Aniruddh Agarwal blogged A short tour of PHP, and this is one of the negatives he identified:
Community: I know. I said that PHPs community was an advantage to it, but it is also a disadvantage, because of BAD CODE. Beginners are not taught the best practices and they go on to write bad code and distribute it, either as answers on Stack Overflow or similar websites or blog about it, which encourages other beginners to adopt those practices. There is a lot of misinformation out there, and it is very difficult to separate the good from the bad. This is perhaps the worst thing about PHP, because PHP is an entry-level language and people learning it are usually not aware of the best practices.
This is spot on!
The existence of BAD CODE being copied and pasted by newcomers is probably the biggest source of exploitable security vulnerabilities in the entire industry.
The biggest offenders are often the highest ranking search results on Google and other search eng