Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
At 05:45 AM 10/16/2002 +0300, Jani Taskinen wrote: On Wed, 16 Oct 2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. +1 for this option. There's really no need it for to be in $_REQUEST.. +1 from me too. I think it's fine not to have $_FILES in $_REQUEST. The main purpose of $_REQUEST was to have get/post/cookie in the same structure and always work with that. $_FILES is anyway a special case because its format is different. Andi -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 16 Oct 2002, Melvyn Sopacua wrote: At 23:13 15-10-2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. I don't think Zeev and Derick will be able to go on any trips for a while then :-) First 'force' people to use superglobals, then say ehm - yeah, but ehm uploaded files are not userdata, because they are not in $_REQUEST. I would have no problem with leaving out $_FILES from $_REQUEST... Derick -- --- Derick Rethans http://derickrethans.nl/ JDI Media Solutions --[ if you hold a unix shell to your ear, do you hear the c? ]- -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
While I think it is a bit unintuitive to have $_FILES separate like it is (rather than a part of $_POST, for example), I think it would be much worse to also separate it from $_REQUEST. After all, as Sterling pointed out, it is part of the request. Chris Derick Rethans wrote: On Wed, 16 Oct 2002, Melvyn Sopacua wrote: At 23:13 15-10-2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. I don't think Zeev and Derick will be able to go on any trips for a while then :-) First 'force' people to use superglobals, then say ehm - yeah, but ehm uploaded files are not userdata, because they are not in $_REQUEST. I would have no problem with leaving out $_FILES from $_REQUEST... Derick -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, Oct 16, 2002 at 02:38:52AM -0500, Chris Shiflett wrote : While I think it is a bit unintuitive to have $_FILES separate like it is (rather than a part of $_POST, for example), I think it would be much worse to also separate it from $_REQUEST. After all, as Sterling pointed out, it is part of the request. It makes quite sense to me that _FILES is separate. It is much easier that way to iterate through multiple uploaded files without much hassle. -- GnuPG Key: http://guru.josefine.at/~mfischer/C2272BD0.asc rei_ Derick, while ($xml) $ass-get_new_ideas(); [James] Markus: IE on_user_fart() -- People doesn't seem to like the new XHTML2 specs :) -- -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 16 Oct 2002, Markus Fischer wrote: On Wed, Oct 16, 2002 at 02:38:52AM -0500, Chris Shiflett wrote : While I think it is a bit unintuitive to have $_FILES separate like it is (rather than a part of $_POST, for example), I think it would be much worse to also separate it from $_REQUEST. After all, as Sterling pointed out, it is part of the request. It makes quite sense to me that _FILES is separate. It is much easier that way to iterate through multiple uploaded files without much hassle. Another good point to keep them seperate :) But of course that whould have been possible anyway, wheter it's possible to access ot from the $_REQUEST hash or not.. Derick -- --- Derick Rethans http://derickrethans.nl/ JDI Media Solutions --[ if you hold a unix shell to your ear, do you hear the c? ]- -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 16 Oct 2002, Derick Rethans wrote: On Wed, 16 Oct 2002, Markus Fischer wrote: On Wed, Oct 16, 2002 at 02:38:52AM -0500, Chris Shiflett wrote : While I think it is a bit unintuitive to have $_FILES separate like it is (rather than a part of $_POST, for example), I think it would be much worse to also separate it from $_REQUEST. After all, as Sterling pointed out, it is part of the request. It makes quite sense to me that _FILES is separate. It is much easier that way to iterate through multiple uploaded files without much hassle. Another good point to keep them seperate :) But of course that whould have been possible anyway, wheter it's possible to access ot from the $_REQUEST hash or not.. I actually thought that $_FILES wasn't part of $_REQUEST before that bug report came in.. And it's not separate from EGPCS btw. (php.ini: variables_order) Which one controls it? P? :) And I think import_request_variables() doesn't work either for those.. --Jani -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Thu, 17 Oct 2002, Jani Taskinen wrote: On Wed, 16 Oct 2002, Derick Rethans wrote: On Wed, 16 Oct 2002, Markus Fischer wrote: On Wed, Oct 16, 2002 at 02:38:52AM -0500, Chris Shiflett wrote : While I think it is a bit unintuitive to have $_FILES separate like it is (rather than a part of $_POST, for example), I think it would be much worse to also separate it from $_REQUEST. After all, as Sterling pointed out, it is part of the request. It makes quite sense to me that _FILES is separate. It is much easier that way to iterate through multiple uploaded files without much hassle. Another good point to keep them seperate :) But of course that whould have been possible anyway, wheter it's possible to access ot from the $_REQUEST hash or not.. I actually thought that $_FILES wasn't part of $_REQUEST before that bug report came in.. And it's not separate from EGPCS btw. (php.ini: variables_order) Which one controls it? P? :) And I think import_request_variables() doesn't work either for those.. Should read the manual more often..it does support FILES too. :I (dunno if it actually works though, haven't tested it) --Jani -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. -- Yasuo Ohgaki Sterling Hughes wrote: Hey, If you haven't taken a look @: http://bugs.php.net/bug.php?id=19848 please do so... In thinking about it, to me, there are 2 solutions: 1) Rearranging files to work in an un-braindead manner, ie: instead of $_FILES['toto']['type']['c'] equaling the filetype of the form variable: INPUT TYPE="file" NAME="toto[c]" We have :: $_FILES['toto']['c']['type'] Of course this breaks BC, which is not good, but then again, neither is the alternative. 