Agreed -- I coded up many nice SQL injection vulnerabilities before I ever 
learned PHP.  As for Perl, anyone remember the notorious formmail.cgi from 
Matt's Script Archive?
For **web** programming specifically, it's critically important for newbies to 
get a grounding in security issues, regardless of the language being used.  
Also, in usability issues, accessibility issues, etc. .... for anything that's 
actually going to get used by the public.  But really, that mainly applies if 
you're going to be developing a whole app complete with web-accessible front 
If your interests aren't particularly in web development, you have a whole 
other set of potential issues to learn about, and I'm probably ignorant of most 
of them.  
My first language was C, which according to [1] is still the most 
popular language around!  If you don't want to get bogged down in the web 
security issues, etc., then you might lean toward learning a general-purpose 
language like C or Java, rather than one designed for a specific purpose as PHP 
is for web development.

>>> 03/25/10 07:56AM >>>
On 3/24/2010 17:43, Joe Hourcle wrote:
> I know there's a lot of stuff written in it, but *please* don't
> recommend PHP to beginners.
> Yes, you can get a lot of stuff done with it, but I've had way too many
> incidents where newbie coders didn't check their inputs, and we've had
> to clean up after them.

Another way of looking at this: part of learning a language is learning 
its vulnerabilities and how to deal with them.  And how to avoid 
security holes in web code in general.

Reply via email to