On the NETTUTS.com website, there's a great article with some "essential security considerations" that you can use to see just how hackable your site could be.

This article walks through the brainstorming stage of planning for what is in this instance, a hypothetical user-centric web application. Although you won't be left with a complete project '" nor a market ready framework, my hope is that each of you, when faced with future workloads, may muse on the better practices described. So, without further ado...Are you sitting comfortably?

The tutorial is broken up into a few sections based around an example with a few points of failure (about book information). They work through the thought process behind the code, using the $_REQUEST variables correctly, preventing SQL injections, filtering the HTML output and a sample code download for you to see how it's all tied together.

The International PHP Magazine has conducted a poll over on their website, asking visitors what their top considerations were for choosing and working with a CMS. They've posted the results of that poll today.

The options provided for the poll were:

• How is it licensed?
• What is the language/environment?
• How long has it been around?
• Is it actively developed?
• Who is using it?
• Is there support?

The results show an overpowering victory for the "actively developed" category, with the licensing and language requirements tying for second place. The option the least number of people cared about? Who was using it...