I'm in the process of building a web GPS positioning application for surveying applications. Algorithms for data processing and position estimation will be taken from an open source C library for GPS measurements processing.
As I haven't any previous experience on web development of large-scale application and my skills on scripting languages are inadequate, I decided to choose the C++ web framework Wt, as I found it easy to learn, well supported, suitable for my application and I have to write code in a language that I'm familiar with.
My question is, can I use it to completely hide the C code, which is the backbone of my project but has a large number of unsafe functions (printf, sprintf and such)?
The short answer is that yes, you can -- but doing so won't always be entirely trivial. Wt does a lot of sanitize your inputs, so it's generally not terribly difficult to keep your code safe, but it's still possible to screw up if (for example) you tell it to accept 2000 characters, but internally somewhere only leave space for, say, 200 instead.
At the same time, the definite intent of Wt is that it handles most obvious security issues itself, so your code mostly doesn't have to. At least as far as I know it's fairly successful at that (though, in fairness, I haven't used it a huge amount, so it's always possible there's something I've missed).