Hi Christoph,
On Tue, Sep 12, 2017 at 10:04 PM, Christoph M. Becker
wrote:
> On 12.09.2017 at 14:52, François Laupretre wrote:
>
> > What about making PHP 8 100% case-sensitive (except true/false) ? If we
> > announce it years in advance, it is possible, IMO.
>
> I don't think we can do that. C
Hi!
On 9/15/17 2:20 PM, ilija.tov...@me.com wrote:
>> no, as there is no special risks
>
> There certainly is. No other function (as far as I’m aware) mutates your
> local symbol table. This means you need to know exactly what symbols are
Sure, because this is the function to mutate your local s
Hi Yasuo
These sound good to me!
There’s still a smaller vulnerability of defining variables beforehand:
```
$data = ['hasAccess' => true];
export($data);
if ($user->isAdmin()) {
$hasAccess = true;
}
if (isset($hasAccess) && $hasAccess === true) {
print 'Bingo';
}
```
but code like th
> no, as there is no special risks
There certainly is. No other function (as far as I’m aware) mutates your local
symbol table. This means you need to know exactly what symbols are defined and
what kind of data you’ll receive when calling `extract`. So basically this is
only safe right at the b
Hi all,
On Sat, Sep 16, 2017 at 2:50 AM, Sara Golemon wrote:
> On Fri, Sep 15, 2017 at 1:35 PM, wrote:
> > The `extract` function takes an associative array and
> > puts it into the local symbol table.
> > http://php.net/manual/en/function.extract.php
> >
> > I seriously doubt the usefulness o
Hi!
> Dangerous meaning that if given untrusted input someone could mess with
> the behaviour of your code. There are risks and benefits to every
Same as many other functions. Given untrusted input, unlink() could
delete files on your hard drive, and file_put_contents() could overwrite
your data
Hi Stas
Dangerous meaning that if given untrusted input someone could mess with the
behaviour of your code. There are risks and benefits to every solution.
Certainly you’d agree that in some cases the risks outweigh the benefits.
As Sara pointed out, this might not be the case here as there’s n
Hi!
> As a second parameter the `extract` function takes some options to
> make this function less dangerous, like `EXTR_SKIP` that
I'd start with specifying what exactly is "dangerous" in this function.
So far I don't see any specific danger. You can shoot yourself in the
foot, so you can with m
> On 16 Sep 2017, at 01:27, Arvids Godjuks wrote:
>
> 2017-09-15 20:52 GMT+03:00 Ryan Pallas :
>
>>> On Fri, Sep 15, 2017 at 11:38 AM, wrote:
>>>
>>> Hi Ryan
>>>
>>> I can see your argument. The reasoning behind it is that a function in
>> the
>>> standard library should not encourage unsafe
Hi Sara
That is indeed a very good point. Haven't thought of that one.
Regards
> On 15. Sep 2017, at 19:50, Sara Golemon wrote:
>
>> On Fri, Sep 15, 2017 at 1:35 PM, wrote:
>> The `extract` function takes an associative array and
>> puts it into the local symbol table.
>> http://php.net/manu
2017-09-15 20:52 GMT+03:00 Ryan Pallas :
> On Fri, Sep 15, 2017 at 11:38 AM, wrote:
>
> > Hi Ryan
> >
> > I can see your argument. The reasoning behind it is that a function in
> the
> > standard library should not encourage unsafe code. Admittedly, since this
> > function is rarely used except f
Hi, (accidentally replied to only OP)...
> On Sep 15, 2017, at 1:35 PM, ilija.tov...@me.com wrote:
>
> Hi Marco
>
> I can see it’s usefulness in this case.
>
> But wouldn’t it be better to implement this by hand in these rare cases (it’s
> 3 lines of code) instead of encouraging the pollution
On Fri, Sep 15, 2017 at 11:50 AM, Sara Golemon wrote:
> On Fri, Sep 15, 2017 at 1:35 PM, wrote:
> > The `extract` function takes an associative array and
> > puts it into the local symbol table.
> > http://php.net/manual/en/function.extract.php
> >
> > I seriously doubt the usefulness of this f
On Fri, Sep 15, 2017 at 11:38 AM, wrote:
> Hi Ryan
>
> I can see your argument. The reasoning behind it is that a function in the
> standard library should not encourage unsafe code. Admittedly, since this
> function is rarely used except for templating systems one could call this a
> non-issue.
