PHP had the unique fun of when an attacker was able to write files to the server they could literally write new PHP files and get them to execute. I miss that worry somehow
You can do that or something similarly bad in pretty much any language if you have write access to where the files are. That's really a server misconfiguration problem, not php problem.
Huge misfortune of php is that because of the timing and huge popularity in relatively early days of web it got to be permanently associated with amateurs doing stupid shit. I was part of that early era, so trust me that php4 as bad as it was, was still fantastic compared to writing CGI scripts in C, or running mod_perl that you had to restart every time you edit some file.
Huge misfortune of php is that because of the timing and huge popularity in relatively early days of web it got to be permanently associated with amateurs doing stupid shit. I was part of that early era, so trust me that php4 as bad as it was, was still fantastic compared to writing CGI scripts in C, or running mod_perl that you had to restart every time you edit some file.