Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:63131 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 3372 invoked from network); 19 Sep 2012 08:13:36 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Sep 2012 08:13:36 -0000 Authentication-Results: pb1.pair.com smtp.mail=krebs.seb@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=sebastian.krebs.berlin@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.83.42 as permitted sender) X-PHP-List-Original-Sender: krebs.seb@gmail.com X-Host-Fingerprint: 74.125.83.42 mail-ee0-f42.google.com Received: from [74.125.83.42] ([74.125.83.42:50832] helo=mail-ee0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 71/64-05716-FAE79505 for ; Wed, 19 Sep 2012 04:13:35 -0400 Received: by eekb15 with SMTP id b15so261339eek.29 for ; Wed, 19 Sep 2012 01:13:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:x-google-sender-delegation:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=e0thOGjAjIYdBaFoCqrN6xS3ksEKlv1XyEP6w4wUMRw=; b=eiGt1sW4265gZvz2jAq01COSCjIrhfGhm8QEV8Lkbv0uQ8r4o6tJ46/3763dA2UDRb mPKBw8cLHOKO8dIeRKT6pYrHIwzQvCnPDCqGQKYY01lP5CkNh9NA79fzNH55fPryqETj ftNveDLYn48FipFdhaNx0d7bSZolL7V7vhTY+L2zQt8ZHbn7VI22NIgmzeCwmAsMuCxn DzROlXbOoa6H9JUP8s36G8q4ZanNiY9RFLUgzloADnK+rggaCyN58UDXsKruIu6z6wK3 XLogjIuKtyjOTZ9pDg7ZRtHk5lOuPpfxlqGoR/P+qtaNR8sWFwwgnUhjyqlP5lFxdCXG Qndg== MIME-Version: 1.0 Received: by 10.14.193.129 with SMTP id k1mr2663277een.13.1348042412499; Wed, 19 Sep 2012 01:13:32 -0700 (PDT) Sender: sebastian.krebs.berlin@gmail.com X-Google-Sender-Delegation: sebastian.krebs.berlin@gmail.com Received: by 10.14.176.73 with HTTP; Wed, 19 Sep 2012 01:13:32 -0700 (PDT) In-Reply-To: References: Date: Wed, 19 Sep 2012 10:13:32 +0200 X-Google-Sender-Auth: LVQ6UI5RuQwKDMdxhAZUPFOdvl4 Message-ID: To: Tomas Creemers Cc: internals@lists.php.net Content-Type: multipart/alternative; boundary=047d7b343b2023a4d304ca0995dc Subject: Re: [PHP-DEV] Re: RFC: Implementing a core anti-XSS escaping class From: krebs.seb@gmail.com (Sebastian Krebs) --047d7b343b2023a4d304ca0995dc Content-Type: text/plain; charset=ISO-8859-1 2012/9/19 Tomas Creemers > On Wed, Sep 19, 2012 at 8:34 AM, Sebastian Krebs > wrote: > > > > > > 2012/9/19 Tomas Creemers > >> > >> Hi all, > >> > >> > >> > >> If this is going to be implemented as a class, what is the advantage > >> of instantiation for this? Unless I'm missing it, I would propose that > >> the functions are made static. > >> > [snip] > >> > >> Regards, > >> > >> Tomas > > > > > > Hi, > > > > I guess the reason is the same like the one, why you just should avoid > > static methods at all. But only one example: Try to extend the class and > > then _always_ use the extended one ;) > > > > Regards, > > Sebastian > > > Isn't that what late static binding is for? It enables the use of the > extending class (if any) from the base class. > > I really don't see what class instantiation would add to this design > (if it's going to be a class at all). It doesn't have > instance-specific state. > > > Regards, > Tomas > Oh and just to throw that in: If the additional variable (or the extra line) is a "problem" echo (new Escaper)->escapeHtml('test'); // vs. echo Escaper::escapeHtml('test'); -- github.com/KingCrunch --047d7b343b2023a4d304ca0995dc--