Hello, On Tue, Jan 20, 2009 at 11:47 AM, Stan Vassilev | FM <sv_for...@fmethod.com> wrote: > > Hi, > > I had a talk with Marcus, and he has agreed on this proposed solution: > > 1) SPL generates a pseudo-random session id/mask (for the current request, > do not confuse with $_SESSION), which consists of 32 random > bytes/characters. > 2) The object is and the handler pointer are used to create a unique > identifier for the object, by padding each pointer to 16 bytes and joining > them together. > 3) The resulting byte sequence is XOR-red with the session mask so the > object id/handler are not retrievable in userland, and the resulting > sequence/string is returned. > > This is better than spl_object_hash for two reasons: > > 1) no printf of numbers, no expensive md5 hashing, no hex conversion. > 2) no possible collisions > > Drawbacks: > > 1) might generate some non-printable chars after xor (but this wouldn't > matter for operation). The idea above can be tweaked to solve this. > > The "32-bit string" format is to preserve compatibility with > spl_object_hash, so it can replace it, instead of introducing a new similar > function. > > I've had no time to look further into this, but Marcus seems to like the > basic idea, so feel welcome...
Could you please provide an example, with code, in which this function would be necessary ? (i.e. where you can't use SplObjeccctStorage) Thanks. > > Regards, > Stan Vassilev > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > > > -- Etienne Kneuss http://www.colder.ch Men never do evil so completely and cheerfully as when they do it from a religious conviction. -- Pascal -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
