On Thu, 2010-11-18 at 18:34 +0200, Arvids Godjuks wrote: > As I remember correctly - taint's are designed to be used while developing. > > They can be used in production (and 4-5% performance hit for the > security isn't much until you run something really big), but mostly > people will test it out on dev and deploy on production without > taints. > Still, I'd like to see them implemented allready. Will be one big + for PHP :)
For people with proper development environments removing magic_quotes is a great thing. They (hopefully) know better what they are doing. The issue are users who have no idea what they are doing. So a development-only feature won't help. johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
