[Phpmyadmin-devel] Re: Re: Removing of grab_globals
phpmyadmin at supergarv.de
Thu Dec 8 01:50:01 CET 2005
> I thing automatically replacing most of occurrences (I guess that all
> except composed ones like used in server status) should not be a problem. I
> volunteer to do this if we decide to make some change.
How about using constants? They cannot be injected by users, and we would just
need to search + replace $strXXX with strXXX. AFAIK constants don't perform
slower than variables, possibly even faster because they can be cached by ByteOP
caches [at least I remember having heard that].
Using a function like Sebastian proposed (PMA_str()) would perform terribly
slow, when used a couple of times within the page, since getting functions
arguments, doing str_replace, calling another user space function etc. would
really take up many cycles.
++ Garvin Hicking | Web-Entwickler [PHP] | www.garv.in | ICQ 21392242
++ Developer of | www.phpMyAdmin.net | www.s9y.org
++ Make me happy | http://wishes.garv.in
More information about the Developers