5 specification. But in-between those two points, there were huge amounts of progress with client-side scripting.

You make it sound as though non-Flash client-side scripting arrived when HTML 5 brought it forth. It was always there, and always making progress, since before Flash existed. HTML 5 was merely the point at which they decided to define some things in the HTML specification rather than separate specifications.

Usually, the questions I have aren't entirely code-related, but they don't fall on any other Stack Exchange site's purview. So I post a question

If it's not code-related, don't post it to Stack Overflow. The site owners have been very clear about what type of content they want on their site, and questions like that are not it. The response to "we don't want that type of content on our site" is not "I'll post it anyway then complain when it gets removed". That's what spammers do. Don't post stuff where it's not wanted just because it benefits you. It's selfish and spammy. You don't have the right to abuse other people's websites for your own gain. If you want a website where you can post non-code-related questions, there are plenty of them out there. Stack Overflow is not one of them. You're posting the equivalent of -1, Flamebait there.

This is not a PHP thing, but a bad-developer thing.

I guess you didn't read past my first paragraph? Please do.

You can write the same crap in Java, .NET, Python or any language you want.

Go and search the web for tutorials in those languages. You will find that the situation is vastly better with these languages compared with PHP.

That's not PHP's fault.

It is - on many fronts.

Firstly, the language promoted for many, many years, a confusion between the various layers of the application. The whole magic quotes nonsense was an attempt to fix a problem relating to the database layer in the HTTP layer. This confused PHP developers for over a decade, and even though it has since been removed, it was in there for so long that an entire generation of PHP developers had their brains twisted out of shape with this confusion.

Secondly, the official documentation was super bad for years. Security vulnerabilities in the official tutorial for years, for example.

Thirdly, the API design is so bad it practically pushes unsuspecting developers into the wrong solution. addslashes()? No, use mysql_escape_string(). Oh wait, wasn't that mysql_real_escape_string()? Or perhaps mysql_really_really_i_promise_to_do_it_right_this_time_escape_string()?

Finally, the PHP community right from the very top embraces shitty practices, like ignoring failing tests in a release build. Again, a source of security vulnerabilities that simply doesn't need to happen.

Yes, you can write bad code in any language. But that doesn't mean that all languages are equal. PHP is far, far worse at this than its contemporaries and you shouldn't make excuses for it.

So why, in 2015, is SQLi still leading to some of the biggest breaches around?

Because typical PHP tutorials still teach old, broken ways of doing things and this shows no signs of abating. Go ahead and search the web for things like php mysql tutorial. The top hits are crap like this, written by incompetent developers who don't know what they are doing. PHP developers learn from crap like that, then they go on to write their own tutorials that are the same or worse.

And before you start, yes, this is something where PHP is stand-out bad. Go ahead and try the same searches with other languages. There is a vast difference in quality of learning materials. I mean, PHP had XSS vulnerabilities in its official tutorials until relatively recently. Newbies don't stand a chance in those circumstances.