Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:43955 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 79246 invoked from network); 14 May 2009 19:53:32 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 14 May 2009 19:53:32 -0000 Authentication-Results: pb1.pair.com smtp.mail=jani.taskinen@sci.fi; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=jani.taskinen@sci.fi; sender-id=unknown Received-SPF: error (pb1.pair.com: domain sci.fi from 204.13.248.71 cause and error) X-PHP-List-Original-Sender: jani.taskinen@sci.fi X-Host-Fingerprint: 204.13.248.71 mho-01-ewr.mailhop.org Received: from [204.13.248.71] ([204.13.248.71:59970] helo=mho-01-ewr.mailhop.org) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C2/83-27038-BB67C0A4 for ; Thu, 14 May 2009 15:53:32 -0400 Received: from cs181029147.pp.htv.fi ([82.181.29.147] helo=[127.0.0.1]) by mho-01-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.68) (envelope-from ) id 1M4gzg-000ILl-2b; Thu, 14 May 2009 19:53:28 +0000 X-Mail-Handler: MailHop Outbound by DynDNS X-Originating-IP: 82.181.29.147 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1/bZCDCodhfp52y/qGZlkmeeP7Q8rL7KsE= Message-ID: <4A0C76B7.903@sci.fi> Date: Thu, 14 May 2009 22:53:27 +0300 Reply-To: jani.taskinen@iki.fi User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Andrei Zmievski CC: Ilia Alshanetsky , PHP internals References: <4A0C4D97.3090307@gravitonic.com> <4A0C57CD.4030306@gravitonic.com> In-Reply-To: <4A0C57CD.4030306@gravitonic.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Request decoding in PHP 6 [patch] From: jani.taskinen@sci.fi (Jani Taskinen) Andrei Zmievski kirjoitti: > Ilia Alshanetsky wrote: >> Andrei, >> >> For you point #7 regarding the session extension. Perhaps we should >> make a simple API allowing extensions to register callbacks to execute >> on input data. Once request encoding is set, the callbacks can be ran >> for GPC input allow extensions (not just session) to do their input >> processing in a safe manner. We can even take it a step further and >> make it secondary to ext/filter processing, for some security bits. > > This is a good idea. However, we still have the issue of extensions > needing some data from the request before $_POST or $_GET are ever > mentioned in the script, since the decoding is done only at that time. You just need to call zend_is_auto_global() to trigger the init. btw. ext/session does only need the stuff in RINIT if session.auto_start is enabled. Just remove that option. :D --Jani