More bad stuff:
Update: broquaint pointed out that PHP does have support for placeholders, which is a good thing. I must say that none of the PHP developers I've spoken to, has ever even heard of them. So use of placeholders in PHP doesn't seem very commonplace. However, my complaint on the automatic addition of backslashes on special characters in form variables still stands, which was my main gripe in that point.
The phrase "It has about as much support for placeholders as perl does natively" is one I just cannot grok. Perl does not have native SQL database support without DBI. DBI is the way to access SQL databases in Perl. Using placeholders is one of the first things you learn there. OTOH, AFAIK they're hardly even mentioned on PHP's manual website, and only under Oracle and ODBC. Don't you just hate it that every database has its own kind of access functions.