DEV Community


Discussion on: Choosing PHP in 2018

tadman profile image
Scott Tadman

I think the problem is so pervasive, it's basically endemic to large parts of the PHP world, that it calls for some kind of intervention. An article won't be enough. This requires a pretty serious effort to disrupt what the current top-ranking results are for common inquiries like "how to php mysql" and such.

As much as I appreciate OWASP, it's a bit too theoretical for most people to absorb, especially newcomers who just want a how-to type introduction. It's at that point they're the most vulnerable to bad advice.

Thread Thread
restoreddev profile image
Andrew Davis Author

It’s hard to turn the direction of a large ecosystem, but it would probably take creating something like a PHP security initiative which would provide high quality documentation and videos that would become the reference point for good security. It would have to be something the whole community can get behind.

I think frameworks have made the situation much better since they have more secure defaults. However, developers need to be able to understand what the framework provides so they use it appropriately.