On Wed, Sep 10, 2014 at 3:32 AM, Andrea Faulds <a...@ajf.me> wrote: > I initially thought that I’m not really against removing them really, but > I think we should have a script to convert them first. Because someone, > somewhere, is gonna need it. >
I have added a small script for porting prehistoric tags, see https://wiki.php.net/rfc/remove_alternative_php_tags#porting_tool But then I’ve thought more about it. I’m usually OK with certain BC breaks, > I just don’t like this specific one. It doesn’t affect me, but, well, I > don’t see the point. It doesn’t really help language consistency or > anything, (OK, sure, only two sets of delimeters now, but it’s not a big > deal like some other things are), and you’ll force people to update every > file in their codebase if they’re affected, assuming people who use > alternative tags use them everywhere. In the context of a recent discussion on this list about the nature of different BC break, this is the very best BC break that is possible. It is trivial to detect statically and it is trivial to fix statically. Nobody needs to "update every file in their codebase" manually. > There’s also a security issue here. If someone uses PHP 7 with a codebase > that has these alternative tags, your code is now visible to users instead > of the output, which might include configuration details like database > passwords or password hash salts. It’s also possible that people won’t > notice this is happening if they only used these alternative tags in a few > obscure places. > I am amenable to adding the asp_tags option to the http://lxr.php.net/xref/PHP_TRUNK/main/main.c#2339 list, which will trigger a fatal error on startup if it is enabled - that should make sure that anyone using those is aware of the problem (we can also add it to the deprecated list in 5.7, should we have such a release). Doesn't apply to <script> of course. Anyway, to me this seems like a no-brainer. Given the nature of the change (trivial to detect + fix) this is a lot safer than pretty much all the other BC breaks we've been talking about (like minor changes to integer semantics). If we can't do this change, then I don't think there is anything we *can* change. Nikita
