Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:53933
Return-Path: <tyra3l@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 98970 invoked from network); 13 Jul 2011 18:11:19 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 13 Jul 2011 18:11:19 -0000
Authentication-Results: pb1.pair.com smtp.mail=tyra3l@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=tyra3l@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.42 as permitted sender)
X-PHP-List-Original-Sender: tyra3l@gmail.com
X-Host-Fingerprint: 209.85.218.42 mail-yi0-f42.google.com  
Received: from [209.85.218.42] ([209.85.218.42:39652] helo=mail-yi0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 96/E0-24992-7CFDD1E4 for <internals@lists.php.net>; Wed, 13 Jul 2011 14:11:19 -0400
Received: by yih10 with SMTP id 10so2868532yih.29
        for <internals@lists.php.net>; Wed, 13 Jul 2011 11:11:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        bh=iNXnAuTdKjLU2oqoqWb6cmCLVVJdk4fon+/pmw53YfA=;
        b=VZhjF/ZTQ1mz2RrhP4Kud1Vqm/3m9/NIABY0lLKQlPH7trHkKVFHKhYWezns5qyqWB
         8cjWdXbrtMBJWmBfqk+U7vNU6x8SFFvg2Rdqg3wg8k4lb4M+ZKXunfo1Ktzpy4Fs1FS+
         otuQLA1VFC7fQHVv8O9mw6TzAyetPHTQ5HHXI=
MIME-Version: 1.0
Received: by 10.151.112.16 with SMTP id p16mr1464672ybm.252.1310580676483;
 Wed, 13 Jul 2011 11:11:16 -0700 (PDT)
Received: by 10.147.38.17 with HTTP; Wed, 13 Jul 2011 11:11:16 -0700 (PDT)
In-Reply-To: <4E1DC072.8080300@sugarcrm.com>
References: <4E17F5A0.3070409@sugarcrm.com>
	<BC37F785-39A7-4A38-ADBD-482C7D87438B@roshambo.org>
	<4E1B9343.3090000@sugarcrm.com>
	<967B58EB-C704-40CD-AFEE-D0CA2192F4FA@roshambo.org>
	<4E1DC072.8080300@sugarcrm.com>
Date: Wed, 13 Jul 2011 20:11:16 +0200
Message-ID: <CAH-PCH7=08Pqq=5-Z5BA1wpc8sXcS20ohmsq8FGnDm-yQGqbyQ@mail.gmail.com>
To: Stas Malyshev <smalyshev@sugarcrm.com>
Cc: Philip Olson <philip@roshambo.org>, PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] [VOTE] 5.4 features vote
From: tyra3l@gmail.com (Ferenc Kovacs)

On Wed, Jul 13, 2011 at 5:57 PM, Stas Malyshev <smalyshev@sugarcrm.com> wro=
te:
> Hi!
>
> On 7/13/11 8:55 AM, Philip Olson wrote:
>>
>> But this topic (removing magic quotes from 5.4) was not proposed on
>> this list, so the vote feels premature. The only related RFC on the
>> matter involves PHP 6, and it isn't specific to MQ. Granted we all
>> don't like MQ, but this "security" feature is enabled by default
>> today so skipping discussion to a simple vote for removal feels
>> wrong.
>
> It was proposed 2 weeks ago, along with other items. If you have anything=
 to
> add now, please do so.

for the record, we had a lenghtly discussion back in november:
http://www.mail-archive.com/internals@lists.php.net/msg48407.html

the general reception was toward removing it for 5.4, but there were
serious concerns about removing it also.
I would also change my vote, I would go with keeping it deprecated,
but turning it off by default (currently it isn't done, but the
suggested development/production inis have this turned off), and
remove it with the next minor version bump.
if we have minor releases in the same timeframe as between 5.3 and
5.4, I'm fine with this.
hopefully the security documentation will be in the better shape and
we can figure out how to communicate such changes better to minimalize
the impact.

--=20
Ferenc Kov=C3=A1cs
@Tyr43l - http://tyrael.hu