Hi,
I have been following the captcha pr for a while. And I still have my doubts about the approach. If we look at the example code given here it could have been wrapped in a psr-15 middleware implementation. As you need the request, get some information out of it, and either fail or continue.
I do understand your point about not having a vendor lock in your code base. So from that point of view I get it. However I'm not sure we need a psr for this particular topic.
I think others also suggested to make this a broader psr that covers validation. Which would make sense if we could standardize the input and output and the way errors are reported. But as the whole validation chain has a lot of opinions, I think you would have a very hard time to standardize that.
Neverless, I would like to praise you for all the work you did up til this far. I can see you are really willing and listening to others. I will keep following your progress.
--
You received this message because you are subscribed to the Google Groups "PHP Framework Interoperability Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to php-fig+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/php-fig/4e708808-cfd6-428d-85c0-16e3cad763e8n%40googlegroups.com.
Thanks again for taking the time to give us an answer. It just underlines my statement that your efforts to get this done are huge.
I was thinking again about your answer. And while reading I realized you have a point about the struggle we would have to come with an interface for request validation. It's a hairy topic. Because everyone is doing this in their own way. But that's exactly the point of a standard. It's not just the matter of getting things done. It's about the value it provides. The interface for a captcha seems to me a very small work field. While you could argue that that's a good point. I think interfaces that have a bigger focus are better in place. Not that the interface itself should be large, but the way it can be used should be brought. At least in a standard lib. Or it should focus on a very common problem.
The psr standards all focus on very common patterns in a web application. Everyone needs logging, service containers can be found everywhere, and there is literally no php application out there that doesn't do request response. That's why those deserve a psr. That's also why I think validation would be a very good candidate. Because validation is everywhere. .
For captcha this is a different story. While there are many captcha providers, not all applications use captcha. It's not a common pattern. It's a solution for a specific problem. So the amount of applications actually using it will be very limited. If the would even exist in the future. I think more and more companies are actually looking for a better way to validate their users are human.
I really tried to see the value. But I simply don't get it for this particular psr.
To view this discussion visit https://groups.google.com/d/msgid/php-fig/b6130465-ff8c-4d5c-aca1-83371622865fn%40googlegroups.com.