Hi, on my previous mail I missed one thing:
On Fri, 2010-04-09 at 00:48 +0200, Kalle Sommer Nielsen wrote: > magic_quotes_* > - Something we have long time been wanted to remove from PHP, I don't > see a big reason to keep those in the next version, even if its going > to be a 5.4, since we already removed things like > zend.ze1_compatibility_mode. See the magic quotes RFC[4]. Removing magic_quotes would be soooooooooooo great. BUT the issue is that most users don't know about it. Many applications are more or less secure due to its existence. The apps aren't fully secure but a few less vectors. I'm - for a while - thinking whether there is a way to notify application developers about applications which run with m_q=On but no check for it. As unless they are aware of it this will break many things where people don't read the upgrading guides. With the old PHP 6 I hoped the break was big enough. Now I'm not sure. johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
