Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:35563 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 44215 invoked by uid 1010); 18 Feb 2008 21:30:33 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 44200 invoked from network); 18 Feb 2008 21:30:33 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 18 Feb 2008 21:30:33 -0000 Authentication-Results: pb1.pair.com header.from=ceo@l-i-e.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=ceo@l-i-e.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain l-i-e.com from 67.139.134.202 cause and error) X-PHP-List-Original-Sender: ceo@l-i-e.com X-Host-Fingerprint: 67.139.134.202 o2.hostbaby.com FreeBSD 4.7-5.2 (or MacOS X 10.2-10.3) (2) Received: from [67.139.134.202] ([67.139.134.202:4089] helo=o2.hostbaby.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 0E/4C-18811-8F8F9B74 for ; Mon, 18 Feb 2008 16:30:33 -0500 Received: (qmail 98801 invoked by uid 98); 18 Feb 2008 21:32:32 -0000 Received: from 127.0.0.1 by o2.hostbaby.com (envelope-from , uid 1013) with qmail-scanner-2.01 (clamdscan: 0.88.7/5868. Clear:RC:1(127.0.0.1):. Processed in 0.082874 secs); 18 Feb 2008 21:32:32 -0000 Received: from localhost (HELO l-i-e.com) (127.0.0.1) by localhost with SMTP; 18 Feb 2008 21:32:31 -0000 Received: from 98.193.37.55 (SquirrelMail authenticated user ceo@l-i-e.com) by www.l-i-e.com with HTTP; Mon, 18 Feb 2008 15:32:31 -0600 (CST) Message-ID: <50844.98.193.37.55.1203370351.squirrel@www.l-i-e.com> In-Reply-To: <47AA5354.7020806@zend.com> References: <47AA5354.7020806@zend.com> Date: Mon, 18 Feb 2008 15:32:31 -0600 (CST) To: "Stanislav Malyshev" Cc: "'PHP Internals'" Reply-To: ceo@l-i-e.com User-Agent: Hostbaby Webmail MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: Re: [PHP-DEV] _REQUEST and variable_order From: ceo@l-i-e.com ("Richard Lynch") On Wed, February 6, 2008 6:39 pm, Stanislav Malyshev wrote: > This topic was already discussed here but never arrived to a > conclusion, > so I will raise it again. > The Problem: > We have $_REQUEST superglobal, which is often used to abstract > GET/POST > requests. However, in most cases we do not want GET/POST variables to > mean the same as cookie and environment variables. We can avoid that > by > setting variables_order to 'GP' but then we lose _SERVER and _COOKIES > which still can be very much useful. We cannot also reliably use > something like 'CGP' since while it won't allow cookies to override > GET/POST we still have no way of not accepting cookie that has no > matching GET/POST. I think this should be cleaned up so that _REQUEST > behavior would conform its use case. > > The proposal(s): > 1. One way to fix it is to create a new .ini request_order that would > control just _REQUEST. > > 2. Other solution would be to keep variables_order but drop 'C' > parsing > from _REQUEST - i.e. make _REQUEST never include cookies. I don't know > how many people really need cookies together with get/post in REQUEST. > > 3. Yet another solution would be to make superglobals independent of > variables_order - i.e. _COOKIE would always exist even if > variables_order doesn't have the letter. I actually don't see any > reason > having JIT to remove any of the superglobals - if you don't use them, > with JIT you don't pay for them. And with COOKIES it's not that it > would > be a big cost anyway - how many cookies could you have? > Of course, it'd be more substantial change which could break some apps > relying on some quirks of current behavior. > > So, what do you think on this? I would like to see $_REQUEST be just GET | POST I also see no reason to not keep $_GET if 'G' is missing from GPC ordering, so that would be a fine second choice. Introducing yet another php.ini setting to fix this for the number of people it affects seems a bit like the old cannon for a fly solution to this naive reader. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So?