Well, TBH I wouldn't prefer either of them, I have had my share of security problems.
But if I absolutely must pick either of them, I'd guess the RoR guy since he could whip something mildly convenient up even with so little experience. But again, I wouldn't use it anything close to important things.
By the looks of it, RoR looks pretty tight on the side of security, because it's already recycling all the tedious bits of code you would have to rewrite each time to carry out say, a connection to your database. That's all nicely and neatly handled, big plus there. I think you'll find that there's a likely chance that you'll open up a security hole in php before you do in RoR depending soley on the size of the application.
Comments