PHP security just received more cyber ink as it were. Sometimes it just doesn’t pay to be on top, as PHP is for web application development. With this though comes the inevitable scrutiny of hackers. Coupled with this attention is the sad fact that many PHP apps are poorly coded from the start. That does not make for a very good mix, as we are starting to find out. Just like any other language one has to implement safe coding practices from the start. Security should not take a back seat to simply getting something to run. Not everyone pays attention to the SDLC framework but all programmers would be wise to pay attention to it. Likewise as network analysts it would be incumbent upon us to at least learn to how to understand PHP source code in an effort to spot code flaws.