On Fri, Jul 28, 2017 at 11:03 AM, li...@rhsoft.net <li...@rhsoft.net> wrote:
make POST/GET/SERVER readonly - only when you refactor a 250000 line code
base as well as deplyed code which relies on the framework did the right
thing with them previously :-)
Are you advocating for read-only or leaving them read-write? I can't tell.
Every language feature in every language can be abused. Having
sufficient documentation helps avoid unwanted abuse.
As a brief demonstration of how that plays out, a quick search on the
website turned up:
http://us3.php.net/manual/en/reserved.variables.request.php
There isn't an example usage pattern there nor any
restrictions/recommendations on use and the top comment has 97 upvotes.
The first thing that person's code does is freely set new values in
multiple superglobals without sufficient explanation that doing so is a
bad idea. Therefore, drive-by PHP users can derive that it must be okay
to store general-purpose information into a superglobal. "This must be
the right way to do things since it has over 10 times as many upvotes as
the next comment on the page."
While I'm for read-write superglobals, I will, of course, live with
whatever is decided upon and adapt accordingly. Making some
documentation adjustments seems like a simpler thing to do than a BC break.
--
Thomas Hruska
CubicleSoft President
I've got great, time saving software that you will find useful.
http://cubiclesoft.com/
And once you find my software useful:
http://cubiclesoft.com/donate/
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
