I shouldn’t have to say this, but I guess I have to anyways.
Interpreted languages are bad. Mmkay? Don’t use interpreted languages.
Blackhat researches did some experimenting with the most popular interpreted application frameworks and had some scary results:
Now, look at PHP. CONSTANTS can execute code on the host. Unbelievable. Yes, I know the blog runs on WP and is PHP based. I will be migrating this blog to a more secure format in the future. Until then, I promise not to write an PHP with constants in it.CodeProject