Re: [PHP-DEV] GSOC Idea, RPC Server

Thu, 19 Mar 2009 04:46:27 -0700 

2009/3/19 mike <mike...@gmail.com>:
> On Wed, Mar 18, 2009 at 10:55 PM, Cesar D. Rodas <sad...@gmail.com> wrote:
>
>> In the presentation with Gearman you have a C extension for PHP, and
>> you code the daemon itself in PHP. My idea it's different. Let's put
>> it simple. I am planning code a server (similar to a web server,
>> Apache) written in C or C++ that contains PHP embed (or its own SAPI),
>> with an efficient protocol (no xml, no http) to call PHP functions
>> that he contains. The protocol probably would use my binary
>> serialization class and submit objects
>> (http://www.phpclasses.org/browse/package/5242.html) but I don't know
>> yet.
>
> So basically a php executable daemon you could connect to and if it
> was plaintext protocol type:
>
> <?php
> echo "hi";
> ?>
>
> and it would execute?
No, i.e The master process send to every worker (only the master can send code).
<?php

function send_email($to,$subject,$text) {
     mail($to,$subject,$text);
     return 5;
}

phpserver::export("send_mail");

?>

And a client can execute it by:
<?php
phpserver::add_worker("x.x.x.x:0");

$return = rpc("send_email","f...@bar","example subject","example text");
#$return would be 5.

?>
>
>> In typical installation you would have many workers, and one "master"
>> that will be a mere php application with web interface probably that
>> would submit PHP code to the workers. The code will be raw PHP, I mean
>> no special API would be needed to export any function, my goal it's
>> keep it simple to migrate.
>>
>> The final client wouldn't connect to the master, they will have a pull
>> of worker and they will pick up one randomly (as many people does with
>> memcached).
>>
>> Is it clear enough?
>
> I think so. Although I'm not quite sure I see the need for it, when
> solutions like Gearman exist and are already built-in with many
> features like transactions (I believe it's in there) and
> first-come-first-serve and possible all-workers-execute mentalities...
> why not leverage the Gearman's projects learnings and now newfound
> speed in C...?
>
> To me this sounds like a possible security hole as someone could write
> a client to basically execute arbitrary PHP on any server, if I
> understood it right.
>



-- 
Cesar D. Rodas
http://cesar.la/
Phone: +595-961-974165
E. B. White  - "Be obscure clearly."

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to