I don't know, seems like every site that doesn't use a framework is fantastically vulnerable to various hacks.
Let's face it, it is hard, really hard, to lock down every last vector of attack in anything but the most trivial web app. SQL injections are old hat, but even the big dogs get XSS vulnerabilities wrong. Using an established framework helps in making sure you don't make idiotic mistakes.
The article also goes on about 'lock in' here and there. What you call 'lock in', I call a shared understanding on how to do things, letting me understand other's code and collaborate more easily. I can look at any Django project and understand what's going on in a minute or two, because it is a standard. I doubt I can say the same for your custom PHP site, even if it makes perfect sense to you.
Can you explain how using Zend Framework automatically helps you with XSS? I do not believe Zend Controllers or Views automatically escape input or output.
Let's face it, it is hard, really hard, to lock down every last vector of attack in anything but the most trivial web app. SQL injections are old hat, but even the big dogs get XSS vulnerabilities wrong. Using an established framework helps in making sure you don't make idiotic mistakes.
The article also goes on about 'lock in' here and there. What you call 'lock in', I call a shared understanding on how to do things, letting me understand other's code and collaborate more easily. I can look at any Django project and understand what's going on in a minute or two, because it is a standard. I doubt I can say the same for your custom PHP site, even if it makes perfect sense to you.