Having seen my share of compromised sites, I wonder sometimes why anyone bothers to use PHP anymore. Surely the problem isn't PHP itself but that so many "web designers" use PHP without understanding why they do things the way they do. Discuss the stupidity you've seen in the wild.