Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:100675
Return-Path: <lists@rhsoft.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 35066 invoked from network); 16 Sep 2017 12:37:43 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 16 Sep 2017 12:37:43 -0000
Authentication-Results: pb1.pair.com header.from=lists@rhsoft.net; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=lists@rhsoft.net; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain rhsoft.net designates 91.118.73.15 as permitted sender)
X-PHP-List-Original-Sender: lists@rhsoft.net
X-Host-Fingerprint: 91.118.73.15 mail.thelounge.net  
Received: from [91.118.73.15] ([91.118.73.15:64899] helo=mail.thelounge.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B5/91-19300-41B1DB95 for <internals@lists.php.net>; Sat, 16 Sep 2017 08:37:42 -0400
Received: from srv-rhsoft.rhsoft.net  (Authenticated sender: h.reindl@thelounge.net) by mail.thelounge.net (THELOUNGE MTA) with ESMTPSA id 3xvWxr6SCHzXMb
	for <internals@lists.php.net>; Sat, 16 Sep 2017 14:37:36 +0200 (CEST)
To: PHP Internals List <internals@lists.php.net>
References: <097578bf-ab74-44cf-a465-dc6fdd50930f@Spark>
 <c365aa35-ccbd-7862-0b23-c59bb74e78e9@rhsoft.net>
 <CADyq6s+8HzeRp1g43xP2hkteesi-oyyRRwqE6UdD9OEMdetQsA@mail.gmail.com>
 <CADyq6s+sJ-1LUMTU9yjy3mvMi-WusgaZ5-xOUC_wAFnJ6HCpbQ@mail.gmail.com>
Message-ID: <d6c3b015-1e7a-d024-571c-efa3e974005c@rhsoft.net>
Date: Sat, 16 Sep 2017 14:37:36 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <CADyq6s+sJ-1LUMTU9yjy3mvMi-WusgaZ5-xOUC_wAFnJ6HCpbQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: de-CH
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [RFC] Deprecate the extract function in PHP 7.3
From: lists@rhsoft.net ("lists@rhsoft.net")



Am 16.09.2017 um 13:48 schrieb Marco Pivetta:
> "then don't use it" worked great for `register_globals` and 
> `magic_quotes`. Not saying it is the same here, but you really ought to 
> have a bit of a mentality adjustment

so when it is not the same why do you mention it?

there is a difference between a config option which can change on each 
and every machine at every point in time and completly and then 
completly change behavior or a explicit function call

what is the next step in your logic?

remove foreach() because one could do foreach($_REQUEST as $key=>$var) 
to emulate extract() after you took it away?

PHP is a programming language and not a office software - it depends on 
the usecase and source of data to qualify a operation as safe and it's 
completly the responsibility of the programmer using a programming 
language, not yours