On Jul 17, 2011, at 5:56 PM, Stas Malyshev wrote: > Hi! > > On 7/17/11 5:46 PM, Philip Olson wrote: >>> And you rely on magic_quotes being on, right? Then you have peculiar >>> definition of "working perfectly". >> >> Nobody here said they rely on magic quotes, and that is not related to what >> a default value means, >> or how they are handled. > > We're discussing magic quotes. The quote was "My local ini file is 6 lines > long. Works perfectly.". So either one of these 6 lines resets magic_quotes > to 0 - which proves my point - or Richard considers application relying on > default of magic quotes - which is on - "working perfectly", which is just > wrong.
What is the proven point? That people shouldn't use magic quotes? Nobody here is arguing with that. But dismissing the fact that magic quotes is still enabled by default, because we distribute php.ini files that disable it, doesn't help. Now, saying it's worth killing despite it being enabled by default because it's bad and has been throwing E_DEPRECATED errors since PHP 5.3.0, and that our distributed php.ini files disable it, now that's an entirely different story. Such an argument would also look up our old php.ini-recommended settings and see it was disabled there as well. But fact is, nobody has done that, nor has there been a proper discussion or RFC on this topic for 5.4. The vote was premature. Would it have turned out differently had we done it properly? Probably, but at least we'd have a proper reference point for why we removed a security feature that was still enabled by default. And to be clear, I am not arguing for or against its removal, but rather, am arguing against how it was handled. Throwing 10 separate topics (some with and without RFCs) into one thread is a recipe for non-discussion. That's what happened here, with magic quotes removal being a part of it. </rant> Regards, Philip -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
