Im not sure what’s so hard about doing it in PHP. Can I not just get all the data from the GET/POST-Data-Assocarray, get the form fields I want, and put them into a prepared statement to save them to the DB? What’s the vulnerability here? Maybe add an CSRF Token for extra security and I think you’re done, or am I missing something?
You are not. Its same security any other stack would do.
This “PHP security is terrible” is mostly because people remember stories from 20 year ago (when none of the cool stacks didnt even exist) and things like Worpdress the most targeted cms/framework in the world.
I have suspicion that if Vercel/next powered 60% of web than its security reputation wouldnt be great either.
PHP is flawed but so are all the other stacks. PHP is old but that doesnt mean its not being updated or up to date. If anything its boring.
