In the early 2000s, everyone in my bubble knew that PHP was a security nightmare, only seconded by Flash. In the meantime, Adobe gave up on Flash, but PHP is still alive and rocking.

How did that happen? Did PHP get some serious makeover? Do developers just not care?

  • @Potatos_are_not_friends
    link
    English
    3
    edit-2
    1 year ago

    WordPress is still horrific, though.

    Not wp core, or the latest core themes. Very stable, security issues are resolved pretty quickly and it’s only getting better for the past few years.

    But Everything where users can contribute, plugins and themes can be garbage. Especially on the open market. Php development into WP core… still kinda nightmarerish. But modern theme development with php is a great experience. Modern themes also recommend moving the frontend templating to JavaScript.

    Nearly 99% of my security audits on wp sites is looking for vulnerability from a decade ago.

    So in terms of security, WP core itself has been incredibly stable.