They don't have to suddenly improve, they can learn and improve at a normal pace. Yes, of course they should not use PHP. But simply having them use languages, libraries and frameworks that are written by people who get security won't stop them from writing insecure applications to put into production. They still need to learn to write secure code too.
Wow, this is utterly worthless, if not harmful, advice. There is no correlation between choosing PHP for an application with the security of said application. PHP apps are so widely deployed that securing them is a pretty well-known process at this point.
Yeah, the constant stream of security holes in PHP because the developers are so bad they actually chased away the only person they had who cared about security is nothing to worry about. You can just dip your app in some magic security sauce and everything will be fine.
