Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72019
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 31730 invoked from network); 2 Feb 2014 22:51:47 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Feb 2014 22:51:47 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.180 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.217.180 mail-lb0-f180.google.com  
Received: from [209.85.217.180] ([209.85.217.180:41117] helo=mail-lb0-f180.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 73/64-30967-20CCEE25 for <internals@lists.php.net>; Sun, 02 Feb 2014 17:51:47 -0500
Received: by mail-lb0-f180.google.com with SMTP id n15so4895920lbi.11
        for <internals@lists.php.net>; Sun, 02 Feb 2014 14:51:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=b7XVGU+l+Kt9zJAWcX3D9VbNoiIvX/D+cooD5/CqkW0=;
        b=Epp7qhp3tZNxpn5jXxCmLkIcqpaO9k3ruAAjIfFJLkb1E/59GZ5N5MdvWqrvZwtYEM
         urIc9XDjvgJ7V28iH7OA0CldlEy0DZmWcK7VZIX9zoopq5S6kpC5ig+qOXLrtVLbw+Fu
         nLPJBhmcW3zHc7PTLoyG4j7Bad9v7tRHJ8OB1CjT1liJYkk1vyfczwBMjA9u8+GKwZ8S
         uxjK1YmloVm5psRW3sWGrCSciO4L+U+EOKC3dYyfQgC9X3Cv4lhPjmVi8CGEq1zQ7xYd
         37h6fkkHTDNn1SwK5jvw0gTIWw5SXfv6GzyYWVCAyjMT2Dg+/0ATyyjXsM+v8tsqCfi6
         tVOQ==
X-Received: by 10.112.56.237 with SMTP id d13mr22038820lbq.2.1391381503557;
 Sun, 02 Feb 2014 14:51:43 -0800 (PST)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.112.199.37 with HTTP; Sun, 2 Feb 2014 14:51:03 -0800 (PST)
In-Reply-To: <CAL0xaBF7mCCRXEve2qxeGs41FwvBPh4jbQQT4UB_wJzw6HZazA@mail.gmail.com>
References: <CAGa2bXbq1ttBz+hSk20-CkKWvDdHr5+8bBmc04Q22i7K2VSs+A@mail.gmail.com>
 <52EE1EDC.2010309@sugarcrm.com> <CAGa2bXZZ3ug3oWg_im5bHUDjo2EHVeBMqU0fvB4WU-4OZTMCuw@mail.gmail.com>
 <CAL0xaBF7mCCRXEve2qxeGs41FwvBPh4jbQQT4UB_wJzw6HZazA@mail.gmail.com>
Date: Mon, 3 Feb 2014 07:51:03 +0900
X-Google-Sender-Auth: nC45QQwdXXDjgS1kr630RKAKodU
Message-ID: <CAGa2bXaa9ZN86-hZTPeHq4NtbuSOLuv3qeK+dSgPgDOqeymNfg@mail.gmail.com>
To: Arvids Godjuks <arvids.godjuks@gmail.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a1133a92244464404f1744096
Subject: Re: [PHP-DEV] Extending uniqid() or not?
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a1133a92244464404f1744096
Content-Type: text/plain; charset=UTF-8

Hi Arvids,

On Mon, Feb 3, 2014 at 7:41 AM, Arvids Godjuks <arvids.godjuks@gmail.com>wrote:

> My personal view is that we need to start to beef up the default PHP
> security, and a lot. Kind'a what has been done with the password API, also
> needs to be done with a lot of stuff to make it's usage much easier and
> much more secure by default.
>
> And although I get the general feeling that PHP 5.6 has low probability of
> getting such changes as this, PHP 6 by all indications is around the corner
> and stuff like this has to go into it.
>

I would like to do it for escape functions and more sophisticated input
validater,
but it wouldn't happen in 5.6 as you expect.

For the time being, I would like to make features a little stronger,
provide better function for misused function and/or document them more
explicitly.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a1133a92244464404f1744096--