Via Chris' blog, I came across this posting that discusses the perceived lack of security in PHP. Others have already made excellent points in response to the author's claims'"which, basically, boil down to the fact that he seems to confuse security with a limitation in functionality.

What? Is he serious? Well, yes'"and for one simple reason: security means different things to different people. The level of input filtering that may be needed for my software does not necessarily fit the requirements of other people's needs. The goal of the language is to remain as simple, powerful and efficient as possible. It is then up to the developer to determine the level of additional functionality that he requires and implement it'"and that includes security.

He goes on mentioning things like the Zend Framework and eZ Systems - all development platforms that are working to provide a secure environment for any developer to work in. Of course, not all developers need that much "protection" in their code, and are happy to work within something a bit more lean (he gives an example of Rasmus)...