On Sat, Jan 05, 2008 at 09:48:37PM +0100, Stefan Esser wrote: > Hello, > >> typing into PHP, even if it is optional. Passing $_REQUEST['age'] to a > >> > > that $_REQUEST['age'] has been checked for numeric before the functio > > would you please not use $_REQUEST in any of your examples? $_REQUEST is > one of the biggest design weaknesses in PHP. Every application using > $_REQUEST is most probably vulnerable to Delayed Cross Site Request > Forgery problems. (This basically means if e.g. a cookie named (age) > exists it will always overwrite the GET/POST content and therefore > unwanted requests will be performed)
OK > And well... This thread continues without a single valid (!= personal > opinion) reason why type hinting should NOT be introduced. BTW accepting > the string '1' where an (int) type hint is placed would be the next > stupid design decision. Why ? -- Alain Williams Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php Chairman of UKUUG: http://www.ukuug.org/ #include <std_disclaimer.h> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
