Frameworks are developer’s best friends. Frameworks are sets of libraries, scripts or piece of code reusable by developers. To make things more simple, why re-invent the wheel?
There exist frameworks for all development platforms like .Net for Microsoft IIS or Zend for PHP.
ZionSecurity, a Belgian security firm, released a white paper about the usage of the Zend framework associated with OWASP ESAPI (Enterprise Security API). They compared the methodologies deployed by both Zend and ESAPI to protect web applications against the most common vulnerabilities. The conclusion is a lack of security controls in the Zend framework (it focuses more on performance than pure security). The while paper is available here (after registration).
ZionSecurity focused in this case on Zend but I’m sure that the same study can be performed against others frameworks. A good reading for developers. Stay secure!