On Wed, May 21, 2014 at 1:21 PM, Gary Mort wrote:
>
> On 05/20/2014 04:24 AM, Michael B Allen wrote:
>>
>>
>> I actually started out doing what you describe but I thought the
>> server side code started to get a little messy so I thought I would
>> break things up into add, remove, applyCode and s
On 05/22/2014 05:02 PM, Anthony Ferrara wrote:
We learned **years** ago that this doesn't work. Magic_quotes was
removed because of that. Register_globals was removed. ETC.
Yeah, and then filter.default was added back in AND in such a way that
it can't be changed I guess "we" didn't really le
> Not bothering to address the rest of your comments since they seem to be
> based on a misunderstanding.
No they are not. My point was that you shouldn't be doing `echo "Hello
$name"` in the first place.
So the rest of my comments actually fit right inline. Please give them
another read, and se
Gary,
I just checked CentOS 6.5's RPM, and it has filter.default set to raw
(the default). So I'm not sure where you're getting "it seems that the
latest CentOS PHP packages instead use
FILTER_SANITIZE_FULL_SPECIAL_CHARS". There may be a distro or repo
that does that, but it's not CentOS...
We le
It seems there are some misconceptions on the filter_* API. Recently I
was contacted by a colleague when his website went off kilter. All of
the sudden all the variables had extra html encoding charectors in
themand then since they were encoded a second time when displayed
they would have
On 05/22/2014 11:35 AM, Anthony Ferrara wrote:
Gary,
Consider the secretary updating their company website. They have been told
that they need some landing page to say "Welcome " at the top.
The pages are mostly html with a bit of PHP here and there. So they go to
an online tutorial, go thr
Gary,
I'd have to agree with you on this. We can be happy that PHP is now a
professional grade enterprise capable solution. However, frameworks,
"modern" coding practices, and a host of other things make it very
difficult for someone to climb the learning curve.
That may be just my perception.
L
>
> If you want to use a system like monolog, you can still do that while
> using the user_error function, simply use the set_error_handler function
> and you can route the error message to whatever flavor of the month logging
> class is popular.
that's a nice option, but we decided to use a wrapp
Gary,
On Thu, May 22, 2014 at 10:26 AM, Gary Mort wrote:
> On 05/21/2014 02:32 PM, Anthony Ferrara wrote:
>> First off, I do $name = $_GET['name']. I filter when I know what's
>> going to happen with it (such as when it gets bound against a data
>> model).
> But your not a novice programmer, so t
Anthony's comments on my last post reminded me of an issue I feel PHP is
facing today.
PHP is a wonderfully messy language. You can use PHP to insert a small
bit of customization in an otherwise flat website. Something as simple
as saying "Good morning", "Good afternoon", and "Good evening"
On 05/21/2014 02:32 PM, Anthony Ferrara wrote:
> First off, I do $name = $_GET['name']. I filter when I know what's
> going to happen with it (such as when it gets bound against a data
> model).
But your not a novice programmer, so this doesn't apply to you. Though
personally, I wouldn't do $name
On Sun, May 18, 2014 at 1:43 AM, Michael B Allen wrote:
> Hi All,
>
> Occasionally I need to do a little web programming and I must admit
> after almost 2 decades I still find myself searching for a better way
> to handle HTML forms. I blame this mostly on the W3C's invalid
> assumption that HTML
12 matches
Mail list logo
