Actually my experience with optimizations is that 2+2 != 4, but that's
besides the point. And it also depends on a lot of other factors.
Benchmarks are not easy as they are dependent on many factors.
But in any case, we worked hard from day 1 to really componentize TSRM,
Zend and somewhat SAPI so
Andi Gutmans wrote:
Btw, I already mentioned this to Arnold but another options is DB2
Express-C (http://www-306.ibm.com/software/data/db2/express/) which has
XML support and is free (with few enough limitations to make it suitable
for a large variety of apps). ext/db2 supports it.
There are some
Hi Stas,
I used to think so, but my experience working with SVN on Framework shows
it's not that different, at least on the level I use it (and that'd be the
level most other people would use it I guess -
checkout/update/diff/commit). So if we talking learning curve, it's not
that different -
Stanislav Malyshev wrote:
>> Switching to subversion would mean a learning curve for some, and a
>> change of PHP development tools and practice for _everyone_ involved
>> in php.net. It's a major step, particularly at a time when people are
>
> I used to think so, but my experience working with
Switching to subversion would mean a learning curve for some, and a
change of PHP development tools and practice for _everyone_ involved in
php.net. It's a major step, particularly at a time when people are
I used to think so, but my experience working with SVN on Framework
shows it's not tha
Also keep in mind that the manual tweaks to the CVS repository over the
past 10+ years means we will likely lose commit history. Last time I
tried the conversion process over a year ago, the commit history was
completely hosed. We will eventually need to migrate, but we have to
recognize that it
Hey Lukas,
Also keep in mind that there are plenty of subprojects under cvs.php.net.
These tend to be a lot simpler on the branching/merging side. So maybe
these are good testing grounds to get some of the infrastructure for karma
management in place. And then once we start feeling comfortable
Ouf... Wez and I may have different ideas here, but we were both aiming to
keep it simple. That's because we both know that if it turns into a big
job/makes life more complicated for the dev team, nobody will find the time
or inclination to implement it anyway!
Switching to subversion would me
Andi Gutmans wrote:
Well I think Subversion the way it is today is already considerably
better. Just the directory versioning and the better performance would
already pay off in the PHP project.
No doubt that merge tracking is an added bonus but it's not exactly
applicable (yet) to the way we wor
Christian Schneider wrote:
Stut wrote:
It doesn't matter where the session ID comes from, the basic point is
that you have to trust it or implement some experience-degrading
mechanism like client certificates, and even there there are few
guarantees.
You want more info to be checked? Simply
Well I think Subversion the way it is today is already considerably
better. Just the directory versioning and the better performance would
already pay off in the PHP project.
No doubt that merge tracking is an added bonus but it's not exactly
applicable (yet) to the way we work in the project as we
I really don't think moving to subversion until they finish the merge
tracking code makes much sense. The only advantage pre-1.5 is slightly
better support for other tools that sit on top of it, but even there it
isn't a clear win. There are changeset trackers for CVS as well that
would be a lot
In general I think we should consider upgrading part of our
infrastructure. The only problem is that it takes a lot of time, energy
and devotion. And of course people need to be willing to get used to the
new way of doing things.
Foremost I think we could benefit from moving to SVN. We've had very
I'd go with (2) for BC sake and as breaking BC here would have very
little value in the first place.
Andi
> -Original Message-
> From: Antony Dovgal [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, May 29, 2007 2:26 AM
> To: php-dev
> Subject: [PHP-DEV] bitwise operations and Unicode strings
Btw, I already mentioned this to Arnold but another options is DB2
Express-C (http://www-306.ibm.com/software/data/db2/express/) which has
XML support and is free (with few enough limitations to make it suitable
for a large variety of apps). ext/db2 supports it.
There are some good links here: http
Hi Gal,
The guys from WSO2 are working on WS-* support for PHP. It's called
Axis2 (based on Apache Axis2/C) and you can find it at Pecl
http://pecl.php.net/package/axis2. I believe they are also trying to
make the API compatible with ext/soap.
