Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:28723
Return-Path: <dz@bitxtender.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 65689 invoked by uid 1010); 10 Apr 2007 07:28:20 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 65673 invoked from network); 10 Apr 2007 07:28:20 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 Apr 2007 07:28:20 -0000
Authentication-Results: pb1.pair.com smtp.mail=dz@bitxtender.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=dz@bitxtender.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain bitxtender.com from 80.237.132.12 cause and error)
X-PHP-List-Original-Sender: dz@bitxtender.com
X-Host-Fingerprint: 80.237.132.12 wp005.webpack.hosteurope.de  
Received: from [80.237.132.12] ([80.237.132.12:45628] helo=wp005.webpack.hosteurope.de)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id FE/A5-07663-19C3B164 for <internals@lists.php.net>; Tue, 10 Apr 2007 03:28:19 -0400
Received: from [217.7.205.2] (helo=[10.100.1.89]); authenticated
	by wp005.webpack.hosteurope.de running ExIM  using esmtpsa (TLSv1:RC4-SHA:128)
	id 1HbAlz-0007mi-60; Tue, 10 Apr 2007 09:28:15 +0200
In-Reply-To: <4617A86C.3030007@rajeczy.com>
References: <4617A86C.3030007@rajeczy.com>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-ID: <79D5DACA-8AFE-4265-A1D6-11BAB72EA158@bitxtender.com>
Cc: internals@lists.php.net
Content-Transfer-Encoding: 7bit
Date: Tue, 10 Apr 2007 09:28:14 +0200
To: Arpad Ray <arpad@rajeczy.com>
X-Mailer: Apple Mail (2.752.2)
X-bounce-key: webpack.hosteurope.de;dz@bitxtender.com;1176190099;cc64cf7e;
Subject: Re: [PHP-DEV] magic_quotes_gpc behaviour
From: dz@bitxtender.com (=?ISO-8859-1?Q?David_Z=FClke?=)

Am 09.04.2007 um 15:41 schrieb Arpad Ray:
> Arpad Ray wrote:
>> So, is this behaviour deliberate, and if so, what's the rationale?
>>
>
> The problem seems to be in (5.2.x CVS) php_variables.c, lines 161-166:
>
>                if (PG(magic_quotes_gpc) && (index != var)) {
>                    /* no need to addslashes() the index if it's the  
> main variable name */
>                    escaped_index = php_addslashes(index, index_len,  
> &index_len, 0 TSRMLS_CC);
>                } else {
>                    escaped_index = index;
>                }
>
> If "&& (index != var)" is removed, all keys are escaped as  
> expected. The equivalent line for keys of scalar variables (198)  
> lacks this check since 5.0.0, and since then it has escaped them  
> correctly. It's still there in the 4.4 branch.
>
> Is there any reason not to remove this check, at least in the 5.2  
> branch?

Yes, BC. magic_quotes is crappy/complicated enough to deal with  
already, please don't make it behave differently between PHP5  
versions. No need to. Nobody should use it anymore, so there is no  
reason to change behavior again anyway.


David