On removing globals / $GLOBALS, erm, -1 to that. Just too much legacy code needs this to work as is.
On making $_POST, $_REQUEST, $_GET et al read only, again -1 for the same reason. However, I understand the sentiment and it brings up this idea... What about a new superglobal, $_INPUT, that is read only. Further its topmost structure could go something like this -- $_INPUT = array ( 'POST' => array(), // The post request vars 'COOKIE' => array(), // Cookies 'GET' => array(), // Get request vars 'HEADERS' => array(), // Inbound HTTP headers, the stuff that right now is misleadingly in $_SERVER['HTTP...'] 'FILES' => array(), // Uploaded file information. ); Since $_INPUT would be read only from inception nothing can break because it can't be written to. At an INI level the option to turn off the legacy superglobals it replaces might be added, but that's a separate issue.