Any feedback on this would be interesting to them of c
Wez - an update,
Still, this concept relies heavily on the idea that it's possible to append
generated text to a CVS commit message, and if it isn't - it won't work.
w00t :)
http://ximbiot.com/cvs/manual/cvs-1.12.13/cvs_18.html#SEC191
- Steph
--
PHP Internals - PHP Runtime Development Mai
On 5/29/07, Steph Fox <[EMAIL PROTECTED]> wrote:
This could work, except of course we don't have any such thing as 'a
maintenance ticket' or a way to set priority to 'merge'. It's kind of the
opposite way around to the way the PHP bug system works... and it
probably
would be a pain to have it a
On 5/29/07, Steph Fox <[EMAIL PROTECTED]> wrote:
This could work, except of course we don't have any such thing as 'a
maintenance ticket' or a way to set priority to 'merge'. It's kind of the
opposite way around to the way the PHP bug system works... and it probably
would be a pain to have it as
Wez,
This could work, except of course we don't have any such thing as 'a
maintenance ticket' or a way to set priority to 'merge'. It's kind of the
opposite way around to the way the PHP bug system works... and it probably
would be a pain to have it as part of an open system (in the sense that
Maybe I'm just confused (well, I'm always confused...) but if a Class
has multiple children, how the heck would PHP know which child:: to
call?...
On Sat, May 26, 2007 5:48 pm, Ken Stanley wrote:
> Hi all!
>
> I've been researching the current status of late static binding, and I
> came
> across t
According to the plan below, attached is the patch that restricts user
streams from executing dangerous operations inside include context.
Please comment.
Forgot to mention - the patch is against HEAD and does not include
changing names of INI/structure fields, though it might be a good idea t
According to the plan below, attached is the patch that restricts user
streams from executing dangerous operations inside include context.
Please comment.
I think the problem could be solved this way:
0. allow_url_include and allow_url_fopen renamed to
allow_remote_include and allow_remote_fop
On Tue, May 29, 2007 4:25 am, Antony Dovgal wrote:
> Hello.
>
> Do you think the engine should support bitwise operators and Unicode
> strings?
> If yes, how do you think it should work?
>
> Example:
> $a = "1";
> $a|="2";
> var_dump($a);
> ?>
>
> This code outputs "3" in native mode and "Fatal
Hi Wez,
As you said, it's pretty straightforward to handle bugs this way, but
a pain to open a ticket for every little maintenance job. We solve
that problem by opening up a maintenance ticket per milestone (eg:
X.Y.Z release maintenance ticket) and use that as a catch all for
those misc commit
We use trac as an engineering ticketing system; we open tickets to
track things that need doing, be they bug fixes, enhancements or other
maintenance work.
We require that every commit to portions of the repos that contain
code reference a ticket number in trac, and reject commits that don't.
As
On Tue, May 29, 2007 12:04 pm, Stut wrote:
> Hi all,
>
> Just wanted to get your opinion on a discussion currently going on on
> the general list.
>
> Why does the PHP session extension not use something like the user
> agent
> to validate that a session ID has not been hijacked? Or is this
> som
Yes, and the binaries are generated on the same box as the windows releases.
--Wez.
On 5/29/07, Richard Quadling <[EMAIL PROTECTED]> wrote:
Isn't PECL4WIN "official"? It's on the php.net domain.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/
We use doxygen for the developer portions of our customer facing
manual. The trick is to have it output xml and then massage that to
fit into docbook.
--Wez.
On 4/25/07, Antony Dovgal <[EMAIL PROTECTED]> wrote:
Doxygen (which seems to be uses by the majority of F/OSS projects) generates
compl
I'm not sure that that is 100% correct, but don't know the real
reasons, so won't comment further.
I apologize if I'm making this sound more mysterious than it really is.
The bottom line is that Sleepycat have an extension for that stuff,
and you should ask them about getting it into PECL.
--Wez
On the contrary, George and myself did; you should be able to obtain
it from Sleepycat.
--Wez.
On 5/29/07, Ilia Alshanetsky <[EMAIL PROTECTED]> wrote:
The reason is quite simple, no one had written such an extension.
On 29-May-07, at 6:36 PM, Arnold Daniels wrote:
> Hi,
>
> What is the reaso
Hello Arnold,
it is a license problem. Sleepycat (nowadays Oracle) wasn't willing to
have that stuff in PECL because they were financing it's development.
best regards
marcus
Wednesday, May 30, 2007, 12:36:31 AM, you wrote:
> Hi,
> What is the reason that the PHP extension for berkeley db XM
Emil Ivanov wrote:
> class C1 {}
> class C2 extends C1 {}
>
> abstract class Work1 {
> public function f1(C1 $c);
> }
>
> class Work2 extends Work1 {
> public function f1(C2 $c);
> }
Strange thing is I don't get any error message here, although there definitely
should be one.
PHP 5.2.2-pl1-gen
One more patch: a php file to generate rss feeds for pecl4win releases.
It can list all files or all files for a given php branch.
The base rss code is taken from pecl rss.
