> > Php is secure unless you program insecurely. For example the link > > you posted: > > > > http://www.haikubytes.com/beta/?category='' > > > > This will not work. my php code scans 'category' to ensure it's an > > integer with regex, if it is not an integer it dies. I plan to > > implement several security checks such as these throughout the site. > > I beg to differ. PHP has known security problems which are > independent of the programming style. PHP 5.1 and older are insecure, but I wasn't aware of any vulnerabilties in 5.2.0. As someone who writes PHP code for a living, I'd love to know what specific problems you're referring to. Thanks, Jonathon