Welcome to WebmasterWorld Guest from 188.8.131.52
I know larger institutions traditionally prefer Java or some form of CGI but I'd like to know peoples' opinions - do they think attitudes to PHP are different now?
your thoughts appreciated,
Also, PHP is OO and has lots of advantages.
But the adage "a little bit of knowledge is dangerous" exists in PHP exponentially. The inline ability of PHP allows the inexperienced to create tangled spaghetti code; there are millions of PHP apps being deployed live without a single line of code to insure security; many of the scripts/site's I've reviewed clearly display a set of inexperienced hands in terms of convoluted logic and duct - taped inefficient solutions.
The question, however, really can't be answered with anything but a "yes." PHP has had security flaws and are easily exposed by a PCI compliance scan, but have been patched. I'm sure more will arise with time, but so it is with any language. You don't get this with Perl as much because, well, it's all old news. :-P
The trust issues with PHP are with who's writing it, and how well it's coded.
I know larger institutions traditionally prefer . . .
Banks, in particular, are more likely to tend toward a Windows-based solution, like .net or .asp, for one good reason that I can think of. Many of their most secure stuff is likely to be on internal servers, and their applications are likely to be written for Windows-based machines, and any public servers will likely have to integrate with these. So if a bank doesn't "trust" PHP, it's most likely because it won't integrate as easily what internal systems. Which is not really an issue of trust.