Hi, The only valid reason for removing <?php from PHP script would be security.
Since the null byte detection for fopen, remote/local script inclusion became much harder than before. However, it's still possible and very easy compare to other languages. Script execution is critical security problem and it's worth to make it better. If there is a switch that turns off PHP's template engine nature, PHP could be more secure than now. php.ini template_mode = on ; INI_ALL On by default php -t foo.php # template mode by default php -T foo.php # template mode off People has option to make their code a little secure than now or stick with current behavior. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net 2012/4/7 Tom Boutell <t...@punkave.com>: > Now that the flamewar has died down a little I'd like to try to have a > civil discussion about this idea - *without* my admittedly > inflammatory suggestion to kill <?php altogether. > > So here is what I am seriously suggesting: > > * The default behavior doesn't change. The parser starts out in HTML mode. > > * If the CLI sees a .phpc file extension, the parser starts out in PHP > mode (no opening <?php is required). It is still possible to shift > into HTML mode after that with ?>. > > * If a require/include statement sees a .phpc file extension, the > parser starts out in PHP mode. > > * If mod_php and FPM are able to see the path (I'm honestly not sure > if they can or not), they look for .phpc as their indication to start > out in PHP mode. If that's not possible then new options are defined > to allow Apache to be configured to tell mod_php and/or FPM to do the > right thing based on mime types etc. > > This way .php continues to behave exactly as it does today, and can > interoperate smoothly with code that uses .phpc. .phpc can require > .php and vice versa. They are friends. > > Thoughts? > > -- > Tom Boutell > P'unk Avenue > 215 755 1330 > punkave.com > window.punkave.com > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
