Re: [PHP-DEV] PHP 5.1

[Michael Virnstein]

I'm not a developer of php, but developing in php, i can say that it'd 
be nice to be able to filter *any* data, *if I want to*, not just $_GET, 
$_POST etc.. I think it is a good idea to have a easy to use filter api, 
but please don't make it an ini setting, so i have to call a function to 
get the original data if it is enabled or have to call ini_set first to 
disable it. I know you'd like to help securing applications even for not 
experienced programmers, but that's not the way to go imo.
I honestly don't want someone to dictate which data is ok for my 
application and which is not. Simply give me a nice api, with default 
filter types and probably the possibility to register custom functions 
to filter data, so i can call the functions if i want to. Or let me 
register filter types for certain variables, something like:
<?php

register_filter('var1', FILTER_NUMBER);
register_filter('var2', FILTER_EMAIL);
register_filter('var3', 'my_customer_filter');
?>
Michael
Rasmus Lerdorf wrote:
For the 18th time, nobody is talking about enabling it by default.
-Rasmus
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php