On Fri, Sep 15, 2017 at 1:35 PM, wrote:
> The `extract` function takes an associative array and
> puts it into the local symbol table.
> http://php.net/manual/en/function.extract.php
>
> I seriously doubt the usefulness of this function,
> especially looking at the potential risks. The fact
> tha
Hi Ryan
I can see your argument. The reasoning behind it is that a function in the
standard library should not encourage unsafe code. Admittedly, since this
function is rarely used except for templating systems one could call this a
non-issue. I just wanted to bring it up.
Regards
On 15 Sep
Hi,
On 15 Sep 2017 19:37, wrote:
Hi Marco
I can see it’s usefulness in this case.
But wouldn’t it be better to implement this by hand in these rare cases
(it’s 3 lines of code) instead of encouraging the pollution of the symbol
table by unknown input? It’s also clearer since people who don’t k
Hi Marco
I can see it’s usefulness in this case.
But wouldn’t it be better to implement this by hand in these rare cases (it’s 3
lines of code) instead of encouraging the pollution of the symbol table by
unknown input? It’s also clearer since people who don’t know the `extract`
function probab
On Sep 15, 2017 11:22 AM, wrote:
Hi!
The `extract` function takes an associative array and puts it into the
local symbol table.
http://php.net/manual/en/function.extract.php
```
$array = [
‘foo’ => ‘foo’,
‘bar’ => ‘bar’,
];
extract($array);
print $foo; // "foo"
```
As a second parame
Heya,
This is typically used in templating engines.
The one I worked on is
https://github.com/zendframework/zend-view/blob/5523511b6771cb6c060a77f6777426526a8db5ab/src/Renderer/PhpRenderer.php#L491-L492
Marco Pivetta
http://twitter.com/Ocramius
http://ocramius.github.com/
On Fri, Sep 15, 2017
Hi!
The `extract` function takes an associative array and puts it into the local
symbol table.
http://php.net/manual/en/function.extract.php
```
$array = [
‘foo’ => ‘foo’,
‘bar’ => ‘bar’,
];
extract($array);
print $foo; // "foo"
```
As a second parameter the `extract` function takes s
>
> Richard,
>
> The minimal voting period is actually just one week, so as far as the
> Voting RFC requirements are concerned, you can close it right now. If you
> want to stick to the Sep 16 deadline you announced at the beginning of the
> vote, someone else can close the poll, Sep 16 is just ho
Richard,
The minimal voting period is actually just one week, so as far as the Voting
RFC requirements are concerned, you can close it right now. If you want to
stick to the Sep 16 deadline you announced at the beginning of the vote,
someone else can close the poll, Sep 16 is just hours away.
On 9/6/2017 9:56 PM, Stanislav Malyshev wrote:
> BTW, the RFC text does not have vote end date, please add it.
>
Done, had to move that to Wednesday, because I won't have Internet
access until then. Closing it today would mean that the min of 2 weeks
voting would not be achieved.
--
Richard "Fl
Am 15.09.2017 um 16:58 schrieb Tony Marston:
wrote in message news:5fe274c1-36de-e650-fd2c-bc4f9caf3...@rhsoft.net...
Am 15.09.2017 um 11:25 schrieb Tony Marston:
You are missing a third option - Microsoft languages are
case-preserving. This is where the IDE ensures that every use of a
word
wrote in message news:5fe274c1-36de-e650-fd2c-bc4f9caf3...@rhsoft.net...
Am 15.09.2017 um 11:25 schrieb Tony Marston:
You are missing a third option - Microsoft languages are case-preserving.
This is where the IDE ensures that every use of a word is automatically
switched to the case used in
"Lester Caine" wrote in message
news:55603872-e832-65ea-25b6-48e01074a...@lsces.co.uk...
On 15/09/17 10:02, Tony Marston wrote:
Why is it not possible to identify a single upper and lower case variant
for every character in every character set?
Can't find the right unicode standard page, but
"Lester Caine" wrote in message
news:d97cd2e5-bd5b-4c9f-2c20-107560d5a...@lsces.co.uk...
On 15/09/17 12:13, Tony Marston wrote:
My argument is that far too many people have become used to case
insensitive software, and to remove this "feature" for no other reason
than the programmers involved
Am 15.09.2017 um 16:38 schrieb Tony Marston:
wrote in message news:8bbcc1fc-0d13-27d4-a04f-0a5ebda4c...@rhsoft.net...
