There's plenty of things you can do to improve the security of an open-source php application. The beauty of having it open-source is so that you can examine the code for yourself, and update potential security flaws. Honestly, I can't see anything wrong with that. Maybe that's why PHP is just the fastest growing programming language.

I also think that poor application security doesn't fall on any one programming language, it comes from the application developers. There's poorly written applications for any programming language, not just PHP.


--PuRe