On 11/14/10 6:44 PM, Gustavo Lopes wrote: > On Mon, 15 Nov 2010 02:37:17 -0000, Rasmus Lerdorf <ras...@lerdorf.com> > wrote: > >> On 11/14/10 5:43 PM, Stas Malyshev wrote: >>> Hi! >>> >>>> At the beginning of the year, someone put in a request for an option >>>> to enable echo tags when short tags are disabled >>>> (http://bugs.php.net/bug.php?id=50662). I've written a patch and two >>> >>> I don't think we really need more options - I think we should just have >>> <?= always work. There's no valid XML file out there that contains <?= >>> and only people that use it are PHP programmes that don't care for XML >>> validity. Why not just make it work finally? >>> Yes, I know that was debated 100 times. But I still think disabling <?= >>> makes no sense, so here it goes. >> >> Yup, I agree. I see no reason to kill <?= >> > > The problem with <?= is that more often that not, you need to run the > text through htmlentities or similar, so it would be of very limited > usefulness even if it could be relied on (i.e. it always worked).
That's a very different issue and has nothing to do with whether <?= should be there or not. In most templating/views the variables exposed to that part have already been filtered for display purposes. In my stuff, for example, I always have the "full_special_chars" default filter in place, so all user-derived variables are automatically safe. -Rasmus -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
