I observed that Joomla uses less secure
var type for variables in classes
During my own
components,plugins,modules must i follow this convention or make use of a safer private, public and guarded key phrases.
Joomla's roots have been in PHP 4, (so that as @Palantir notes, they can still support it!).
It's very hard to "add" PHP 5's new OOP features like
protected to some complex system like this. You will find a lot of dependencies to understand, and an excessive amount of possibility of obscure bugs.
They'll most likely start showing up later on when PHP 4 support is dropped (should not be lengthy any longer), and areas of the machine undergo a simple rewrite.
That's to become suitable for PHP4, which doesn't allow access modifiers and depends on the var keyword. See needs here: http://www.joomla.org/technical-requirements.html, they support PHP4, though they don't recommend it.