Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:57952
Return-Path: <will.fitch@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 72118 invoked from network); 22 Feb 2012 15:31:43 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 22 Feb 2012 15:31:43 -0000
Authentication-Results: pb1.pair.com header.from=will.fitch@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=will.fitch@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.49 as permitted sender)
X-PHP-List-Original-Sender: will.fitch@gmail.com
X-Host-Fingerprint: 209.85.216.49 mail-qw0-f49.google.com  
Received: from [209.85.216.49] ([209.85.216.49:47024] helo=mail-qw0-f49.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id CD/C0-65450-E5A054F4 for <internals@lists.php.net>; Wed, 22 Feb 2012 10:31:42 -0500
Received: by qadc14 with SMTP id c14so350630qad.8
        for <internals@lists.php.net>; Wed, 22 Feb 2012 07:31:40 -0800 (PST)
Received-SPF: pass (google.com: domain of will.fitch@gmail.com designates 10.229.136.196 as permitted sender) client-ip=10.229.136.196;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of will.fitch@gmail.com designates 10.229.136.196 as permitted sender) smtp.mail=will.fitch@gmail.com; dkim=pass header.i=will.fitch@gmail.com
Received: from mr.google.com ([10.229.136.196])
        by 10.229.136.196 with SMTP id s4mr23242736qct.71.1329924700073 (num_hops = 1);
        Wed, 22 Feb 2012 07:31:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=date:from:to:cc:message-id:in-reply-to:references:subject:x-mailer
         :mime-version:content-type;
        bh=ygcRoje0mxzT5e2TnaN+1aPScZ2e05pnuxDHhJzIxnY=;
        b=tz/wnz/4LKYgyVc3qHDEf1MHLs5X1FoDA5wxEFCekAOyfKQ/n+yf3JkVldC/PB0cx1
         D27lyY82Vng9R1OAJQH3OsfAkPUjQkw1p4WeMctCU8OTWGP5PSyCztLZccs6h0+2U/ze
         x8mxNZ4ZqXoYoFJQ3WHsNvHqzIjm1qc9Cf+Tg=
Received: by 10.229.136.196 with SMTP id s4mr19640841qct.71.1329924699621;
        Wed, 22 Feb 2012 07:31:39 -0800 (PST)
Received: from Wills-MacBook-Air.local ([68.64.144.221])
        by mx.google.com with ESMTPS id hp1sm17451920qab.22.2012.02.22.07.31.38
        (version=TLSv1/SSLv3 cipher=OTHER);
        Wed, 22 Feb 2012 07:31:38 -0800 (PST)
Date: Wed, 22 Feb 2012 10:31:39 -0500
To: Michael Morris <dmgx.michael@gmail.com>
Cc: PHP Internals List <internals@lists.php.net>
Message-ID: <4A1A9F9755D4420E88B043F0EB518DBA@gmail.com>
In-Reply-To: <CAGovj_OA29qv0MvpFwaT6EF4h_+CYuirNY8nLBaqGurkdO3Afw@mail.gmail.com>
References: <CAGovj_PbjoB78kXvZcaSkx3qQziMXX7ezVmzYSPHQbJL7uu7VA@mail.gmail.com>
 <8D8E9A0839FE464FBBDF2B499DAFA596@gmail.com>
 <CAGovj_OA29qv0MvpFwaT6EF4h_+CYuirNY8nLBaqGurkdO3Afw@mail.gmail.com>
X-Mailer: sparrow 1.5 (build 1043.1)
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="4f450a5b_6f6dd9ac_6ecc"
Subject: Re: [PHP-DEV] $_PARAMETERS Super Global Object
From: will.fitch@gmail.com (Will Fitch)

--4f450a5b_6f6dd9ac_6ecc
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On Wednesday, February 22, 2012 at 10:10 AM, Michael Morris wrote:
> $_REQUEST does nothing of the sort, and it's use is dangerous in
> RESTful architecture. $_REQUEST is a smash together of $_GET, $_POST
> and $_COOKIE, in that order but the php.ini directive can change it.
> Hence there's no way of knowing if $_REQUEST['password'] came from
> $_COOKIE, $_POST, or $_GET, and worse, if two values in those source
> arrays have the same key $_REQUEST will overwrite them. $_REQUEST to
> be honest, is a lame shortcut and bad idea almost on par with
> register_globals.
> 
> 

$_REQUEST isn't dangerous - the programmer using it is.   
> 
> I'm not recommending $_REQUEST.
> 
> $_PARAMETERS is an object, not an array. I suppose if treated like an
> array it could behave like request - but I deeply dislike that idea
> because it is a repeat of the mistake of $_REQUEST.
> 
> 

You're going to have a hard time selling this.  Adding an object to global scope by adding yet another super global is a mess.  You'd have a much easier time selling a SPL class which handles this functionality.  Or, even better, write this *in* PHP.  There wouldn't be a substantial performance improvement, and you wouldn't be forcing ideologies on other developers.  If you're wondering what I mean by this, your suggestion of "setFilters" would require an interface that defines the behavior intended for filtering content.  On top of this, you'd need to add getFilters, getFilter, removeFilters, removeFilter and addFilter to name a few.  All of this can (and should IMO) be done within PHP.
> 
> To get a value from a get request I'd use $_PARAMETERS->get['myVar'];
> To get it's filtered value I'd use $_PARAMETERS->get->filtered['myVar']
> To set those filters I'd use $_PARAMETERS->get->setFilters( $filters );
> 
> 

As I said before, you should add a RFC entry if you want this taken seriously.  The information you provided is just not enough.  
> 
> 
> 
> On Wed, Feb 22, 2012 at 10:03 AM, Will Fitch <will.fitch@gmail.com (mailto:will.fitch@gmail.com)> wrote:
> > Personally, I don't like this.  We already have $_REQUEST which can
> > accommodate GET, POST, and COOKIE. I believe it should be up to
> > framework/API authors to implement there own methodologies behind accessing
> > this data.  Additional functionality such as setting filters would be a part
> > of that as well.
> > 
> > That said, if you're serious about the idea, a RFC would be helpful in
> > understanding the full extent that you're suggesting.
> > 
> > --
> > Will Fitch
> > 
> > On Wednesday, February 22, 2012 at 9:57 AM, Michael Morris wrote:
> > 
> > Before writing up a full RFC I want to put out a feeler on something.
> > Currently we have several input parameter objects, chief among them
> > $_GET, $_POST, $_REQUEST, $_SERVER (for the client HTTP headers). All
> > of them are arrays and legacy code sometimes writes to them. Locking
> > them as read only objects would cause a major BC break.
> > 
> > What if instead we had an Object called $_PARAMETERS which holds the
> > read only copies of this data. In addition, this would be the first
> > superglobal object, able to perform some filtering of inputs. Basic
> > idea..
> > 
> > $_PARAMETERS
> > ->get
> > ->post
> > ->cookie
> > ->headers (The client http headers)
> > 
> > All of these would be array objects, and all would be read only and
> > have these methods and properties
> > 
> > ->filtered: Copy of the array according to the current set filters of
> > the object.
> > ->setFilters(): Sets the filters of the input, an array with constant
> > values for the allowed types.
> > 
> > And I'll stop there. The basic idea, to add a read only input hive
> > with some basic object functionality for filtering.
> > 
> > --
> > PHP Internals - PHP Runtime Development Mailing List
> > To unsubscribe, visit: http://www.php.net/unsub.php
> > 
> 
> 
> -- 
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 



--4f450a5b_6f6dd9ac_6ecc--