Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:91823 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 30258 invoked from network); 21 Mar 2016 19:43:13 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 Mar 2016 19:43:13 -0000 Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.91 as permitted sender) X-PHP-List-Original-Sender: fsb@thefsb.org X-Host-Fingerprint: 173.203.187.91 smtp91.iad3a.emailsrvr.com Linux 2.6 Received: from [173.203.187.91] ([173.203.187.91:36068] helo=smtp91.iad3a.emailsrvr.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 8B/00-29631-0DE40F65 for ; Mon, 21 Mar 2016 14:43:13 -0500 Received: from smtp20.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp20.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id DB3F518034F; Mon, 21 Mar 2016 15:43:09 -0400 (EDT) X-Auth-ID: fsb@thefsb.org Received: by smtp20.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id C092A1802E9; Mon, 21 Mar 2016 15:43:09 -0400 (EDT) X-Sender-Id: fsb@thefsb.org Received: from yossy.local (c-66-30-62-12.hsd1.ma.comcast.net [66.30.62.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA) by 0.0.0.0:587 (trex/5.5.4); Mon, 21 Mar 2016 15:43:09 -0400 To: Daniel Beardsley , internals@lists.php.net References: Message-ID: <56F04EC7.1030501@thefsb.org> Date: Mon, 21 Mar 2016 15:43:03 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: RFC about automatic template escaping From: fsb@thefsb.org (Tom Worster) Hi Daniel, When I write scripts that need to behave the same independently of the value of mbstring.func_overload then I have to remember to be careful with the functions it affects. It's a drag. I resent having to write things like mb_strlen($str, '8bit') to get a byte-count knowing that the scripts would be cleaner and easier to understand if I could dictate the value of mbstring.func_overload (or if it had never been invented). Would your proposal have any sort of similar effect? I mean, would it complicate the task of HTML-escaping output when the scripts need to work the same regardless of the '__auto_escape' ini setting? Tom