Page 1 of 1
When the hell php naming normalizes ?
Posted: Tue Dec 28, 2010 11:45 am
by jankidudel
PHP has very good arsenal of funcions, but who named them ?
Example: strip_tags , stripslashes ? why 1 function is separated & second isn't ?
And, can someone explain me why in this function there is so many filtering, i think half of them isn't necessary.
Code: Select all
function filter($data) {
$data = trim(htmlentities(strip_tags($data)));
if (get_magic_quotes_gpc())
$data = stripslashes($data);
$data = mysql_real_escape_string($data);
return $data;
}
Re: When the hell php naming normalizes ?
Posted: Tue Dec 28, 2010 12:02 pm
by alex.barylski
PHP suffers from an adhoc development approach, at least it did, things probably have improved somewhat since day one.
Cheers,
Alex
Re: When the hell php naming normalizes ?
Posted: Tue Dec 28, 2010 11:39 pm
by josh
That filter() function you post really has nothing to do with PHP, as in its not a built in function. You'd have to ask whoever wrote it. Although I can say GPC magic quotes was a feature that "magically" escaped things, so it looks like the developer checks if this is enabled before manually escaping a value.
Re: When the hell php naming normalizes ?
Posted: Wed Dec 29, 2010 1:41 am
by Christopher
jankidudel wrote:PHP has very good arsenal of funcions, but who named them ?
Example: strip_tags , stripslashes ? why 1 function is separated & second isn't ?
Many PHP's function names simply follow the underlying library's naming. That follows PHP Share Nothing philosophy which unlike other language (Java being a prime example) does not recreate everything with pleasing names. PHP just uses existing subsystems assuming that their builders knew better -- hence the "good arsenal."
jankidudel wrote:And, can someone explain me why in this function there is so many filtering, i think half of them isn't necessary.
There is a reason for every line in that function. It is sort of a primer in PHP web security for MySQL database values.
