Em sáb, 9 de jun de 2018 às 11:27, Christoph M. Becker <cmbecke...@gmx.de>
escreveu:
> On 09.06.2018 at 12:03, Dmitry Stogov wrote:
>
> > compact(), extract(), parse_str() (with 1 argument) and
> get_defined_vars() are bad functions, because they access local variables
> indirectly.
>
> While I agree that extract() and parse_str() can be dangerous, I don't
> understand why compact() and get_defined_vars() are “bad”. If the issue
> is that these functions allow to access (local) variables by their name
> (given as string), that appears to be not uncommon in PHP; cf. variable
> variables and $GLOBALS.
>
Agree here. I think that compact() should be modified just to work like
compact($a, $b, $c) instead of compact('a', 'b', 'c'). It is very useful
for template engines.
>
> > They might be considered to be removed in the next major PHP version,
> despite of this fix.
>
> That would certainly require the RFC process, and in my opinion, a
> deprecation phase would be very appropriate. Note that parse_str()
> without second argument is already deprecated as of PHP 7.2.0 and
> scheduled for removal in the next major version[1].
>
> [1]
> <
> https://wiki.php.net/rfc/deprecations_php_7_2?s[]=parse&s[]=str#parse_str_without_second_argument
> >
>
> --
> Christoph M. Becker
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
David Rodrigues
