[wp-hackers] Magic quotes "on" forever?
Mark Waterous
lists at watero.us
Thu May 6 18:56:57 UTC 2010
What about the possibility of adding it to an action so we can inform people
that it can be turned off and they can start learning to fend for
themselves?
It's been suggested that the current implementation is fairly easy to
circumvent and truly it is, however given the option to do it in one line
instead of hooking in and re-stripping all the super globals would seem to
suggest that people should start considering the implications of this in
their own applications. When it comes to the law, ignorance isn't an excuse,
and neither should it be when coding.
Come PHP 6 (with the current state of shared hosting, we should see full
implementation by 2032) magic_quotes_gpc() has mercifully been zapped from
the repertoire. I'd rather see WordPress push the envelope forward rather
than putting it on the backburner until everybody else has implemented the
same changes.
-Mark
-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com
[mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of John
Blackbourn
Sent: Thursday, May 06, 2010 11:32 AM
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] Magic quotes "on" forever?
Additionally, removing magic quote emulation would mean that plugins
would have to go back to checking for get_magic_quotes_gpc() (or a
similar WordPress function) and the whole reason WordPress emulates
magic quotes in the first place is to avoid this. So maybe we're stuck
with this forever?
I think more important is consistency, and that's what we've got at
the moment. Everything is magic quoted, and everyone knows this (and
if they don't they soon find out), so we're ok.
More information about the wp-hackers
mailing list