Even if it has silly authentication bypasses from intentional snippets; they would be snippets and removable. People should learn what they are working with rather than blindly use everything and cry if there is a backdoor. Like, you have the code, just remove it.