@sunslayer: You seem to be missing the point. If you involve a webserver, one of the three compromises must be made:
[] The security of the script must be compromised.
[] The script must lose abstraction and customisability.
[*] The script must become far more complex.
You seem to be saying that I can make the script less customisable (which some people would complain about), or that I can make the script more complex (which others would complain about) and secure the script. Am I correct?
@Jethro_: Learning about security is an essential, basic part of scripting. I think you're confusing "high horse" with "truth serum".