Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94794
Return-Path: <lester@lsces.co.uk>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 7357 invoked from network); 2 Aug 2016 05:56:19 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Aug 2016 05:56:19 -0000
Authentication-Results: pb1.pair.com header.from=lester@lsces.co.uk; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=lester@lsces.co.uk; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lsces.co.uk from 217.147.176.230 cause and error)
X-PHP-List-Original-Sender: lester@lsces.co.uk
X-Host-Fingerprint: 217.147.176.230 mail4-3.serversure.net Linux 2.6
Received: from [217.147.176.230] ([217.147.176.230:56632] helo=mail4.serversure.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C0/E0-31887-10630A75 for <internals@lists.php.net>; Tue, 02 Aug 2016 01:56:18 -0400
Received: (qmail 28136 invoked by uid 89); 2 Aug 2016 05:56:14 -0000
Received: by simscan 1.3.1 ppid: 28130, pid: 28133, t: 0.1025s
         scanners: attach: 1.3.1 clamav: 0.96/m:52/d:10677
Received: from unknown (HELO ?10.0.0.7?) (lester@rainbowdigitalmedia.org.uk@81.138.11.136)
  by mail4.serversure.net with ESMTPA; 2 Aug 2016 05:56:14 -0000
To: internals@lists.php.net
References: <CAGa2bXa8Oj=xi6ZUKYFe5XXuhZvOL6JT=31QHoq8EG-9veGDBg@mail.gmail.com>
 <CA+kxMuRuUc38jctY-9KAPLjmBMp7=Yn3ax=Eyw9kDYKLg7DkNA@mail.gmail.com>
 <CAGa2bXbTFsJEZOJwLibRUXfK1SD6UHDOsrao8RpkaY24NT1kkg@mail.gmail.com>
Message-ID: <8ec399c1-2f36-ce35-edb2-98f7898d3165@lsces.co.uk>
Date: Tue, 2 Aug 2016 06:56:06 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.2
MIME-Version: 1.0
In-Reply-To: <CAGa2bXbTFsJEZOJwLibRUXfK1SD6UHDOsrao8RpkaY24NT1kkg@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Adding validate_var_array()/validate_input_array() to
 which version?
From: lester@lsces.co.uk (Lester Caine)

On 01/08/16 23:51, Yasuo Ohgaki wrote:
> PHP must have input validation feature that achieves previously
> described validation. Basic feature like input validation must be able
> to perform quickly, so it should be provided as core feature like
> basic escaping functions.
> 
> Regards,
> 
> P.S. I'll add string validation filters (e.g. min/max, encoding
> check,etc) and validation function callback (i.e. Must return bool)
> soon.

Once again lots of additional code is being added which only fixes HALF
of the input validation problem. The same as 'strict typing'.

All of these extras can simply be eliminated if you address the problem
of adding a set of rules to the basic 'var' that allow proper validation
of each individually ... and *I* include in those rules adding the
correct escaping for that particular variable. Which is EXACTLY what oe
does in the user land libraries that currently fill the gap.

On one hand we are being pushed to add things like getter and setter and
all that overhead to create proper objects, while this option is back
with handling a raw set of variables as an array?

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk