I personally think PHP it blurs the line between a language and framework. The "framework" part is the 20,000 builtin functions and the mechanism it provides for executing code as part of a dynamic web request.
In any case, my intent wasn't to compare Django to PHP, it was to point out that PHP's default way of outputting things really does make it inconvenient to write secure code - hence answering the parent post that argued that poor security had nothing to do with the language used.
In any case, my intent wasn't to compare Django to PHP, it was to point out that PHP's default way of outputting things really does make it inconvenient to write secure code - hence answering the parent post that argued that poor security had nothing to do with the language used.