3 replies to this topic

[php2ranjan]

Hi

hey guys i am new to php and i will to choose my career in php or java or .net . i want to know which language is highly secure . which language
has major scope and future.

plz suggest me

[Shoel]

Hi php2ranjan,

Welcome to PHPTalk.com!

When it comes to web application security, I would say there are two factors which matters more than the language itself. The first being that the server environment (including for an example the PHP + apache install and configuration) needs to be hardened and kept up to date / patched for security holes/bugs. Secondly; the most common way of attacking these applications is by injecting malicious code, commands or sql into forms or the URL - whereby the application will execute it if the input values are not properly handled/escaped. If you know what you are doing and take certain precautions, I think most of the mainstream languages available for web development today are reasonably secure.

As for what will be the best choice career wise for you, this depends a little on what might be needed locally where you live (or plan to live), what you like to do, and how good you think you can get at it.

PHP is by far the most popular language used today for the front end of web sites/services, but there are also a lot of people who walk around thinking they 'know' PHP... so there's some competition there. In reality, however, it's far between the really skilled PHP developers. If you have what it takes to become a good developer (intelligence, good sense of logic, some creativity, etc) and are aiming to take the job seriously and become one of the best in your field.. there's always room for you somewhere. I don't have a crystal ball into the future, so I can't really predict how it will be 10-20-30 years ahead in time.. but I do expect PHP has a good chance of continuing as a fairly dominant language for the foreseeable future. Whether it will be the best option for you, I can't really answer. For web development it's definitely my personal preference.

Once you get the basic concepts of programming, it's not THAT hard to get started on a new language if needed. Personally I started my venture into the world of programming with Java - because it is highly versatile, being an option both for computer application development and web-related applications (not to mention cross-platform), and because I wanted to learn things like OOP properly to have a good foundation to build on. Since then I have mastered numerous languages, and I will be able to adapt if new ones are introduced in the future.

- S.

[Gustavo el Geranie]

Since you are talking about PHP, I guess you are talking about web development.
There is no language for web development that is secure in itself. Most security holes are not related to problems within the programming language, but rather to poor use of the language.
Check the OWASP(Open Web Application Security Project) and it's top ten list of web application security risks to get an overview.

[Shoel]

Gustavo el Geranie, on 14 September 2010 - 06:46 AM, said:

Most security holes are not related to problems within the programming language, but rather to poor use of the language.

Exactly.