RE: [PHP-DEV] PHP 4.0 Bug #6625 Updated: htmlspecialchars should escape "'" character From: Colin Viebrock (colin <email protected>)
Date: 09/11/00

> But you *are* an infantile moron. In what other manner should I treat you?

Why has this turned into a personal crusade for you? You claim yourself
that the bug/feature doesn't even affect you. So get over it already.

> Well done! You have taken one of the best-written pages in the entire
> PHP manual, and made it worse. You have broken the ability to improve
> PHP in the future, and it doesn't even make sense anymore. An excellent
> day's work.

It was actually one of the other PHP developers who was following this
thread
that decided to change the manual entry, not me. I'll pass on your praise
to him.

> You must change your code because it is buggy. Just because, by chance,
> it has worked so far, doesn't mean it is not buggy. You don't have to,
> of course - you could choose to stick with buggy code. I really couldn't
> care either way; so far as I'm aware I don't have to use your broken code.
>
> > and relies on a *well* documented feature
>
> I agree it is well documented! (Well it was, until you got your
> hands on the
> manual.) The feature you are relying on is well documented *not to exist*.

What are you talking about? "Well documented *not to exist*?" That makes
absolutely no sense. The feature I am relying on is for HTMLSpecialChars()
to translate only the 4 character entities listed.

> Just the same as I do now. Just exactly what part of "it is not my issue"
> do you not understand?

The part where you feel the need to attack me personally. Even more so when
you say that this bug/feature doesn't even affect you.

My scripts work fine now, and yours always did. So that settles that.

> That is over-simplified to the extent that it is untrue. What role do
> you think documentation has to play?

An important part. That is why the documentation and source code are now
in sync.

> It might equally (more likely, perhaps, given that it is the shell comment
> character that has been disabled) *cause* the ability to run
> malicious code.

Fine. Post a bug report if it does.

> If the PHP team even slightly gave a damn about this sort of thing, then
> they would invent and document a naming scheme for in-built functions.

Obviously you have issues with more than just this particular bug/feature
request. Join the dev mailing list and spout your vitriol there.

> Almost every single thing that has been added to PHP for the last
> <x> years
> (except for the Zend core itself) breaks existing code and adds little
> functionality that couldn't be added in a user's code. By your argument,
> all work on PHP should be stopped.

Now you are being completely simplistic and plain idiotic. PHP3 scripts
are something like 99% compatable with PHP4.

> I'm sorry, but as only one person against what seems to be a
> horde of morons
> with CVS write access, I fear the small good I could do would be
> lost amongst
> the continuing damage caused by the rest of you lot.

Yeah, you're right. Please, take the existing code base for PHP4 and
fork off. I don't think you'll be satisfied until the code works
exactly the way you like.

> You can close the conversation, but ignoring it won't close the issue.
> The only way you can do that is by fixing it. I don't care - I'm through
> trying to talk sense to people too stupid to even recognise it.

Glad to hear it.

Well then, I guess the issue will be open until one of the other stupid,
moron PHP developers is convinced by your enlightened arguments that things
need to change. I'll CC them on this, just to make sure they've heard you.

Good luck.

- Colin 

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>