I don't find these kinds of what-ifs very useful. I haven't used Rails, but does it somehow prevent you from accepting user input and programming it to go where you say you want it to go? Isn't there an element of "holding it wrong" with any language or framework?
Rails actually does do a good job of treating user input as dangerous and it can often detect when user input is being used in the wrong places like directly in to sql. And with industry standard tools like brakeman, you can have CI alert you of most cases where user input is not safely handled.
That's way too complicated for the person just starting out and wanting to add a counter to his small website.
Nobody starting out with programming today will start with Rails. They might start with Javascript, but more than likely they'll start with PHP. It's accessible and SIMPLE.
