"For those of you more familiar with PHP, imagine a feature like register_globals, but instead of injecting arbitrary form data into the global namespace, it injects arbitrary form data into the database. It might as well be called opt-in SQL injection, but even that's being too generous, because this is much easier to exploit than an SQL injection vulnerability."

Sigh.

Great video on the business side of running a web consultancy.

Great video of real-world CMS builders. Less code talk, more about the business decisions behind selling CMS. Talks about build vs buy and the CMS market in general. Compares Drupal to Rails.

Brings up several points on the advantages of Python and its frameworks over Ruby on Rails.