Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:55361 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 88743 invoked from network); 11 Sep 2011 08:15:15 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 11 Sep 2011 08:15:15 -0000 Authentication-Results: pb1.pair.com smtp.mail=h.reindl@thelounge.net; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=h.reindl@thelounge.net; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thelounge.net designates 91.118.73.15 as permitted sender) X-PHP-List-Original-Sender: h.reindl@thelounge.net X-Host-Fingerprint: 91.118.73.15 mail.thelounge.net Windows 98 (1) Received: from [91.118.73.15] ([91.118.73.15:55068] helo=mail.thelounge.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 7B/14-45650-F0E6C6E4 for ; Sun, 11 Sep 2011 04:15:11 -0400 Received: from srv-rhsoft.rhsoft.net (openvpn-241.thelounge.net [10.0.0.241]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.thelounge.net (Postfix) with ESMTPSA id 4998D99 for ; Sun, 11 Sep 2011 10:15:08 +0200 (CEST) Message-ID: <4E6C6E0B.6050402@thelounge.net> Date: Sun, 11 Sep 2011 10:15:07 +0200 Organization: the lounge interactive design User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20110906 Thunderbird/6.0.2 MIME-Version: 1.0 To: internals@lists.php.net References: <4E6C39AC.3000607@yahoo.co.jp> In-Reply-To: <4E6C39AC.3000607@yahoo.co.jp> X-Enigmail-Version: 1.3.1 OpenPGP: id=7F780279; url=http://arrakis.thelounge.net/gpg/h.reindl_thelounge.net.pub.txt Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig00088A246662B43E763837FD" Subject: Re: [PHP-DEV] proposal for change the argument of parse_str/mb_parse_str From: h.reindl@thelounge.net (Reindl Harald) --------------enig00088A246662B43E763837FD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 11.09.2011 06:31, schrieb Rui Hirokawa: > Hello, >=20 > I think the second argument of parse_str/mb_parse_str > should be changed from optional to mandatory. > parse_str(string encoded_string [, array result]) > -> parse_str(string encoded_string , array result) no because there is no reason and all what will happen is parse_str($a, $b); extract($b); so please leave us in peace with the need to add the second line > It is to reduce the risk of vulnerability, and it has neary same risk > as register_globals which is removed from PHP 5.4 it has not, inside a function this is absolutely safe and if you are writing spaghetti-code nothing can help you --------------enig00088A246662B43E763837FD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5sbgsACgkQhmBjz394AnmZ7ACfbhQmS90VMb7/J9CnSgwEzxdf crMAnijbzPOT8JjjDAhKP41Qwc8Mv5d6 =Dge1 -----END PGP SIGNATURE----- --------------enig00088A246662B43E763837FD--