It assumes that for every extension and php branch, there is only one
file in the db (ie. not many builds corresponding to
Hello Emil,
learn inheritance rules!
And besides PHP follows strict is_a rules.
Even if PHP weren't following strict is_a rules:
Every Work2 is a Work1 so and so any place that uses with Work1 objects
can take Work2 objects. Now "$o->f1($c);" might be using a $o being a
work1 or a work2. That m
The reason is quite simple, no one had written such an extension.
On 29-May-07, at 6:36 PM, Arnold Daniels wrote:
Hi,
What is the reason that the PHP extension for berkeley db XML
hasn't made it into PHP (distro, pecl, manual)? Currently there
only a short howto deep down in an oracle FAQ
I'll try get straight to the point:
class C1 {}
class C2 extends C1 {}
abstract class Work1 {
public function f1(C1 $c);
}
class Work2 extends Work1 {
public function f1(C2 $c);
}
This code violates the LSP (*) - if you have object $X of type C1, you
can call $work1->f1($X) but not $work2->
Hi,
What is the reason that the PHP extension for berkeley db XML hasn't made it
into PHP (distro, pecl, manual)? Currently there only a short howto deep down
in an oracle FAQ and very limited documentation. I think that is unfortunate,
because using an XML db instead of a relational db, could
Hi,
I'll try get straight to the point:
class C1 {}
class C2 extends C1 {}
abstract class Work1 {
public function f1(C1 $c);
}
class Work2 extends Work1 {
public function f1(C2 $c);
}
Here I get an an error regarding the prototype missmatch.
Wouldn't it be nice to be able to tighted the requ
On May 8, 2007, at 2:59 PM, Philip Olson wrote:
Hi all, just wanted to give you a heads-up that I'm still working
on this project; it took me awhile to get the tools properly set
up, but I'm plugging away at DocBook XML now, and I'll have a few
patches to send in soon, I think. Thanks for al
Hi Ilia,
On 5/28/07, Ilia Alshanetsky <[EMAIL PROTECTED]> wrote:
Pierre,
That sounds like a great idea, my only request is that this change be
done after then 5.2.3 release.
Perfect, I will merge once 5.2.3 is out.
--Pierre
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscr
Stut wrote:
It doesn't matter where the session ID comes from, the basic point is
that you have to trust it or implement some experience-degrading
mechanism like client certificates, and even there there are few
guarantees.
You want more info to be checked? Simply add a variable containing
u
The session store is just a session store. It is not a
login/authentication mechanism and thus doesn't have any of the
protections you might want to add to that. Therefore a separate
authentication cookie is needed that can separate the two concepts
I don't see how it's "therefore". Yes, sessi
Robert Cummings wrote:
On Tue, 2007-05-29 at 21:11 +0100, Stut wrote:
Rasmus Lerdorf wrote:
Stanislav Malyshev wrote:
The session store is just a session store. It is not a
login/authentication mechanism and thus doesn't have any of the
protections you might want to add to that. Therefore a
Stut wrote:
> Rasmus Lerdorf wrote:
>> Stanislav Malyshev wrote:
The session store is just a session store. It is not a
login/authentication mechanism and thus doesn't have any of the
protections you might want to add to that. Therefore a separate
authentication cookie is need
I'm still unclear on how you validate that the authentication cookie
came from the same client machine as the one the application first sent
it to, which was the core of my question.
The answer seems to be that you can't do it reliably.
As far as I understand, no, you can't, unless you have s
On Tue, 2007-05-29 at 21:11 +0100, Stut wrote:
> Rasmus Lerdorf wrote:
> > Stanislav Malyshev wrote:
> >>> The session store is just a session store. It is not a
> >>> login/authentication mechanism and thus doesn't have any of the
> >>> protections you might want to add to that. Therefore a sepa
Because you don't have full control over the session cookie since it is
generated by PHP. For an authentication cookie you want to layer other
application-specific checks on top of it.
Could you give an example of such checks?
--
Stanislav Malyshev, Zend Products Engineer
[EMAIL PROTECTED] htt
Rasmus Lerdorf wrote:
Stanislav Malyshev wrote:
The session store is just a session store. It is not a
login/authentication mechanism and thus doesn't have any of the
protections you might want to add to that. Therefore a separate
authentication cookie is needed that can separate the two conce
Stanislav Malyshev wrote:
>> The session store is just a session store. It is not a
>> login/authentication mechanism and thus doesn't have any of the
>> protections you might want to add to that. Therefore a separate
>> authentication cookie is needed that can separate the two concepts
>
> I do
Stanislav Malyshev wrote:
>>> You really want a separate and distinct signed authentication cookie
>>> that has nothing to do with the session. The stored session should
>>> indicate which logged in user the session belongs to, but it should
>>> never ever be used as the sole authentication cookie
On 29 May 2007, at 7:16 PM, Rasmus Lerdorf wrote:
Stut wrote:
Hi all,
Just wanted to get your opinion on a discussion currently going on on
the general list.
