Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:14569 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 96659 invoked by uid 1010); 3 Feb 2005 15:26:56 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 96592 invoked from network); 3 Feb 2005 15:26:55 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 3 Feb 2005 15:26:55 -0000 X-Host-Fingerprint: 192.38.9.232 gw2.emini.dk Linux 2.4/2.6 Received: from ([192.38.9.232:19288] helo=gw2.emini.dk) by pb1.pair.com (ecelerity HEAD (r4105:4106)) with SMTP id 6E/52-29932-EB242024 for ; Thu, 03 Feb 2005 10:26:55 -0500 Received: from foxbox (IGLD-83-130-23-99.inter.net.il [83.130.23.99]) by gw2.emini.dk (Postfix) with ESMTP id 4AF1B31ECE; Thu, 3 Feb 2005 16:26:47 +0100 (CET) Message-ID: <00b001c50a04$c88280f0$6402a8c0@foxbox> Reply-To: "Steph" To: "Rasmus Lerdorf" , "Derick Rethans" , "Andi Gutmans" Cc: "Ilia Alshanetsky" , References: <5.1.0.14.2.20050201142816.026d21c0@localhost><5.1.0.14.2.20050201111730.0299da70@localhost><5.1.0.14.2.20050201111730.0299da70@localhost><5.1.0.14.2.20050201142816.026d21c0@localhost><5.1.0.14.2.20050201151955.02730ec0@localhost><4200169A.6050905@lerdorf.com><42001C1D.3090105@cschneid.com><42001D7B.1040707@trickie.org><420024EC.4080601@lerdorf.com><4200457F.5080305@prohost.org><42005629.3000905@lerdorf.com><4200D48A.9070305@prohost.org><42010045.20807@lerdorf.com> <5.1.0.14.2.20050202164443.02718e30@localhost> Date: Thu, 3 Feb 2005 17:26:44 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: [PHP-DEV] PHP 5.1 From: steph@zend.com ("Steph") Quiet voice from the peanut gallery: If (IF) there were to be some generic filter behaviour, wouldn't it make sense to give the existing filtering-type functions some intelligence about whether that generic filter was enabled or not, and ensure that those functions were always fed raw superglobals data? Making the generic filter a backup that jumps in where no protection exists, rather than an 'ipso facto, will break stuff' kinda deal? It doesn't make a lot of sense from where I'm standing to have a generic security setup that _isn't_ default, but it really shouldn't break BC in any way. Just my 2 sheks, - Steph ----- Original Message ----- From: "Andi Gutmans" To: "Rasmus Lerdorf" ; "Derick Rethans" Cc: "Ilia Alshanetsky" ; Sent: Thursday, February 03, 2005 2:51 AM Subject: Re: [PHP-DEV] PHP 5.1 > At 01:44 PM 2/2/2005 -0800, Rasmus Lerdorf wrote: > >You guys can write your own implementation and put it in PECL alongside > >the one I am putting in there and we can decide if any of them should be > >bundled by default. Perhaps none of them should, but like it or not, > >people want to filter at this level and the extension to satisfy this need > >will be available to them in PECL. > > It'd be great if we can all sync on one implementation. > I know it gets a bit hard with everyone pulling their way and having yet > another suggestion but I'm sure we can reach something everyone is happy with. > In any case, the main part of this project are the filters themselves ,and > that work shouldn't be replicated. > I must say that personally I probably would prefer a programmatic way of > filtering (as I mentioned it could be done at runtime), but I don't think > it would be terrible to have a paranoid mode that filters earlier. > So just to lay out my $0.02 it'd be nice to have something like: > filter_all(POST, FILTER_FOOBAR); > and > $foo = filter_input(POST, "foo", FILTER_NUM); > > Andi > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php >