On Wednesday, November 17, 2010 11:19:05 pm Philip Olson wrote: > > What are your inputs on this matter? > > I'm struggling with this topic. We must do something, but it's important to > understand that plenty of people unknowingly rely upon this security > feature that's still enabled by default. Granted 5.3 does generate > E_DEPRECATED errors when magical quotes are enabled, but is one minor PHP > version of errors enough to go from on to gone? > > So while those in the know (e.g., people who follow this list) find them > annoying and wish they never existed, what are the implications? I'm still > unsure how best to handle this situation but wanted to express these > feelings now. Whatever the case, the education effort towards data > filtering and sanitization requires a lot of improvement. > > Regards, > Philip
I won't miss magic quotes if they're removed, but I can see the argument for saying "not quite yet". Off-by-default is absolutely necessary if they're kept. (Dear god, you mean they aren't off by default already?) --Larry Garfield -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php