hi. We had a discussion about the magic_quotes removal that it is weird that even though that mq was deprecated in 5.3, we still have/had that enabled by default (if you didn't set it from the command line or through a php.ini, the default value which is set from the source by the PHP_INI_ENTRY_* macros). I would propose that the defaul values(PHP_INI_ENTRY_*) and the php.ini-production should be keep in sync as much as possible. for one thing, this would be less confusing (what do we mean by default? PHP_INI_ENTRY_* or the php.ini? why are they different? etc.), the second thing would be the principle of the fail-secure principle: usually the production settings are more secure and less verbose(display_errors for example). what do you think? of course, if this keeps traction, a proper RFC would be needed, but for now, I'm just throwing ideas.
-- Ferenc Kovács @Tyr43l - http://tyrael.hu -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
