Hi.
I have seen a topic in another forum that says that PHP is only for small to medium websites but it can’t be used for big websites. Is that true? 
[ot]It would matter to me if people thought I was a fool simply because: [LIST]
[]If I needed an answer, I may not get a good one
[]I spend time here to learn, as well as help people, if I was labeled as a fool, my help could be ignored, thus not making me want to contribute/visit SP
[/LIST]
just a thought
[/ot]
I just can’t hold myself from laughing to your statement, it’s so incredibly full of holes. I just hope no one who reads this topic will take your word for true since it’s implying so many false things.
All I said was that I won’t use any online banking applications that are not built with compiled executables.
I see no danger whatsoever in that at all.
if someone is able to read the source code you have bigger issues than anything that may be hardcoded (which it shouldn’t anyway)
You can use PHP in many cases… Even for desktop apps (with PHP-GTK)…
Well I agree with you but, seeing as how your name is Blue, I think you’re biased. Red > Blue.
Ultimately though, some languages - by convention or not can be more secure than others to a new programmer. But then again, why would you use one to build your next Facebook?
Then could you give me a reason why banks’ websites use .Net or Java?
Grasping at straws if I ever saw it
About Java I do not know exactly, but maybe because it’s quite old language!. About .Net because I think it is not open source and a large company (the largest actually) has been developed it. Not because of the company it is secure but because of the people work there who try to make it better in security, so you find banks and serious companies use it for their websites.
Saying either java or anything developed with .NET is more secure exactly like saying you don’t want to ride a blue bus because red one is safer.
It makes no sense and I can just laugh at this ignorant statement about not wanting to use something built with PHP because of security. You should back your statements at least with some facts, not with biased opinion. It prevents spreading the false information around.
The first two answers to your original post answered that question. After that, the discussion went a bit off topic 
COLBOL, COLBALT, eh same thing 
Erm, COBOL remains in wide use in the banking industry, especially on legacy systems, and it’s definitely not a compiled language kid.
I can’t verify if that is true in every single case or not.
You can program large applications in PHP just fine (just have to know how to do it correctly.)
For example, all these large applications are done in PHP…
Wordpress
ZenCart eCommerce
Drupal
Joomla
vBulletin
etc, etc, etc.
If no sensitive data is hardcoded you mean?
Hi,
All the server side scripting has its own vulnerabilities.
Many hosting billing softwares are built using php, even paypal transaction are made using php, you cant say php as insecure.
You do know that those “compiled executables” you’re referring to aren’t compiled into machine code? Banks use HTTP / browser to get in touch with customers, usually a Java applet is used.
Java runs by compiling to byte code which is then ran by the virtual machine.
The only difference between PHP and Java is that PHP is interpreted at every request, but that can be dealt with too.
So I am really wondering, what makes your incredible banking system so much more secure? You know that you can see in assembler what every piece of your executable does? I really don’t know why you brought the whole thing up, but a person well trained in programming and general computer / OS workings can get the information out had they gained the access to someone’s network.
After all, you’re using HTTP to send data back and forth if you’re a regular bank client so their choice of language has NOTHING to do with overall security of data-exchange.
And that makes a difference how? There’s no sensitive data stored in the source code…