I work professionally as a software engineer so I assure you I'm not talking pure crap. Trying to do anything in bare PHP will more than likely end up in a unmaintainable mess. An MVC framework will compartmentalise everything quite nicely and make future changes much quicker and simpler.
What a load of complete and utter tosh.
If not using a framework is messy then that must mean then framework itself is messy according to you.
How long would it take you to write your own role-based permissions system, or multi-step forms, or a CRUD control panel? With a framework those could just be config file changes, or a single command line to auto-generate a template-based basic control panel to get you start.
I made a control panel in a week originally then rewrote the whole thing a few years later in a few days without any 'frameworks'
Yes, you have to keep a framework updated. If you're writing code properly it should be rather straightforward as your code is separate from the framework's. Updating Symfony is just a simple git pull.
Yes you would think. How many companies are still using XP or outdated software? Loads.
Learning about security isn't the purpose of a framework - you learn about security by learning about security (and experience, of course). I'd put my eggs in the thoroughly unit-tested, open source framework basket than anything written adhoc anyday.
No it's not the purpose of a framework, but only a fool uses something which they do not understand, and if you haven't been through every single line of code in the framework (No need to say you have, I know you haven't) then you do not have a clue about it. Anyone can advertise anything wrongly on the internet and go unnoticed. Plus if there's a flaw or 0day discovered in the framework, it's not just one site that can be exploited, IT IS EVERY SITE that uses that framework, and finding sites using it won't be hard using google won't be hard due to you having to acknowledge that you are using the framework.
Ridiculous. For one, string operations are quite expensive, and two, if your database is noticably slower because you added a single extra column then you've probably got other problems like misconfiguration, no-cache, or simply bad hardware.
String operations aren't expensive on today's hardware. And as I said, in an ENTERPRISE environment, the space an extra column takes up is huge, it's got padding and all sorts in the database files themselves.