On Fri, Apr 25, 2008 at 12:44 PM, Eric Butera <eric.butera@xxxxxxxxx> wrote: > On Fri, Apr 25, 2008 at 2:36 PM, Robert Cummings <robert@xxxxxxxxxxxxx> > wrote: > > > > On Fri, 2008-04-25 at 12:25 -0600, Nathan Nobbe wrote: > > > On Fri, Apr 25, 2008 at 11:35 AM, Nick Stinemates < > nick@xxxxxxxxxxxxxx> > > > wrote: > > > > > > > On Fri, Apr 25, 2008 at 01:19:58PM -0400, Robert Cummings wrote: > > > > > > > > > > I don't see how the throwing everything and the kitchen sink into > double > > > > > quotes support caters to either of these groups. It strikes me, > and of > > > > > course that's who matters here >:), that it caters to the messy, > "I wish > > > > > I REALLY knew what I was doing", slovenly crowd. > > > > > > > > > > Just because a feature exists, doesn't mean you should use it! > > > > > > > > > > Cheers, > > > > > Rob. > > > > > -- > > > > > http://www.interjinn.com > > > > > Application and Templating Framework for PHP > > > > > > > > Agree, and couldn't imagine working with someones code where they > > > > liberally use these types of lazy things. I like structured, ordered > > > > code, and, somehow, using something like this technique doesn't seem > > > > structured or ordered. > > > > > > > > > to each his own; as i said personally, i consider those *more* > structured > > > than the concatenation operator, when they work ;) but anyway, i got > lured > > > into the argument for parsing variables and function calls in double > > > quotes. i have been arguing for the $className::$staticMember > > > > Well, I certainly don't have a problem with $className::$staticMember. > > But then, we ween't talking about that, were we! :) > > > > > > > i piggybacked into this conversation because of a lack of response on > a > > > previous post from this week. and just to pour gas on the fire, if > you guys > > > want to know a syntactic sugar feature i avoid like the plague, its > the > > > ternary operator! > > > > I find it succinct for short evaluations... such as getting a $_GET > > entry whether it exists or not. > > > > > > Cheers, > > Rob. > > -- > > http://www.interjinn.com > > Application and Templating Framework for PHP > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > You know... this topic hasn't been approached from the security angle > either. Best practices indicates all output should be properly > escaped based on the context it is going to be used in. So unless > that whole string is going to be escaped or a strong application level > filter using ext/filter is in place this should really be broken into > printf("Welcome %s", > htmlspecialchars(session::$user_info['user_name'], ENT_QUOTES));, > right? ;D > just to play devils advocate; it could still be crammed into double quotes, <?php class Session { public $users = array(); } class OutputEscaper { function escapeStuff($stuff) { return htmlspecialchars($stuff); } } $s = new Session(); $oe = new OutputEscaper(); $s->users['user_name'] = 'some dude'; echo "Hi {$oe->escapeStuff($s->users['user_name'])}\n"; ?> -nathan
