On Mon, 22 Jul 2002, Greg Donald wrote: > Not only did I get to re-write all my apps the past few months because of > the new register_globals default that was imposed by `the php group`...
You didn't have to. The choice was given to you, for your own good. If you have very disciplined programmers and a solid auditing process, you can still do just fine with register_globals on. > Now I get to upgrade my PHP install once a month or so cause of new > security holes.. Yay! Vastly preferable to the alternative: Brand X, where security holes go unpatched. The PHP group fixed the problem immediately. > Wasn't this new register_globals setting supposed to enhance security? Now there's a non-sequitur if ever I saw one. "What do you mean I have to stop running across the freeway? I thought giving up smoking was supposed to enhance my health." > How would you like to be a sys admin with dozens of machines to upgrade > before you can proceed with anythign else? I upgraded dozens of machines. It took about 10 minutes total. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php