Why does the PHP session extension not use something like the user
agent
to validate that a session ID has not been hijacked? Or is
The basic question is... is there any way to validate that a session ID
coming from the client is coming from the same client?
I'm afraid since there's no way (well, except for described below :) to
uniquely and securely identify the clients I don't see how you could do
that. You could use cli
On 29.05.2007 23:04, Marcus Boerger wrote:
Hello Antony,
so depending on the operator I either have no types or strict typing even
though I cannot see/know what I have? That is far from KISS.
You should have told that to the person who wrote this code, not me.
And I believe you're at least 7
You really want a separate and distinct signed authentication cookie
that has nothing to do with the session. The stored session should
indicate which logged in user the session belongs to, but it should
never ever be used as the sole authentication cookie. That's what I
meant by a separate auth
Rasmus Lerdorf wrote:
You really want a separate and distinct signed authentication cookie
that has nothing to do with the session. The stored session should
indicate which logged in user the session belongs to, but it should
never ever be used as the sole authentication cookie. That's what I
m
Robert Cummings wrote:
> On Tue, 2007-05-29 at 11:14 -0700, Rasmus Lerdorf wrote:
>> Robert Cummings wrote:
>>> On Tue, 2007-05-29 at 10:16 -0700, Rasmus Lerdorf wrote:
Stut wrote:
> Hi all,
>
> Just wanted to get your opinion on a discussion currently going on on
> the general
so depending on the operator I either have no types or strict typing even
though I cannot see/know what I have? That is far from KISS.
Using bitwise operators on string is far from anything, so I see no real
way to make it obvious, since the operation itself is very non-obvious.
--
Stanislav
Hello Antony,
so depending on the operator I either have no types or strict typing even
though I cannot see/know what I have? That is far from KISS.
best regards
marcus
Tuesday, May 29, 2007, 5:37:55 PM, you wrote:
> On 29.05.2007 19:30, Richard Quadling wrote:
>> As PHP is loosely typed, "1"
On Tue, 2007-05-29 at 11:14 -0700, Rasmus Lerdorf wrote:
> Robert Cummings wrote:
> > On Tue, 2007-05-29 at 10:16 -0700, Rasmus Lerdorf wrote:
> >> Stut wrote:
> >>> Hi all,
> >>>
> >>> Just wanted to get your opinion on a discussion currently going on on
> >>> the general list.
> >>>
> >>> Why doe
Robert Cummings wrote:
> On Tue, 2007-05-29 at 10:16 -0700, Rasmus Lerdorf wrote:
>> Stut wrote:
>>> Hi all,
>>>
>>> Just wanted to get your opinion on a discussion currently going on on
>>> the general list.
>>>
>>> Why does the PHP session extension not use something like the user agent
>>> to va
On Tue, 2007-05-29 at 10:16 -0700, Rasmus Lerdorf wrote:
> Stut wrote:
> > Hi all,
> >
> > Just wanted to get your opinion on a discussion currently going on on
> > the general list.
> >
> > Why does the PHP session extension not use something like the user agent
> > to validate that a session ID
Stut 写道:
Hi all,
Just wanted to get your opinion on a discussion currently going on on
the general list.
Why does the PHP session extension not use something like the user
agent to validate that a session ID has not been hijacked? Or is this
something that just hasn't been implemented yet?
Stut wrote:
> Hi all,
>
> Just wanted to get your opinion on a discussion currently going on on
> the general list.
>
> Why does the PHP session extension not use something like the user agent
> to validate that a session ID has not been hijacked? Or is this
> something that just hasn't been impl
On 29.05.2007 21:04, Stut wrote:
Hi all,
Just wanted to get your opinion on a discussion currently going on on
the general list.
Why does the PHP session extension not use something like the user agent
to validate that a session ID has not been hijacked? Or is this
something that just hasn'
Hi all,
Just wanted to get your opinion on a discussion currently going on on
the general list.
Why does the PHP session extension not use something like the user agent
to validate that a session ID has not been hijacked? Or is this
something that just hasn't been implemented yet?
