With a response to the launch of the PHP Security Consortium, there will always be opinions from the community, and Robert Peake has posted his today.

PHPSEC, the PHP Security Consortium, has been launched. Ever since Marco Tabini's call to arms for the PHP community to rally around PHP for business, I have been thinking about how I can support the effort to bridge the gap between enterprise and the brilliant PHP coders I have met along the way. Having given it some thought, I have a lot to say about how to bring PHP to the conference table. Hopefully I can sketch out a little of my thinking in this post.

[...] However, a low barrier to entry means a lot of entries. Many programmers these days learn PHP as their first language, missing out on the intricacies of functional programming and lambda calculus or, worse, on memory allocation and casting in strongly typed languages. All of this, however, can be shored up over the course of a few good classes in computer science. What is harder to teach -- so much harder -- is good coding practice.

He continues on, talking about, because of the lack of security in a lot of PHP apps, they tend to be prone to three main things: maintainability, robustness, and, of course, hackers. One quote I like: The language has never been to blame. Perl, in fact, gives you more rope than PHP. Yet the sheer popularity of PHP has brought in such massive participation that it has come to this: we need standards now not only for evaluating coders but code.