[TYPO3-core] PHP requirement version for TYPO3 4.0
Michael Stucki
michael at typo3.org
Tue Jan 3 12:34:18 CET 2006
Hi Michael & Co.
> > You never know how it is configured on the server side (unless it is
> > typo3.org or typo3.com :)).
>
> And you also never know whether they have register_globals on, or
> username=password on their telnet account. Do we really have to work
> every possible idiot messing with webservers?
Of course not, but here it is easy to provide a fix by still keeping PHP 4.1.x
compatibility. That was what Martin proposed yesterday: Check if the function
exists (applies for PHP 4.3+), otherwise use a workaround. No problem after
all!
> > addslashes does not escape *all* required characters.
> > mysql_real_escape_string takes into account all characters that should
> > be escaped.
> > mysql_real_escape_string *is* the correct way to escape parameters for
> > mysql.
> >
> > There is no need to raise PHP version requirements: use
> > mysql_real_escape_string if it is available and mysql_escape_string if
> > it is not.
>
> So the solution is to write yet another wrapper that wraps the various
> escape functions into one call?
No. addslashes has been used since the beginning of t3lib_db. Look at Martins
patch for details.
> AFAIK, even Debian Sarge has PHP 4.3, so are there any responsible
> webmasters on earth who still have lower versions installed on their
> C64? And do we need to support those?
It is not needed because of the above mentioned patch, so why should we force
people to update?
- michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.netfielders.de/pipermail/typo3-team-core/attachments/20060103/1979f947/attachment.pgp
More information about the TYPO3-team-core
mailing list