[tomjen3]

Should all database use be frowned upon because injections are possible if you don't use them correctly?

[Pewpewarrows]

I hope you realize that this is the identical argument PHP developers made whenever someone brought up how insecure the base language, libraries, and configuration were.

Users of a framework should have to go out of their way to make themselves insecure. It shouldn't be insecure by default.