This is so only for the core language with no libraries. API provided by PHP until recently typically provided convince over any notion of safety leading to terrible bugs.
For example, it is hard with C API for databases or templates to get SQL injection or XSS bugs. With PHP it is trivial and such usage still simpler than safer versions.
For example, it is hard with C API for databases or templates to get SQL injection or XSS bugs. With PHP it is trivial and such usage still simpler than safer versions.