"Oh, yeah, that's easy."
I'm wondering what prompts people to react that way. Especially when I tell them I want to add functionality X, and they cheerfully tell me: "Oh, just use library Y -- easy!" Until you look into library Y and discover that it doesn't, in fact, offer functionality X. Apparently library Y is so easy that you don't need personal experience with it to know that it is easily implemented...
I know making a site is easy: just create a database table, make a page to enter stuff into the database, and make another to show it. Sure, that's easy.
But it's hard to do it right. Trust me on that: I spent five years building sites as my day-job, and back there I had the advantage of a full-fledged CMS to build upon. Making a site is easy. But making a site that has lots of functionality that isn't easily hackable is hard.
Right now, I'm building a functionality to leave a comment on an entry. Easy, right? Again, a simple database table, a page to enter your comment and a page to display the comments. We've seen it hundreds of times on various weblogs.
But what about sanitising the entered comment? Because I sure as hell don't want my site to become a vector of XSS attacks. And that is where the 'easyness' breaks down: there are umpteen libraries and shortcuts, all with their own vulnerabilities. Obviously, a simple regexp doesn't cut it, and I could simply strip out all the links and stuff, but I don't want that -- I want to offer a richer experience. I could use BBCode-like stuff, but I hate pseudo-HTML and it adds another learning curve.
There's a lot of hidden complexity in building sites, that most people never even get to see. And if you build a quick intranet-site, you don't have to concern yourself over it. But an outward-facing site that is open to the public, that offers interactivity? Just don't bring your "that's easy"-mentality over, because it will bite you in the ass later.