On 01/05/2019 01:19, Peter Kokot wrote:
I haven't seen code with short tags for such a long time now that this
is for me a problem on a scale of a fly. Because we've simply upgraded
all very very long time ago or in other words even never thought of
writing something in these tags anymore.
I think it's important to remember that for every piece of actual code
that's seen in the wild on the internet, there's likely a couple of
orders of magnitude more that never leaves the proprietary servers /
repositories of individual companies -- Code that has been written over
a great many years that could always rely on short open tags being there
because it's company code on company servers running php.inis
configured by company staff.
The code exposure is secondary IMO. I mean, it's certainly bad, but
developers will be faced with a much more catastrophic issue to contend
with, and that's the somewhat terrifying issue of logical control
operations silently ceasing to exist.
<? if ($admin) { ?>
Super Secret: <?= htmlspecialchars($secret) ?>
<? } ?>
If people are so adamant about getting rid of it (as opposed to just
making it always available) then I think Nikita needs to bring forward
his proposals as an RFC with all due haste, as it's quite clear the
current plan cannot go forward as-is.
--
Mark Randall
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
