Given all of these types of attacks and the stakes involved in building a web application, you'll rarely (if ever) meet a developer who will publically say, “Security isn't important.” In fact, you'll likely hear the opposite, communicated in strident tones, that security is extremely important. However, in most cases, security is often treated as an afterthought.
Think about any of the projects you've been on lately and you'll agree that this is an honest statement. If you're a typical PHP developer working on a typical project, what are the three things you leave for last?
Without pausing to reflect, you can probably just reel them off: usability, documentation, and security.
This isn't some ...