-Stut
-
Here's one more little patch: add extension name and link to pecl site on
the pecl4win page listing a single extension (the underlying assumption is
files are named after extensions...)
--- ext.phpTue May 29 17:40:20 2007
+++ ext2.phpTue May 29 17:41:25 2007
@@ -7,7 +7,17 @@
$args = expl
As PHP is loosely typed, "1"==1 is fine.
Is it that with Unicode, this looseness is gone?
On 29/05/07, Pierre <[EMAIL PROTECTED]> wrote:
Hi,
On 5/29/07, David Coallier <[EMAIL PROTECTED]> wrote:
> On 5/29/07, Antony Dovgal <[EMAIL PROTECTED]> wrote:
> > Hello.
> >
> > Do you think the engine
On 29.05.2007 19:30, Richard Quadling wrote:
As PHP is loosely typed, "1"==1 is fine.
Right, but that's not true for bitwise operators.
Try this:
$a = 111;
$a |= 50;
var_dump($a);
?>
and this
$a = "111";
$a |= "50";
var_dump($a);
?>
OR is applied to _characters_ of the string.
Hence I
Hi,
On 5/29/07, David Coallier <[EMAIL PROTECTED]> wrote:
On 5/29/07, Antony Dovgal <[EMAIL PROTECTED]> wrote:
> Hello.
>
> Do you think the engine should support bitwise operators and Unicode strings?
> If yes, how do you think it should work?
>
> Example:
> $a = "1";
> $a|="2";
> var_dump($a)
Sorry about the poor choice of words.
"Official" === Got a version number and can be downloaded on pecl.php.net
Take APC as an example:
latest pecl version = 3.0.14, released on 2007/04/02
latest cvs version = files apc_shm.h and apc_rfc1867.c, 6 days ago
pecl4win version = compiled on 2007-05-29
On 5/29/07, Richard Quadling <[EMAIL PROTECTED]> wrote:
Isn't PECL4WIN "official"? It's on the php.net domain.
" the official pecl package releases", you missed the word "releases" :)
I do think that having DLLs based on the releases (like zip-1.8.10 for
example) would be a very good thing. I'
On 5/29/07, Antony Dovgal <[EMAIL PROTECTED]> wrote:
Hello.
Do you think the engine should support bitwise operators and Unicode strings?
If yes, how do you think it should work?
Example:
This code outputs "3" in native mode and "Fatal error: Unsupported operand
types" in Unicode mode.
I bel
Isn't PECL4WIN "official"? It's on the php.net domain.
On 29/05/07, Gaetano Giunta <[EMAIL PROTECTED]> wrote:
As a side note: does anyone think that providing on pecl4win compiled
versions corresponding to the official pecl package releases besides the
"compiled from cvs" versions would be a g
As a side note: does anyone think that providing on pecl4win compiled
versions corresponding to the official pecl package releases besides the
"compiled from cvs" versions would be a good idea?
Bye
Gaetano
On 5/29/07, Richard Quadling <[EMAIL PROTECTED]> wrote:
My post about SNAPS and PECLS a
My post about SNAPS and PECLS a little while ago seems relevant to this.
As a windows user, I have to rely on pre-compiled binaries.
It was/is my understanding that SNAPS would provide me with most
currently succesfully compiled PHP, with some extensions built in and
some extensions for my ext d
Hi.
If you take the extensions in
http://snaps.php.net/win32/php5.2-win32-200705291230.zip (has 45
extensions) and in
http://snaps.php.net/win32/pecl5.2-win32-200705291230.zip (has 77
extensions). They are all dated the same datetime and are not
duplicated, so an extension is in 1 of the archives
I've attached the patch for this.
On 25/05/07, Gaetano Giunta <[EMAIL PROTECTED]> wrote:
Please find here: http://gggeek.altervista.org/sw/pecl4win.zip a
slightly improved version of the pecl4win pages:
+ allow sorting of columns in the DLLs page
+ more descriptive titles in the extensions list
Hello.
Do you think the engine should support bitwise operators and Unicode strings?
If yes, how do you think it should work?
Example:
$a = "1";
$a|="2";
var_dump($a);
?>
This code outputs "3" in native mode and "Fatal error: Unsupported operand
types" in Unicode mode.
I believe this is an
Hello Developers,
I'll appreciate your answer to the following questions:
1) What standard modules in PHP enable to move large amount of data over
a SOAP response (I know about DIME support)?
2) Is there a plan to support MTOM in PHP?
Thank you in advance,
Gal
--
PHP Internals - PHP Runtime D
80 matches
Mail list logo
