[Phpmyadmin-devel] Re: deglobalization started
Marc Delisle
Marc.Delisle at cegepsherbrooke.qc.ca
Sun Dec 11 16:19:03 CET 2005
Sebastian Mendel a écrit :
> Marc Delisle schrieb:
>
>> Michal Čihař a écrit :
>>
>>> Hi
>>>
>>> On Sun, 11 Dec 2005 08:52:04 -0500
>>> Marc Delisle <Marc.Delisle at cegepsherbrooke.qc.ca> wrote:
>>>
>>>
>>>> please look at my commit for sql.php, revision 2.76. I have just
>>>> changed $goto by $_REQUEST['goto']. Is this the way we want to take?
>>>>
>>>> It's a bit weird for me to use $_REQUEST['goto'] on the left side of
>>>> an assignment, but anyway tell me your comments so I can continue :)
>>>
>>>
>>>
>>> Yes it is weird and IMHO we should avoid it - clean up goto at start
>>> and put it in local namespace.
>>>
>>
>> Michal,
>> this is why in my "globals" previous message, I was asking "everywhere
>> in the code, replace the variables...". Everywhere means everywhere :)
>>
>> I remember that in 2005-02, you were suggesting to fetch the variable
>> from $_REQUEST and then set it in global space, so we would be using
>> $goto everywhere, except for the first time in a script. This is
>> still your opinion?
>>
>> Personally I would go like you suggested in 2005-02, (it's less job to
>> modify all the scripts, and the weird left assignment would be gone)
>> but I have a small regret: this way we don't see the origin of $goto.
>>
>> Maybe later, we could rename all variables that come from an external
>> source, like $request_goto or something like that.
>>
>> Anyway I'll commit the changes today or tomorrow.
>
>
> but $goto i special, $goto is not always coming from $_REQUEST
>
> we should differ between $goto and $_REQUEST['goto']
>
> common.inc.php should check $_REQUEST['goto'] against a whitelist and
> set $goto
>
> $_REQUEST['goto'] is one of this varaibles that should be globally
> handled by common.inc.php like $_REQUEST['server'], $_REQUEST['db'],
> $_REQUEST['table'], $_REQUEST['lang'], ...
>
>
>
Ok I see.
However it's currently more difficult to deal with this, because of this
bug:
https://sourceforge.net/tracker/index.php?func=detail&aid=1375752&group_id=23067&atid=377408
many parameters on the URL are now missing, like server, goto...
I just merged a small patch to tbl_properties_links.inc.php, have a look
and comment.
Marc
More information about the Developers
mailing list