[d23]

So your argument is that the dangerous extension is deprecated as of a year and a half ago? Given that PHP has been around for nearly 20 years, it seems like your evidence supports my argument more than yours.

> PHP has moved on, if only the haters would too.

Unfortunately it's not that easy. A lot of those tutorials are still being read by newcomers, and a lot of the web is filled with vulnerabilities as a direct result of official documentation recommending insecure ways of interacting with the database.

PHP may be "in recovery," but that doesn't necessarily mean the bad taste will magically leave everyones' collective mouths. The damage has been done.

[zapt02]

The mysql extension is not dangerous in any way, don't spread FUD. The reason for not deprecating it sooner is that very large projects depend on it. These projects may have been ten years in the makings and aren't in any way unsafe because of the mysql extension. Software like WordPress and Drupal still use and support the mysql adapter and run on a huge percentage of the web today.

I agree a lot of people read insecure tutorials, but it allows even beginners to write fairly advanced web sites. If the choice is between easy and available and difficult and hard to use, I'd rather have the first option available. On the web, ideas, timing and execution is important, not how amazing your code looks on the backend. A lot of great software may not have been created had it not been for how easy PHP is to get started with. As a community we are trying to educate people to code properly. It's an ongoing process.