Both register_globals and Magic Quotes were implemented in PHP to help beginners who were learning to program in PHP or new to programming in general. One thing I noticed about the upgrade was that neither of the problems I encountered were major, but also that they weren’t related to the actual upgrade to version 5, as they both should have been taken care of already. It brings up the discussion of a good programmer versus a bad/lazy programmer. Most of the sites that had any issues, and the few that had major issues were ones that I had taken over and was hosting but didn’t initially create. The sites were not built so long ago that there was an excuse for using both register_globals and magic quotes, and it shows that having programming standards is important, and that keeping up to date with programming trends and upgrades to the programming language are very important. I’m glad I caught this before I upgraded to verion 6 when I possibly would have had a much harder time solving the problem.

… there is a wave of attacks going around targeting old WordPress blogs, particularly those on the 2.1 or 2.2 branch. They’re exploiting problems that have been fixed for a year or more. This typically manifests itself through hidden spam being put on your site, either in the post or in a directory, and people notice when they get dropped from Google.