Yes, that is exactly the way to go. To quote Yoda (and he would
know): "Do, or do not. There is no try.". Or, in contemporary
words: do things 100% properly, but if that is not possible, take a
step back and spare the world some half arsed attempt.
This makes no sense to me. There is nothing like 100% secure as long
as you dont pull the plug on the entire application. The only secure
application is one that hasnt been deployed anywhere. So the
question boils down to more "does this increase security
sufficiently to make the draw backs acceptable".
And the answer is "no" ;) That's my point! Because one of the
drawbacks is that it won't cut down the number of dumb ignorants who
don't care about that stuff. Why would they, "teh PHP is making things
hax0r proof now" after all.
David
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php