Apologies if I sounded a bit critical in my original post, that wasn't my intent.
Thanks for the answers - I know about register_globals being deprecated but I haven't been keeping up with PHP for a while so I wasn't aware that v6 doesn't allow it at all.
Regarding "select *", would you guys accept patches for the instances where I've found these?
I understand the reluctance to use MySQL views (I've played with them a bit and they gave me some... interesting performance problems) and I guess that sprocs aren't really appropriate for ViciDial, as the code isn't doing anything esoteric with the DB.
However, one thing that worries me is the possibility of SQL injection in the PHP code. Are there any plans to address this in the future?
Finally, I have to congratulate and thank you for the ViciDial documentation - it's detailed, thorough and exactly what's needed for someone who's installing the system for the first time, which is a big (and extremely welcome) difference from the majority of open-source projects where documentation, if it exists, is either too technical or just plain unhelpful. That said, I'd appreciate some sort of technical reference on how ViciDial is structured, the reasons it was implemented as it is, etc.
edit: Another question, why is Asterisk 1.2 preferred for ViciDial, as opposed to 1.4?