David Zülke wrote:
Yes, BC. magic_quotes is crappy/complicated enough to deal with already, please don't make it behave differently between PHP5 versions. No need to. Nobody should use it anymore, so there is no reason to change behavior again anyway.
What we seem to have here is a bug in a currently supported feature. You say twice that there's no reason to fix it, but I'd say that it's a rather crucial issue for anyone still using magic quotes. Of course they're already more vulnerable than not if they're using magic quotes, but this opens up yet another hole which we can easily fix.
The fact that nobody "should" be using it anymore is more of a matter for PHP6, from which it's been removed already.
By the way, there have already been BC changes with magic quotes in PHP5 - namely keys being escaped when it was turned off between 5.0.0 and 5.1.0.
Arpad -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
