rfc:escaping_operator
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rfc:escaping_operator [2016/07/30 14:07] – michael-vostrikov | rfc:escaping_operator [2017/09/22 13:28] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== PHP RFC: New operator for context-dependent escaping ====== | + | ====== PHP RFC: New operator |
* Version: 1.0 | * Version: 1.0 | ||
* Date: 2016-07-14 | * Date: 2016-07-14 | ||
* Author: Michael Vostrikov < | * Author: Michael Vostrikov < | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
Line 22: | Line 22: | ||
The problem is that < | The problem is that < | ||
+ | |||
+ | Calling an escaping function manually on every output is the same as calling constructor manually after every ' | ||
+ | <PHP> | ||
+ | (new User)-> | ||
+ | (new Profile)-> | ||
+ | </ | ||
Main argument against such operator is that main problem is in specific context. There are various contexts and each one requires special escaping. But I think this is not required to support all of them. Because - who asks about it?) There are no requests about special operator for json_encode(), | Main argument against such operator is that main problem is in specific context. There are various contexts and each one requires special escaping. But I think this is not required to support all of them. Because - who asks about it?) There are no requests about special operator for json_encode(), | ||
Line 232: | Line 238: | ||
It is easy to use and has small amount of code. | It is easy to use and has small amount of code. | ||
It does not change Zend VM opcodes and does not break any existing code. | It does not change Zend VM opcodes and does not break any existing code. | ||
+ | It can be used as a replacement for standard '<? | ||
Also it will be useful for beginners, which don't know about HTML escaping or forget about it. If there will be special operator for HTML-safe output, beginners will use it, because this is simple. | Also it will be useful for beginners, which don't know about HTML escaping or forget about it. If there will be special operator for HTML-safe output, beginners will use it, because this is simple. | ||
Line 314: | Line 321: | ||
==== To Existsing Applications/ | ==== To Existsing Applications/ | ||
- | There may be some applications or extensions which contains <?* some text ?> as raw text in PHP template. | + | There may be some applications or extensions which contains <?* some text ?> as raw text in PHP template, or which have the same function names. |
Line 323: | Line 330: | ||
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== | ||
- | Can this operator be useful for many people and implemented in PHP in some of forms described above?\\ | ||
- | The choices are Yes or No\\ | ||
Requires a 2/3 majority\\ | Requires a 2/3 majority\\ | ||
+ | Voting is open till August 6.\\ | ||
+ | Will this short tag / operator be useful for many people with the functionality described above? | ||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Additional questions. Voting is not required if you have voted ' | ||
+ | \\ | ||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | \\ | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | \\ | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | \\ | ||
===== Patches and Tests ===== | ===== Patches and Tests ===== | ||
+ | |||
Diff with changes:\\ | Diff with changes:\\ | ||
https:// | https:// |
rfc/escaping_operator.1469887667.txt.gz · Last modified: 2017/09/22 13:28 (external edit)