13337

Ronald over at 0×000000.com recently posted something on his blog that made me stop and think for a minute. He says that many PHP programmers are nothing more than data entry monkeys who clack away at their keyboards without any sort of technical understanding of what it is they're doing. I can't say I completely disagree - for instance, a critical vulnerability I published almost a year ago still has not been patched by the software vendor. You know how long the fix is? It's one line. But you know what? Their solution is easier - just delete the offending file. I won't name any names, but if you do a little bit of digging you should be able to figure out who I'm talking about. I do think there are people who know what they are doing and try to improve themselves when they write code, but I also think Ronald has a very valid point - most people couldn't give a damn about security or efficiency; they just want to write their scripts and forget about them.