Rasmus Lerdorf wrote:
Ilia Alshanetsky wrote:
Looking at my code here, it would actually be trivial to expose the raw data as superglobals, but what do we achieve then? We are simply renaming $_GET to $_GET_RAW or something like that? If you don't want any filtering to be done by default, simply don't turn it on.
In many cases it may not be possible to turn off automatic input filter, because of limited access.
I realize that. But the filter was likely turned on for a reason in such cases with the goal that all applications running on the server that need non-standard access to user data will have to be modified to explicitly access that data through an appropriate filter.
True, but you've still got a lot of boxes that are used both for dev and production work. Take a small web design company, for example. Now in such a position, the admin may want to access raw variables in dev.site.com but have things restricted in www.site.com, if you see what I mean.
Maybe an ini option which is a bool that allows users to access raw get/post/whatever data or doesn't ?
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
