With all the PHP security bugs, is Perl the better choice? (serious question)
I've been looking at PHP as a choice for a scripting language for a new dynamic e-commerce site.
But what I see here worries me security wise:
http://www.php.net/ChangeLog-4.php
Looking at the large number of bugs and fixes for security holes constantly popping up over time, I'm wondering if one would be better off with a Perl or Java Servlet/JSP solution for building a new e-commerce site.
Please, please, please -- know this is NOT flame bait or meant in any way to be anti PHP. The fact PHP is so popular speaks volumes as to it's value as a dynamic scripting language.
But for someone who wants first of all to have a SECURE e-commerce site website and back end -- and wants to minimize the chances of having their server cracked -- would some other option like a site developed in Perl (or Java servlets/JSP) be the better choice from a security standpoint?
I'm asking here because many of you have several years of experience with PHP, Perl, Java and other tools for building and hosting sites -- and thus can speak from a security perspective.
Please share your thoughts and point(s) of view on which language to pick so as to minimize the chances of having the sites one develops with the language of choice cracked. Is Perl better than PHP? What about Java? Something else?
Thanks you very much for sharing,
Louis