2) The alternative is to add some custom code (I'll write it up) that will re-arrange the $_FILES array when it is inserted into the $_REQUEST array (leaving the $_FILES array alone, but modifying its order when its merged into $_REQUEST). so you have: $_REQUEST['toto']['c']['type'] and $_FILES['toto']['type']['c'] which is ugly and just not right, but it maintains backwards compatibility with the $_FILES array. My personal opinion is that the second solution should be merged in for PHP 4.3, and that for PHPv5 we should normalize the $_FILE array. Thoughts? Comments? Questions? I'll start working on this tommorow unless i hear otherwise.. -Sterling -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
At 23:13 15-10-2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. I don't think Zeev and Derick will be able to go on any trips for a while then :-) First 'force' people to use superglobals, then say ehm - yeah, but ehm uploaded files are not userdata, because they are not in $_REQUEST. -- Yasuo Ohgaki Met vriendelijke groeten / With kind regards, Webmaster IDG.nl Melvyn Sopacua -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Melvyn Sopacua wrote: First 'force' people to use superglobals, then say ehm - yeah, but ehm uploaded files are not userdata, because they are not in $_REQUEST. Is it very important? Anyway, it is easier to write more robust application with $_GET/$_PSOT/$_COOKIE/$_FILES, IMO. $_REQUEST is useful but $_FILES is not strictly needed to be in $_REQUEST especially when $_FILES structure needed to be changed to make it work correctly. Changes in $_FILES structure breaks all applications uses $_FILES. Removing $_FILES from $_REQUEST does not break not many applications, I hope ;) Anyway, I'm 0 for all options. If we'll fix $_FILES structure, sooner is better. -- Yasuo Ohgaki -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 16 Oct 2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. +1 for this option. There's really no need it for to be in $_REQUEST.. --Jani -- Yasuo Ohgaki Sterling Hughes wrote: Hey, If you haven't taken a look : http://bugs.php.net/bug.php?id=19848 please do so... In thinking about it, to me, there are 2 solutions: 1) Rearranging files to work in an un-braindead manner, ie: instead of $_FILES['toto']['type']['c'] equaling the filetype of the form variable: INPUT TYPE=file NAME=toto[c] We have :: $_FILES['toto']['c']['type'] Of course this breaks BC, which is not good, but then again, neither is the alternative. 2) The alternative is to add some custom code (I'll write it up) that will re-arrange the $_FILES array when it is inserted into the $_REQUEST array (leaving the $_FILES array alone, but modifying its order when its merged into $_REQUEST). so you have: $_REQUEST['toto']['c']['type'] and $_FILES['toto']['type']['c'] which is ugly and just not right, but it maintains backwards compatibility with the $_FILES array. My personal opinion is that the second solution should be merged in for PHP 4.3, and that for PHPv5 we should normalize the $_FILE array. Thoughts? Comments? Questions? I'll start working on this tommorow unless i hear otherwise.. -Sterling -- - For Sale! - -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 2002-10-16 at 04:45, Jani Taskinen wrote: On Wed, 16 Oct 2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. +1 for this option. There's really no need it for to be in $_REQUEST.. except that its data coming from the request ? :) -Sterling --Jani -- Yasuo Ohgaki Sterling Hughes wrote: Hey, If you haven't taken a look : http://bugs.php.net/bug.php?id=19848 please do so... In thinking about it, to me, there are 2 solutions: 1) Rearranging files to work in an un-braindead manner, ie: instead of $_FILES['toto']['type']['c'] equaling the filetype of the form variable: INPUT TYPE=file NAME=toto[c] We have :: $_FILES['toto']['c']['type'] Of course this breaks BC, which is not good, but then again, neither is the alternative. 