Comment Re:Blame PHP. Blame JavaScript. (Score 1) 87
The syntax is a shitty imitation of C. The semantics, even for basic things like boolean values and comparisons, are extremely fucked up.
And yet you are posting on a website coded in Perl which, no one will argue with, is a pretty f**ked up language but a powerful one. And Slashdot even use Javascript. Is this site insecure?
A language, in itself is just an abstraction for machine code. Assembler code is just a literal version of machine code. C is a the closest language to machine code and the primary one used everywhere like core OS components to video game. A language in never secure or unsecure, it's its interpretation in machine code that may be more secure with additional code to prevent hazardous events. PHP is just a script engine that use similar semantics to C and is mostly a big wrapper around some well known C libraries like PCRE and cURL. It is open-source and its community is regularly releasing maintenance releases to fix any security flaws, which is a must. On itself it is pretty secure.
That being said and with the majority of computer issues, the problem is most often found between the chair and the keyboard. If developers don't check users input and send that directly to a SQL backend, in any language it will result in a security flaw. Its developers practices that are to blame, not language semantics.