On 12/08/2016 09:19, Lester Caine wrote:
I'm thinking
$var->setConstraint()
$var->setEscape()
$var->setReadOnly()
Rather than having to build 'reflections' classes to pull out data that
a simple $var->is_valid or echo $var will output a correctly escaped
piece of text.
Note that as discussed on the recent RFC thread, escape mechanisms are
very much specific to the *destination* of the data not the *source*. So
having "echo $foo" call "echo $foo->escape()" isn't going to work.
I guess you could have "echo $foo->forHTML()" with some kind of fallback
that converts that to "echo htmlspecialchars($foo)" if nothing further
is defined. Or "echo_html( $foo )" calling "$foo->forHTML()" internally
if it's been defined against the variable. I haven't thought this
through fully, just throwing ideas out there.
Regards,
--
Rowan Collins
[IMSoP]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
