[Phpmyadmin-devel] Re: deglobalization started

Sebastian Mendel lists at sebastianmendel.de
Sun Dec 11 15:07:02 CET 2005

Marc Delisle schrieb:
> Michal Čihař a écrit :
>> Hi
>> On Sun, 11 Dec 2005 08:52:04 -0500
>> Marc Delisle <Marc.Delisle at cegepsherbrooke.qc.ca> wrote:
>>> please look at my commit for sql.php, revision 2.76. I have just 
>>> changed $goto by $_REQUEST['goto']. Is this the way we want to take?
>>> It's a bit weird for me to use $_REQUEST['goto'] on the left side of 
>>> an assignment, but anyway tell me your comments so I can continue :)
>> Yes it is weird and IMHO we should avoid it - clean up goto at start
>> and put it in local namespace.
> Michal,
> this is why in my "globals" previous message, I was asking "everywhere 
> in the code, replace the variables...". Everywhere means everywhere :)
> I remember that in 2005-02, you were suggesting to fetch the variable 
> from $_REQUEST and then set it in global space, so we would be using 
> $goto everywhere, except for the first time in a script.  This is still 
> your opinion?
> Personally I would go like you suggested in 2005-02, (it's less job to 
> modify all the scripts, and the weird left assignment would be gone) but 
> I have a small regret: this way we don't see the origin of $goto.
> Maybe later, we could rename all variables that come from an external 
> source, like $request_goto or something like that.
> Anyway I'll commit the changes today or tomorrow.

but $goto i special, $goto is not always coming from $_REQUEST

we should differ between $goto and $_REQUEST['goto']

common.inc.php should check $_REQUEST['goto'] against a whitelist and 
set $goto

$_REQUEST['goto'] is one of this varaibles that should be globally 
handled by common.inc.php like $_REQUEST['server'], $_REQUEST['db'], 
$_REQUEST['table'], $_REQUEST['lang'], ...


More information about the Developers mailing list