[savethefuture]

What are you getting out of this? He worked on php and look how far it came, what have you done?

Your own website was written in php which you took down due to a security vulnerability in a framework... now is it php fault that someone wrote vulnerable code?

"Temporarily offline due to Drupal security vulnerability."

[DonHopkins]

When did I blame php for Drupalgeddon? My web site says "Drupal security vulnerability", not "PHP security vulnerability", so I don't know where you're getting that from.

Back to the point: We're discussing mysql_real_escape_string. What's your excuse for it even existing in the first place, instead of simply fixing the security hole in the original mysql not-so-real escape string function?

Melania Trump's "I REALLY DON'T CARE DO U?" jacket sums up Rasmus Lerdorf's attitude towards security, software quality, programming, stardards, computer science, and unit tests. I just quoted his own words and bug reports that prove that point.

Do you like to leave loaded AK47s strewn around daycare centers, then blame the kids when they shoot each other? Is it ok if after the massacre you realized you made a mistake, and then scatter a few Nerf Guns around so the smart experienced kids who survived will have something safe to play with, but you still leave all the loaded AK47s?

[savethefuture]

I asked what you did. Then asked if drupals security was phps fault.

Are you seriously this butthurt about a function name, look up where the name came from originally. I also wonder what magical perfect language you use, dont tell me its php...

Not sure where you're going with the rest of this comment so I wont entertain that part. whew...

[oblio]

Survivor bias. For Rasmus there were 10000 other developers which have been relegated to just annoying their fellow enterprise coders.

It looks a lot more like someone there at the right place and the right time.