Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:22187 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 98085 invoked by uid 1010); 7 Mar 2006 10:58:32 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 98070 invoked from network); 7 Mar 2006 10:58:32 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Mar 2006 10:58:32 -0000 X-Host-Fingerprint: 66.249.92.206 uproxy.gmail.com Linux 2.4/2.6 Received: from ([66.249.92.206:6598] helo=uproxy.gmail.com) by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP id B2/D4-22029-7576D044 for ; Tue, 07 Mar 2006 05:58:32 -0500 Received: by uproxy.gmail.com with SMTP id m2so683784uge for ; Tue, 07 Mar 2006 02:58:28 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=eC7EAn6QZMK71S38Rl9DAvRyJsyqbgoOqJv1t+dG3wmNm2EzU0n4iWvxkakYMzmaUWRyqywCOeTKz3OxOLncdVDaarZ7MUMOsuQtMyd33I57Xz9fqpnk1sI5wt4t4fdr89pUgo3OCIK+BJTA8TBf6rrxILZpVEeYlHg1wFRiuCg= Received: by 10.66.164.4 with SMTP id m4mr3317714uge; Tue, 07 Mar 2006 02:58:28 -0800 (PST) Received: by 10.67.26.18 with HTTP; Tue, 7 Mar 2006 02:58:28 -0800 (PST) Message-ID: Date: Tue, 7 Mar 2006 11:58:28 +0100 To: "Stefan Esser" Cc: internals@lists.php.net, "Derick Rethans" In-Reply-To: <440D649D.4080005@php.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20060305162128.5b1fdb86@localhost.localdomain> <20060306214619.5e6ec076@localhost.localdomain> <006301c641a5$17625f50$6600a8c0@binarysecfb111> <440D3C70.5040003@hardened-php.net> <440D3D7F.5080505@lerdorf.com> <440D3E24.2040101@hardened-php.net> <20060307112759.7ed7e9ec@localhost.localdomain> <440D649D.4080005@php.net> Subject: Re: [PHP-DEV] Re: Adieu register_globals From: pierre.php@gmail.com (Pierre) On 3/7/06, Stefan Esser wrote: > > >What is the point of detecting something that does not exist anymore? > > > >It is not a problem to add these checks and errors, only senseless. > > > >What is the reason to do it? PHP6 will require most applications to be > >ported, this problem will be their smallest problem and can be easily > >emulated in userland: > > > > > Forgive me if I am wrong, but MOST PHP applications are not using OOP. OOP is only a (small) part of the changes. > And I don't see why these applications have to be ported at all. But > once you remove the possibility to detect that these features are turned > off the applications can become insecure. Removing these features do not make application more or less secure. Developers who care about security do not rely on them. > And instead of removing the function set_magic_quotes_runtime() it > should better give a clear FATAL ERROR imho. Otherwise we will have > myriads of bugreports: set_magic_quotes_runtime() or (whatever function > removed) doesn't exist in my PHP anymore. I can take care of these bugs report and bogus them, really not a problem. > Giving the warning that the > script uses a feature that no longer exists and pointing to a document > describing why will save us a lot of work and trouble. It is a migration howto and a documentation problem. Either we keep them or we remove them, but having faked functions are not a good idea, or do we want to keep everything until php10? --Pierre