Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:52582 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 95046 invoked from network); 31 May 2011 21:35:06 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 31 May 2011 21:35:06 -0000 Authentication-Results: pb1.pair.com smtp.mail=birken@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=birken@gmail.com; sender-id=pass; domainkeys=bad Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.177 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: birken@gmail.com X-Host-Fingerprint: 209.85.216.177 mail-qy0-f177.google.com Received: from [209.85.216.177] ([209.85.216.177:56001] helo=mail-qy0-f177.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 0A/CC-25701-60F55ED4 for ; Tue, 31 May 2011 17:35:04 -0400 Received: by qyl38 with SMTP id 38so3095151qyl.8 for ; Tue, 31 May 2011 14:34:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=wyTmKqB/oIUWU/E9A3QthjbaphfyhPD5VrfCajV+1NA=; b=cOMbfMiDc/vlkUqfFyN2/sy5xKgOAh6BUCf+jQPs3Azp3KvU9mQLrZG9wAcUhYVdLm opsJtAClodDiASLJGdfm+28Wy02PdGL0pXekR/2I77JXW7XXNZ7fSQLbcpxjbelKVpAo NyNh7ZegIBn47frXjaefqZRPWaHJNSYH9pYco= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=R/vrHPuxpf+QOK9Wcs7VJ0mxx9e1R5fKqrAMvf//cwfoRhSEL78lRp9ta3/S/WYO9E MLffQE6lBrJ9x38kUZYD6ztNobrdp9qiIIB/lJ+UTDA/5uHkEL05lQq6+HT48lSVR8RD /oXKLYiLBSZNK7ja3AO2LJ85CCJqQsP2BtoV4= MIME-Version: 1.0 Received: by 10.224.8.210 with SMTP id i18mr4790489qai.12.1306877696905; Tue, 31 May 2011 14:34:56 -0700 (PDT) Received: by 10.224.60.69 with HTTP; Tue, 31 May 2011 14:34:56 -0700 (PDT) In-Reply-To: <4DE55CDA.302@sugarcrm.com> References: <4DE5368A.6050603@moonspot.net> <2BFFEAC1-395E-4101-9452-002E63DCFD91@seancoates.com> <4DE55AB7.9050206@lerdorf.com> <4DE55CDA.302@sugarcrm.com> Date: Tue, 31 May 2011 14:34:56 -0700 Message-ID: To: Stas Malyshev Cc: Rasmus , PHP internals Content-Type: multipart/alternative; boundary=bcaec5196185e3931a04a4992c3f Subject: Re: [PHP-DEV] RFC: Short syntax for Arrays (redux) From: birken@gmail.com (Dan Birken) --bcaec5196185e3931a04a4992c3f Content-Type: text/plain; charset=ISO-8859-1 It is worth noting that point you bring up is one that is present in PHP currently: php > print_r(json_decode(json_encode(array('a' => 'b')))); stdClass Object ( [a] => b ) php > print_r(json_decode(json_encode(array('a', 'b')))); Array ( [0] => a [1] => b ) -Dan On Tue, May 31, 2011 at 2:25 PM, Stas Malyshev wrote: > Hi! > > > Stas, I didn't understand your point about eval() and security. What did >> you mean? >> > > I meant if PHP has JSON syntax as native, e.g. you can say something like: > > $a = {"a":"b"}; > > Then the temptation would be to write something like: > > // $json_string is {"a":"b"} > $a = eval($json_string); > > just as Javascript programmers sometimes do. That would have the same > security implications as it has in Javasctipt - somebody could inject > executable code there, etc. Of course, nobody forces you to do this, but the > temptation would be there. > > Also, with full JSON support it is not entirely clear to me what {"a": "b"} > would mean - is it an array or an object? In JS, it's definitely an object, > but in PHP objects are almost never used to store pure state without > behavior, because we have hashtable arrays, while JS only has vector arrays. > So here we have some unclear point (which does not happen with [] syntax, > since with [] it's obvious we're talking about arrays, just as in many other > languages). > > -- > Stanislav Malyshev, Software Architect > SugarCRM: http://www.sugarcrm.com/ > (408)454-6900 ext. 227 > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > --bcaec5196185e3931a04a4992c3f--