Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:50392 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 47657 invoked from network); 19 Nov 2010 16:14:20 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Nov 2010 16:14:20 -0000 Authentication-Results: pb1.pair.com smtp.mail=danielc@analysisandsolutions.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=danielc@analysisandsolutions.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain analysisandsolutions.com from 166.84.1.73 cause and error) X-PHP-List-Original-Sender: danielc@analysisandsolutions.com X-Host-Fingerprint: 166.84.1.73 mail2.panix.com Received: from [166.84.1.73] ([166.84.1.73:50246] helo=mail2.panix.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 21/90-44146-A52A6EC4 for ; Fri, 19 Nov 2010 11:14:19 -0500 Received: from panix5.panix.com (panix5.panix.com [166.84.1.5]) by mail2.panix.com (Postfix) with ESMTP id 35CA938E46 for ; Fri, 19 Nov 2010 11:14:16 -0500 (EST) Received: by panix5.panix.com (Postfix, from userid 14662) id 1C6AE2424E; Fri, 19 Nov 2010 11:14:16 -0500 (EST) Date: Fri, 19 Nov 2010 11:14:16 -0500 To: PHP Internals List Message-ID: <20101119161415.GA21178@panix.com> References: <6628E909-5B8E-4FB4-A28F-ECAF7FCA27AB@roshambo.org> <201011172340.37217.larry@garfieldtech.com> <20101118162047.GA26431@panix.com> <1290097549.16819.180.camel@guybrush> <20101119151702.GA5937@panix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.18 (2008-05-17) Subject: Re: [PHP-DEV] Magic quotes in trunk From: danielc@analysisandsolutions.com (Daniel Convissor) On Fri, Nov 19, 2010 at 04:41:48PM +0100, Ferenc Kovacs wrote: > you can get pwn3d with magic_quotes_gpc = On That goes without saying. None the less, it will be problematic for PHP to disable/remove a "security" feature that some people rely on. --Dan -- T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y data intensive web and database programming http://www.AnalysisAndSolutions.com/ 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409