I started using superglobals since 4.x; not even thinking about it
from a security angle per se, but because it just makes sense to know
the source of where your input data is coming from. I guess
technically security is a byproduct of that thinking too.
On Jul 29, 2008, at 7:31 PM, VamVan <vamseevan@xxxxxxxxx> wrote:
Its because PHP got really famous with version 4.0 and many people
actually converted their CGI or other websites in to PHP 4 websites
because it was easy and cheap. But 5.0 brought too many changes like
serious OOPS and register global concepts for security, which is
useful but made transition difficult. I feel thats why PHP 4 is
still supported.
Its not only the language that has changed, but also people had to
upgrade their skill set and there was some learning curve involved.
Unfortunately everyone fell in the trap of register globals which
was not dealt until php 4.3.1 as a security concept. Pear and Pecl
were there but everyone was pretty much writing all the code
(reinventing the wheel) from scratch. This brings in huge code base
to change.
I liked PHP because intitially it was a procedural langauge and it
resembled C. But now with OOPS you can build powerful websites which
is good.
There are many other cases but I feel strongly this is what makes
them still support PHP 4.
Thanks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
