Bzzzt... sorry, but that's a load of crap. Those same shortcuts you speak of, make code easier to follow, and hence easier to debug.
Dude, you don't know what you are talking about. These ugly kludges may make it easier to write insecure code, but often there is an inverse relationship between ease of writing and ease of reading, just look at Perl. PHP is a horribly designed language, it encourages insecure coding practices, and they don't even bother to keep the API stable from release to release. In short, PHP is a mess of a programming language.
You're arguing against my words, not against the spirit of what I was saying.
Are you kidding? You are seriously saying that I should ignore what you actually say and try to imagine what you are thinking instead?
That's a tired old forum tactic that I don't plan to indulge.
A tired old forum tactic called "rational debate".
Having said that, it (again) holds true that the more code you add, the more likely it is that something will go wrong. That's true in all concievable cases.
That is only true if you assume that all code is equal, but it isn't. 10 lines of secure code is better than 1 line of insecure code.
In the conversational sense, exploits are just a kind of bug.
Yes, and...? If A is a kind of B, that doesn't mean that A is the same as B.
That doesn't mean the exploits aren't there. I've never seen under your mattress, but that doesn't mean your sticky copy of equine weekly is a secret.
Now you are just rambling incoherently. Of course there could be unknown exploits in non-PHP apps on my server, the point is that there are two known exploits in the PHP apps, in addition to all the unknown exploits there might be.