Mike sent me this book review of Pro PHP Security.
His joke: “528 pages? Didn’t these guys read your blog?”
I haven’t read the book, but it is obvious it’s going to be 528 pages, it is WROX, after all. 
If you are interested in a simple book on PHP security, I recommend Essential PHP Security instead. It shows that there is not much too PHP security and clocks in at a svelte 109 pages.
FWIW, I read this book because I received a free copy of this a while back from the publisher (perhaps contributing to my bias).
Speaking of compensating for something…
After reading the commentary on the review, I see nothing has changed. Ever notice how there can’t be an article on PHP on Slashdot without all these know-it-all ASP.NET, Java, Python, Perl, and Ruby web developers coming out of the woodwork to piss on PHP?
Perhaps that’s why PHP is the best language for web development: we’re the only advocates that actively express the limitations of our preferred language.
Not that all ASP.NET, Java, Python, Perl, and Ruby web developers are like that. The good ones are probably creating wonderful web applications instead of taking time off to espouse their pet theory as to why PHP enjoys an over 50% market share and their language doesn’t.
