Re: Class Static variables in double quoted string or heredoc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Apr 25, 2008 at 2:36 PM, Robert Cummings <robert@xxxxxxxxxxxxx> wrote:
>
>  On Fri, 2008-04-25 at 12:25 -0600, Nathan Nobbe wrote:
>  > On Fri, Apr 25, 2008 at 11:35 AM, Nick Stinemates <nick@xxxxxxxxxxxxxx>
>  > wrote:
>  >
>  > > On Fri, Apr 25, 2008 at 01:19:58PM -0400, Robert Cummings wrote:
>  > > >
>  > > > I don't see how the throwing everything and the kitchen sink into double
>  > > > quotes support caters to either of these groups. It strikes me, and of
>  > > > course that's who matters here >:), that it caters to the messy, "I wish
>  > > > I REALLY knew what I was doing", slovenly crowd.
>  > > >
>  > > > Just because a feature exists, doesn't mean you should use it!
>  > > >
>  > > > Cheers,
>  > > > Rob.
>  > > > --
>  > > > http://www.interjinn.com
>  > > > Application and Templating Framework for PHP
>  > >
>  > > Agree, and couldn't imagine working with someones code where they
>  > > liberally use these types of lazy things. I like structured, ordered
>  > > code, and, somehow, using something like this technique doesn't seem
>  > > structured or ordered.
>  >
>  >
>  > to each his own; as i said personally, i consider those *more* structured
>  > than the concatenation operator, when they work ;)  but anyway, i got lured
>  > into the argument for parsing variables and function calls in double
>  > quotes.  i have been arguing for the $className::$staticMember
>
>  Well, I certainly don't have a problem with $className::$staticMember.
>  But then, we ween't talking about that, were we! :)
>
>
>  > i piggybacked into this conversation because of a lack of response on a
>  > previous post from this week.  and just to pour gas on the fire, if you guys
>  > want to know a syntactic sugar feature i avoid like the plague, its the
>  > ternary operator!
>
>  I find it succinct for short evaluations... such as getting a $_GET
>  entry whether it exists or not.
>
>
>  Cheers,
>  Rob.
>  --
>  http://www.interjinn.com
>  Application and Templating Framework for PHP
>
>
>
>
> --
>  PHP General Mailing List (http://www.php.net/)
>  To unsubscribe, visit: http://www.php.net/unsub.php
>
>

You know... this topic hasn't been approached from the security angle
either.  Best practices indicates all output should be properly
escaped based on the context it is going to be used in.  So unless
that whole string is going to be escaped or a strong application level
filter using ext/filter is in place this should really be broken into
printf("Welcome %s",
htmlspecialchars(session::$user_info['user_name'], ENT_QUOTES));,
right?  ;D

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux