On Monday, December 05, 2011 11:21 AM, Laruence wrote:
Hi:
I think we can only trigger notice, then act the same behavior as
before. include isset.
this would introduce the fewest bc breaks,
I think the isset behavior should be fixed (as the BC will be broken
anyway with deferenced stri
Hi:
I think we can only trigger notice, then act the same behavior as
before. include isset.
this would introduce the fewest bc breaks,
what do you think?
thanks
On Mon, Dec 5, 2011 at 7:25 AM, Alan Knowles wrote:
> A few answers...
>
> $s = "string"; isset($s['offset']) returns fals
Hi Stats,
2011/12/4 Stas Malyshev :
> Hi!
>
>
>> If we care about binary API compatibility, how about make
>>
>> PS_MOD_SID2/PS_MOD_FUNCS_SID2
>>
>> macros? Then we can forget about ABI.
>
>
> I'm sorry, I don't understand how any macros would help anything. Adding
> stuff to the structure would b
2011/12/4 Johannes Schlüter
> On Sun, 2011-12-04 at 00:08 +0800, Alan Knowles wrote:
> > This patch is a start.
> >
> https://bugs.php.net/patch-display.php?bug_id=60362&patch=first_effort_to_fix_this&revision=latest
> >
> > It's been quite a while since I hacked on the engine, so the patch only
A few answers...
$s = "string"; isset($s['offset']) returns false
This is pretty critical, as it's the only way to detect this situation,
and ensure that array tests do not return positive results for strings.
It also catches an obvious, but previously hidden and probably serious
bugs in the
Just an idea: it would interesting to have the optimisation running
concurrently, to update the opcode cache with an optimised version, taking
all the time it is needed for strong optimisations. If the optimisation is
not ready for the first request it will be later when the optimisation is
comple
I see your point about optimization being time consuming and the
penalty being greater if you're not using a bytecode cache. But that's
a reason to make it optional, not a reason to couple it with a
specific bytecode cache so it can't be used with others.
As for optimization not accomplishing all
Hi:
I have submit a new patch based on the origin patch, which only
trigger notice when string offset cast occurred.
thanks
On Sun, Dec 4, 2011 at 10:25 PM, Laruence wrote:
> +1.
>
> thanks.
>
> On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote:
>> On Sat, Dec 3, 2011 at 5:08 PM, Alan K
Ignore this patch for now, I'll get these issues addressed and I also want to
improve the performance a bit.
Felipe, I'll check out those failing tests, I found the CODING_STANDARDS doc
and will read it.
With regards to performance, I'm creating the __getHours string on each
invocation. I se
While it might seem like a good idea to put something like this into
APC it really just creates more problems than it is worth. I belive it
was removed for that very reason; because it was making it difficult
to distinguish opcode cache errors from optimizer errors.
There was an attempt to move th
On Sun, 2011-12-04 at 00:08 +0800, Alan Knowles wrote:
> This patch is a start.
> https://bugs.php.net/patch-display.php?bug_id=60362&patch=first_effort_to_fix_this&revision=latest
>
> It's been quite a while since I hacked on the engine, so the patch only
> works reasonably well.. (see the FIXME
On Mon, Dec 5, 2011 at 12:39 AM, Etienne Kneuss wrote:
> Hi,
>
> On Sun, Dec 4, 2011 at 15:25, Laruence wrote:
>>
>> +1.
>>
>> thanks.
>>
>> On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote:
>> > On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote:
>> >
>> >> I've had a look at making string
Hi,
On Sun, Dec 4, 2011 at 15:25, Laruence wrote:
> +1.
>
> thanks.
>
> On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote:
> > On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote:
> >
> >> I've had a look at making string offsets of strings a bit saner.
> >>
> >> At present with the fix for
2011/12/4 Felipe Pena :
> Hi,
>
> 2011/12/4 Clint M Priest :
>> Updated patch w/o white-space:
>> http://www.clintpriest.com/patches/accessors_v1.patch
>>
>> In the end it is a relatively simple patch. The new syntax effectively
>> creates internal functions on the object and the system looks fo
Hi,
2011/12/4 Clint M Priest :
> Updated patch w/o white-space:
> http://www.clintpriest.com/patches/accessors_v1.patch
>
> In the end it is a relatively simple patch. The new syntax effectively
> creates internal functions on the object and the system looks for those
> functions and calls the
hi,
Please attach the patch (and any future version) to the RFC and to
https://bugs.php.net/bug.php?id=49526, so it won't be lost if your
sever goes down.
Thanks!
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP Internals - PHP Runtime Development Mailing List
To
Hi,
why not creating a more function like syntax for this feature. In my
opinion it looks more cleaner particularly when using more than one line
in a setter or getter. The other thing is that you can use type hints
with this syntax.
As example:
class Foo {
private $bar;
public se
+1.
thanks.
On Sun, Dec 4, 2011 at 10:05 PM, Ferenc Kovacs wrote:
> On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote:
>
>> I've had a look at making string offsets of strings a bit saner.
>>
>> At present with the fix for array dereferencing : ?search=hello and a
>> test like isset($_GET['se
Updated patch w/o white-space:
http://www.clintpriest.com/patches/accessors_v1.patch
In the end it is a relatively simple patch. The new syntax effectively creates
internal functions on the object and the system looks for those functions and
calls them at the appropriate time.
Example:
class
On Sat, Dec 3, 2011 at 5:08 PM, Alan Knowles wrote:
> I've had a look at making string offsets of strings a bit saner.
>
> At present with the fix for array dereferencing : ?search=hello and a
> test like isset($_GET['search']['name']) results in true, which is has
> potential security problems
Hi,
2011/12/4 Alan Knowles :
> This is ready for review now.
>
> https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696
>
> This resolves the worst behavior changes introduced by the dereferencing of
> strings fix.
> https://bugs.php.net/bug.php
hi!
same here.
Thanks for this patch!
On Sun, Dec 4, 2011 at 2:28 PM, Ilia Alshanetsky wrote:
> Seems like a good change +1.
Cheers,
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http:/
Seems like a good change +1.
On Sun, Dec 4, 2011 at 7:55 AM, Alan Knowles wrote:
> This is ready for review now.
>
> https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696
>
> This resolves the worst behavior changes introduced by the dereferen
This is ready for review now.
https://bugs.php.net/patch-display.php?bug=60362&patch=fix_disabling_bad_string_offsets&revision=1323002696
This resolves the worst behavior changes introduced by the dereferencing
of strings fix.
https://bugs.php.net/bug.php?id=60362
All tests (in Zend/tests) pa
Hi Stats,
2011/12/4 Stas Malyshev :
> Hi!
>
>
>> Since it is just adding new separate structure to session module, but
>> PHP itself checks API version number. So users cannot use the same
>> binary module anyway. I should have said API, not ABI.
>>
>> Now it should compile with msession which use
hi Clint!
Thanks for your work so far!
On Sun, Dec 4, 2011 at 1:33 AM, Clint M Priest wrote:
> What are the next steps to get this added to some future release?
Let discuss the implementation and how it works, then you can move to
the voting phase. There is no need to hurry as the next relea
On Sun, Dec 4, 2011 at 01:33, Clint M Priest wrote:
> Per RFC: https://wiki.php.net/rfc/propertygetsetsyntax
>
>
>
> Alright, getters/setters has been built. This is my first patch to the php
> core. Here is what has been implemented:
>
> http://www.clintpriest.com/patches/accessors_v1.patch (p
Hi Stats,
2011/12/4 Stas Malyshev :
> Hi!
>
>
>> For example, it is easy to find cases with google code search, that
>> users are setting ID while they really should do is
>> session_regenerate_id(). These kind of mistakes would be better to be
>> prevented under strict mode, IMHO.
>
>
> I'm not
Hi!
For example, it is easy to find cases with google code search, that
users are setting ID while they really should do is
session_regenerate_id(). These kind of mistakes would be better to be
prevented under strict mode, IMHO.
I'm not sure how that would help in this case - so the set would
Hi!
Since it is just adding new separate structure to session module, but
PHP itself checks API version number. So users cannot use the same
binary module anyway. I should have said API, not ABI.
Now it should compile with msession which uses PHP_MOD_SID/PS_MOD_FUNCS_SID.
That's the problem.
Hold on,
I'll check the source more carefully.
--
Yasuo Ohgaki
yohg...@ohgaki.net
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
2011/12/4 Yasuo Ohgaki :
> Hi Stats,
>
> 2011/12/4 Stas Malyshev :
>>> If we care about binary API compatibility, how about make
>>>
>>> PS_MOD_SID2/PS_MOD_FUNCS_SID2
>>>
>>> macros? Then we can forget about ABI.
>>
>>
>> I'm sorry, I don't understand how any macros would help anything. Adding
>> s
Hi Stats,
2011/12/4 Stas Malyshev :
>> If we care about binary API compatibility, how about make
>>
>> PS_MOD_SID2/PS_MOD_FUNCS_SID2
>>
>> macros? Then we can forget about ABI.
>
>
> I'm sorry, I don't understand how any macros would help anything. Adding
> stuff to the structure would break binar
Hi Stats,
I updated the patch to address discussion.
https://gist.github.com/1379668
2011/12/4 Stas Malyshev :
> Hi!
>
> My main concern with this change is that it is binary incompatible with
> existing session implementation, which means it would be hard to get it into
> 5.3 and 5.4. While I u
Hi Stats,
2011/12/4 Stas Malyshev :
>> If user really want to set session ID, they can explicitly disable
>> use_strict_mode.
>>
>> For almost all application, setting static ID is bad code. There are
>> some applications that exploit adoptive session, but they can live
>> with new code also.
>
>
35 matches
Mail list logo
