Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:14637 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 17530 invoked by uid 1010); 4 Feb 2005 07:30:20 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 17515 invoked by uid 1007); 4 Feb 2005 07:30:20 -0000 Message-ID: <20050204073020.17514.qmail@lists.php.net> To: internals@lists.php.net References: <5.1.0.14.2.20050201142816.026d21c0@localhost><5.1.0.14.2.20050201111730.0299da70@localhost> <5.1.0.14.2.20050201111730.0299da70@localhost><5.1.0.14.2.20050201142816.026d21c0@localhost> <5.1.0.14.2.20050201151955.02730ec0@localhost><4200169A.6050905@lerdorf.com> <42001C1D.3090105@cschneid.com><42001D7B.1040707@trickie.org> <420024EC.4080601@lerdorf.com><4200457F.5080305@prohost.org> <42005629.3000905@lerdorf.com><4200D48A.9070305@prohost.org> <42010045.20807@lerdorf.com> <420149A4.6000201@lerdorf.com> Date: Fri, 4 Feb 2005 08:29:54 +0100 Lines: 27 X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 X-Posted-By: 212.238.144.71 Subject: Re: [PHP-DEV] PHP 5.1 From: r.korving@xit.nl ("Ron Korving") > > You guys can write your own implementation and put it in PECL alongside > > the one I am putting in there and we can decide if any of them should be > > bundled by default. Perhaps none of them should, but like it or not, > > people want to filter at this level and the extension to satisfy this > > need will be available to them in PECL. > > Yes, there should be an extension that implements the filter functions - > but the normal data should still be available like it is in PHP 4.3 and > PHP 5.0. Adding an ext for those filters is a good thing, mangling > request data isn't (see the magic_quotes_gpc mess). > > Derick I agree very much with you on this. If PHP coders who are no admins on the server themselves have to start worrying about a default filter, that means they will have to filter all input because the default filter could be or might become something they don't want to see. And in that case, there's no use for a default for them anymore, they simply have to manually filter everything, just so they can get to their raw data. This whole default setting adds an uncertainty which will add a lot of lines of code. Please don't make the magic_quotes_gpc mistake again, because in my humble opinion, that was the worst thing that ever happened to PHP. Ron