Ron Korving writes: > Personally, I think include is just fine the way it is.
Google for "php security flaw". Do you think *that's* fine the way it is? Clearly, the fact that you can turn this behavior off suggests that somebody has noticed that it's badly designed. Rather than say, as some people have, "Well, just turn it off if you don't like it" or "Well, program around it by checking your data" or "php isn't a babysitter", it would be better to fix the flaw in the language that requires the flag to turn off the misdesigned behavior. If the very first thing you have to do with a language feature is make sure that it doesn't function as designed (which is to execute hostile content with local privileges), then clearly the design of that feature is wrong. -- --My blog is at blog.russnelson.com | If you want to find Crynwr sells support for free software | PGPok | injustice in economic 521 Pleasant Valley Rd. | +1 315-323-1241 | affairs, look for the Potsdam, NY 13676-3213 | | hand of a legislator. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
