Yes, I'm agree with Will Fitch. Handling this problem with PHP is a good idea and beneficial to programmer.
2012/2/23 Ángel González <keis...@gmail.com> > On 22/02/12 15:57, Michael Morris wrote: > > Before writing up a full RFC I want to put out a feeler on something. > > Currently we have several input parameter objects, chief among them > > $_GET, $_POST, $_REQUEST, $_SERVER (for the client HTTP headers). All > > of them are arrays and legacy code sometimes writes to them. Locking > > them as read only objects would cause a major BC break. > > Why would you want to set them read-only? > I agree that they should represent the input parameters, but there are > times > where modificating them is very useful. > For instance, a framework code could be modifying $_GET on index.php to > strip magic quotes before passing it down to another module. > Even better, that code would work even for modules written before > supporting > that configuration. > If the module had used directly such $_PARAMETERS, it would get wrong > results. > > I guess we will start seeing the opposite behavior with 5.4, though: > Code doing > addslashes() on input parameters before running code which expected magic > quotes (maybe at auto_prepend_file, even). But still, it's good to have > such > ability even if it's something to be avoided. > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > >
