Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:42154
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 13450 invoked from network); 8 Dec 2008 15:57:21 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Dec 2008 15:57:21 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.198.224 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.198.224 rv-out-0506.google.com  
Received: from [209.85.198.224] ([209.85.198.224:52113] helo=rv-out-0506.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 1B/25-21579-0E34D394 for <internals@lists.php.net>; Mon, 08 Dec 2008 10:57:20 -0500
Received: by rv-out-0506.google.com with SMTP id g37so1208250rvb.23
        for <internals@lists.php.net>; Mon, 08 Dec 2008 07:57:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:to
         :subject:cc:in-reply-to:mime-version:content-type
         :content-transfer-encoding:content-disposition:references;
        bh=UNN3e51T4DhnkIcWmmFFiaBXdAIrZTRlTr/Hip3X3rg=;
        b=Amn3DKrn2g9Z3JpFm5QEcwizeGLWAFdCdfNhax5Sg5aWhfLo+u788Xn3p0fSlr1pZD
         xXWtC3RnKriLOZB/YEnHuVcbdd7F0vPu9l7M1xbCIhVAKC1aW3xLMcTEunkYizCcVSzf
         6b26kxurxLWmaTfU1oI79cGvxa1a43jnuauag=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:to:subject:cc:in-reply-to:mime-version
         :content-type:content-transfer-encoding:content-disposition
         :references;
        b=SskQudhrEoKC5Ky//1D5rPDc5wRb8KaiFG+a/Y3uujTvYQxL/805UQ1ods4XTXp5iu
         YpzcBNqxjpN6Lx4R7xEVS7HaVfudhAD8NEAHaDyl8nQbbYojGsyCnFXgWYuNuT6WTg1Y
         yBeGmCrydaW2+jvo6RmzdLG80vRkcCBkJRwNw=
Received: by 10.141.206.13 with SMTP id i13mr413412rvq.215.1228751837978;
        Mon, 08 Dec 2008 07:57:17 -0800 (PST)
Received: by 10.140.165.15 with HTTP; Mon, 8 Dec 2008 07:57:17 -0800 (PST)
Message-ID: <fe05d1540812080757r417038d0ib768cbd8990be228@mail.gmail.com>
Date: Mon, 8 Dec 2008 16:57:17 +0100
To: "=?ISO-8859-1?Q?Johannes_Schl=FCter?=" <johannes@php.net>
Cc: "PHP Internals List" <internals@lists.php.net>, 
	"Hannes Magnusson" <bjori@php.net>
In-Reply-To: <1228751251.3429.18.camel@goldfinger.johannes.nop>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <1228751251.3429.18.camel@goldfinger.johannes.nop>
Subject: Re: [PHP-DEV] About dropping magic_quotes in 5.3 (was: Re: [PHP-DEV] Re: PHP 5.2.7 + magic_quotes_gpc broken)
From: pierre.php@gmail.com ("Pierre Joye")

On Mon, Dec 8, 2008 at 4:47 PM, Johannes Schl=FCter <johannes@php.net> wrot=
e:
> Hi,
>
> let's take this to a new thread so it'S not hidden in other discussions:
>
> On Mon, 2008-12-08 at 16:06 +0100, Hannes Magnusson wrote:
>> > I do not think it is necessary for 5.3. It is an alpha release after
>> > all and seriously, anyone who plans to move to 5.3.0 and still
>> > relies on magic quotes gpc is likely to have more issues as well.
>>
>> Time to turn it off by default then?
>
> Getting rid of magic_quotes would be really nice but has a very big
> "BUT".
>
> Many things (I won't call it "applications" or something...) out there
> are accidentially more or less safe due to magic_quotes. Many of these
> things were written by people with, at most, basic understanding of the
> what they are doing and now are running at some random hosting company
> on a $9.99/year (no idea what today's prices are)
>
> When dropping magic_quotes the hosting company can do one of two things:
>
> a) not update to 5.3 so we either have to maintain 5.2 for some time or
> let them have problems

+1

I already discussed the possibility to maintain the 5.2 branch after
5.3-final (irc and some meetings) and I like to do it (in any case). I
do think it is something to do but only for critical bug fixes
(security or crash only).

We may say that it is the job of the distributors, but I'd to
disagree. It is critical for us to provide sources and binary releases
of a stable branch officially, even after a newer branch has been
released.

Cheers,
--=20
Pierre

http://blog.thepimp.net | http://www.libgd.org