On 28 July 2015 18:33:31 BST, Matt Tait <matt.t...@gmail.com> wrote: >Hi all, > >I've written an RFC (and PoC) about automatic detection and blocking of >SQL >injection vulnerabilities directly from inside PHP via automated taint >analysis. > >https://wiki.php.net/rfc/sql_injection_protection Have you searched the list archive and wiki for previous discussions and prototypes of variable tainting? The idea may well have some legs, but there might be some interesting points from previous discussions to note in your RFC.
Also, 7.0 is already in beta, so your RFC will need to target 7.1 at the earliest. Regards, -- Rowan Collins [IMSoP]
