PHP 'magic_quotes_gpc' Directive Security Bypass Weakness(web.nvd.nist.gov) |
PHP 'magic_quotes_gpc' Directive Security Bypass Weakness(web.nvd.nist.gov) |
Also, it never worked right ever since PHP supported more than just MySQL and mSQL (and even for these databases it doesn't work any more, especially since the advent of Unicode)
In fact, it works so badly that projects usually go out of their way to turn this mis-feature off or work around it before even looking at input data.
As such, I really think this is not newsworthy enough because applications still relying on this mis-feature already have different issues anyways (and are likely not running on hosts that can/want to update PHP)