On Tuesday, April 23, 2002, at 06:48  AM, Rouvas Stathis wrote:

>> This change improves your security, so it'd be rational to be happy 
>> about
>> it.
>
> No it doesn't. It just provides another excuse for lazy programming.
> Nothing will save a lazy programmer or one that doesn't understand basic
> principles.

While I agree that it doesn't improve security much if the coder was 
already using $HTTP_SESSION_VARS (which he/she should have been doing), 
it definitely does not promote lazy programming.  If anything, 
registering all the variables as global promotes lazy programming!  
Sure, it's convenient to be able to access a variable with this shorter 
method, but do you really want all of these different session variables, 
post variables, get variables, cookie variables, and server variables 
sharing the same global namespace/scope?  (I use that last term loosely.)

IMHO that is much lazier than using superglobals with register_globals 
off.


Erik



----

Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to