Darren Duncan said: > One caveat of languages like C and C++ is that you are opening > yourself to several classes of potential security problems that > interpreted languages tend not to have.
You are opening yourself to such problems only if you do something rash like try to write your own CGI parser. Libraries like cgic at http://www.boutell.com/cgic/ and cgicc at http://www.cgicc.org make a lot more sense than reinventing that particular wheel yourself. They also address the buffer overflow problem directly by using strings, or forcing the author to state how much data they are capable of receiving. Now that I have my infrastructure libraries, C/C++ and PHP are about equivalent in speed for me to develop an app, and if complexity is involved C++ will be the best bet. Clay -- Lazarus Notes from Lazarus Internet Development http://www.lazarusid.com/notes/ Articles, Reviews and Commentary on web development
