Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:57964 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 43365 invoked from network); 22 Feb 2012 21:38:57 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 22 Feb 2012 21:38:57 -0000 Authentication-Results: pb1.pair.com header.from=keisial@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=keisial@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.170 as permitted sender) X-PHP-List-Original-Sender: keisial@gmail.com X-Host-Fingerprint: 209.85.212.170 mail-wi0-f170.google.com Received: from [209.85.212.170] ([209.85.212.170:58584] helo=mail-wi0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 1C/C6-23690-070654F4 for ; Wed, 22 Feb 2012 16:38:57 -0500 Received: by wibhm4 with SMTP id hm4so402122wib.29 for ; Wed, 22 Feb 2012 13:38:53 -0800 (PST) Received-SPF: pass (google.com: domain of keisial@gmail.com designates 10.180.95.1 as permitted sender) client-ip=10.180.95.1; Authentication-Results: mr.google.com; spf=pass (google.com: domain of keisial@gmail.com designates 10.180.95.1 as permitted sender) smtp.mail=keisial@gmail.com; dkim=pass header.i=keisial@gmail.com Received: from mr.google.com ([10.180.95.1]) by 10.180.95.1 with SMTP id dg1mr68566wib.21.1329946733077 (num_hops = 1); Wed, 22 Feb 2012 13:38:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=q3UolQyanAJQdutg2Q1wKxWVdgm5sxQ2DP3G3+n0WCc=; b=MoLmUyq2NhdnVBVYoI8A/0KIGboGAZOMqscTz0fbv+6Hs6Qiq+18vT7CuVyYdETsnU GwjOih+0XC/0NBdYIO9Ovwx5dNdo5MF7wB0uUW48sJRGItD6IplmfRupbHUjbjgCLDOK JK9JqxFdxaoFySUDqX8xqs1iHGhgBv5SX46Fo= Received: by 10.180.95.1 with SMTP id dg1mr54838wib.21.1329946733012; Wed, 22 Feb 2012 13:38:53 -0800 (PST) Received: from [192.168.1.26] (105.Red-81-38-140.dynamicIP.rima-tde.net. [81.38.140.105]) by mx.google.com with ESMTPS id bg3sm327485wib.10.2012.02.22.13.38.51 (version=SSLv3 cipher=OTHER); Wed, 22 Feb 2012 13:38:52 -0800 (PST) Message-ID: <4F45618F.4000204@gmail.com> Date: Wed, 22 Feb 2012 22:43:43 +0100 User-Agent: Thunderbird MIME-Version: 1.0 To: Michael Morris CC: PHP Internals List References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] $_PARAMETERS Super Global Object From: keisial@gmail.com (=?ISO-8859-1?Q?=C1ngel_Gonz=E1lez?=) On 22/02/12 15:57, Michael Morris wrote: > Before writing up a full RFC I want to put out a feeler on something. > Currently we have several input parameter objects, chief among them > $_GET, $_POST, $_REQUEST, $_SERVER (for the client HTTP headers). All > of them are arrays and legacy code sometimes writes to them. Locking > them as read only objects would cause a major BC break. Why would you want to set them read-only? I agree that they should represent the input parameters, but there are times where modificating them is very useful. For instance, a framework code could be modifying $_GET on index.php to strip magic quotes before passing it down to another module. Even better, that code would work even for modules written before supporting that configuration. If the module had used directly such $_PARAMETERS, it would get wrong results. I guess we will start seeing the opposite behavior with 5.4, though: Code doing addslashes() on input parameters before running code which expected magic quotes (maybe at auto_prepend_file, even). But still, it's good to have such ability even if it's something to be avoided.