2) The alternative is to add some custom code (I'll write it up) that will re-arrange the $_FILES array when it is inserted into the $_REQUEST array (leaving the $_FILES array alone, but modifying its order when its merged into $_REQUEST). so you have: $_REQUEST['toto']['c']['type'] and $_FILES['toto']['type']['c'] which is ugly and just not right, but it maintains backwards compatibility with the $_FILES array. My personal opinion is that the second solution should be merged in for PHP 4.3, and that for PHPv5 we should normalize the $_FILE array. Thoughts? Comments? Questions? I'll start working on this tommorow unless i hear otherwise.. -Sterling -- - For Sale! - -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Out of curiosity, why are files treated differently than all other form variables submitted via POST? We don't have $_TEXT, $_RADIO, etc. Maybe there is a good reason, but it seems counter-intuitive to me. Chris Sterling Hughes wrote: On Wed, 2002-10-16 at 04:45, Jani Taskinen wrote: On Wed, 16 Oct 2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. +1 for this option. There's really no need it for to be in $_REQUEST.. except that its data coming from the request ? :) -Sterling -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Because there is more data associated with a file upload than just a single piece. On Tue, 15 Oct 2002, Chris Shiflett wrote: Out of curiosity, why are files treated differently than all other form variables submitted via POST? We don't have $_TEXT, $_RADIO, etc. Maybe there is a good reason, but it seems counter-intuitive to me. Chris Sterling Hughes wrote: On Wed, 2002-10-16 at 04:45, Jani Taskinen wrote: On Wed, 16 Oct 2002, Yasuo Ohgaki wrote: Another option. How about remove $_FILES contents from $_REQUEST? It seems it has less impact. +1 for this option. There's really no need it for to be in $_REQUEST.. except that its data coming from the request ? :) -Sterling -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Right. I was just wondering if there was a reason why the $_POST array wasn't originally created like Sterling suggested for $_FILES and $_REQUEST in his solution 1: $_FILES['toto']['c']['type'] and $_REQUEST['toto']['c']['type'] Meaning, I'm not clear why $_FILES is necessary, since the same approach can be taken for files in the $_POST array, mixing them with other types just like $_REQUEST does (the suggested way above, anyway). Also, solution 2 mentioned was this: $_REQUEST['toto']['c']['type'] and $_FILES['toto']['type']['c'] which is ugly and just not right, but it maintains backwards compatibility with the $_FILES array. Is the thought here that no one will be depending on the weird format of the $_REQUEST array as mentioned in the bug report? If we're worried about BC, I don't see why we should favor one group of people (those using $_FILES) over another (those using $_REQUEST), unless I'm missing something ... Chris Rasmus Lerdorf wrote: Because there is more data associated with a file upload than just a single piece. On Tue, 15 Oct 2002, Chris Shiflett wrote: Out of curiosity, why are files treated differently than all other form variables submitted via POST? We don't have $_TEXT, $_RADIO, etc. Maybe there is a good reason, but it seems counter-intuitive to me. Chris -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
On Wed, 2002-10-16 at 05:35, Chris Shiflett wrote: Right. I was just wondering if there was a reason why the $_POST array wasn't originally created like Sterling suggested for $_FILES and $_REQUEST in his solution 1: $_FILES['toto']['c']['type'] and $_REQUEST['toto']['c']['type'] Meaning, I'm not clear why $_FILES is necessary, since the same approach can be taken for files in the $_POST array, mixing them with other types just like $_REQUEST does (the suggested way above, anyway). Also, solution 2 mentioned was this: $_REQUEST['toto']['c']['type'] and $_FILES['toto']['type']['c'] which is ugly and just not right, but it maintains backwards compatibility with the $_FILES array. Is the thought here that no one will be depending on the weird format of the $_REQUEST array as mentioned in the bug report? If we're worried about BC, I don't see why we should favor one group of people (those using $_FILES) over another (those using $_REQUEST), unless I'm missing something ... Simply because you really couldn't use $_REQUEST to access the files array in the past, at least not without risking some dangerous things/messed up results. The idea is while we can't normalize the source, we _must_ normalize it when it seeps into other parts of php. -Sterling Chris Rasmus Lerdorf wrote: Because there is more data associated with a file upload than just a single piece. On Tue, 15 Oct 2002, Chris Shiflett wrote: Out of curiosity, why are files treated differently than all other form variables submitted via POST? We don't have $_TEXT, $_RADIO, etc. Maybe there is a good reason, but it seems counter-intuitive to me. Chris -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DEV] Re: $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?
Thanks, I see your point now. I like the solution 2, even though it is a bit ugly. Sterling Hughes wrote: On Wed, 2002-10-16 at 05:35, Chris Shiflett wrote: Is the thought here that no one will be depending on the weird format of the $_REQUEST array as mentioned in the bug report? If we're worried about BC, I don't see why we should favor one group of people (those using $_FILES) over another (those using $_REQUEST), unless I'm missing something ... Simply because you really couldn't use $_REQUEST to access the files array in the past, at least not without risking some dangerous things/messed up results. The idea is while we can't normalize the source, we _must_ normalize it when it seeps into other parts of php. -- PHP Development Mailing List http://www.php.net/ To unsubscribe, visit: http://www.php.net/unsub.php