Am 15.09.2017 um 11:12 schrieb Tony Marston:
I am not asking the world to slow down because I am too lazy to
change. I am arguing that case insensitive software has been arou
wrote in message news:8bbcc1fc-0d13-27d4-a04f-0a5ebda4c...@rhsoft.net...
Am 15.09.2017 um 11:12 schrieb Tony Marston:
I am not asking the world to slow down because I am too lazy to change. I
am arguing that case insensitive software has been around for many
decades, and for some people to adv
Am 15.09.2017 um 16:15 schrieb Tony Marston:
Can you show me any language where a single character has multiple
alternatives when switching case?
http://cdn.webfail.com/upl/img/07181c2ca27/post2.jpg
_
german: Sie ist wirklich gut zu Vögeln
english: she is
"Alain Williams" wrote in message
news:20170915093457.gi8...@phcomp.co.uk...
On Fri, Sep 15, 2017 at 09:51:53AM +0100, Tony Marston wrote:
>Iike how you map lower -> upper depends on how you encode characters.
Then use a single UNICODE character set where every character has
both an upper an
"Alain Williams" wrote in message
news:20170915092114.gh8...@phcomp.co.uk...
On Fri, Sep 15, 2017 at 10:04:51AM +0100, Tony Marston wrote:
>The light bulb was invented by an English man (Joseph Swan), the
>television by a
>Scott (John Logie Baird); so should the Brits and Scots be the
>ones t
On 15.09.2017 at 01:34, Stanislav Malyshev wrote:
>> > define('FOO', true, true); // public const in ext; transcript from C
>> const FOO = false; // in global app code
>>
>> Why doesn't that fail? How am I supposed to write the extension
>
> It should fail, but that's not what we're discus
On 15/09/17 10:02, Tony Marston wrote:
> Why is it not possible to identify a single upper and lower case variant
> for every character in every character set?
Can't find the right unicode standard page, but
https://www.elastic.co/guide/en/elasticsearch/guide/current/case-folding.html
sums it up.
On 15/09/17 12:13, Tony Marston wrote:
> My argument is that far too many people have become used to case
> insensitive software, and to remove this "feature" for no other reason
> than the programmers involved would find it "more convenient" to remove
> the feature altogether rather than make the
"Andrey Andreev" wrote in message
news:CAPhkiZxdVwiEDOW9XZfcADV+o1UC=sg_pc2nw7nqu1w_gv8...@mail.gmail.com...
Hi again,
On Fri, Sep 15, 2017 at 12:46 PM, Tony Marston
wrote:
"Andrey Andreev" wrote in message
news:CAPhkiZyXgxi-7vWdqA2hxni9SvycuN_pWOOM8un8mUo5qJ=0...@mail.gmail.com...
Hi,
Hi again,
On Fri, Sep 15, 2017 at 12:46 PM, Tony Marston wrote:
> "Andrey Andreev" wrote in message
> news:CAPhkiZyXgxi-7vWdqA2hxni9SvycuN_pWOOM8un8mUo5qJ=0...@mail.gmail.com...
>>
>>
>> Hi,
>>
>> On Fri, Sep 15, 2017 at 11:51 AM, Tony Marston
>> wrote:
>>>
>>>
Far better that that
pr
Am 15.09.2017 um 11:25 schrieb Tony Marston:
You are missing a third option - Microsoft languages are
case-preserving. This is where the IDE ensures that every use of a word
is automatically switched to the case used in its original definition.
This makes it impossible to use the same word wi
Am 15.09.2017 um 11:12 schrieb Tony Marston:
I am not asking the world to slow down because I am too lazy to change.
I am arguing that case insensitive software has been around for many
decades, and for some people to advocate for its removal just because
they don't have the brain power to co
"Andrey Andreev" wrote in message
news:CAPhkiZyXgxi-7vWdqA2hxni9SvycuN_pWOOM8un8mUo5qJ=0...@mail.gmail.com...
Hi,
On Fri, Sep 15, 2017 at 11:51 AM, Tony Marston
wrote:
Far better that that
problem is taken away from the file system (which should be clean,
robust
and
fast) and if you wan
On Fri, Sep 15, 2017 at 09:51:53AM +0100, Tony Marston wrote:
> >Iike how you map lower -> upper depends on how you encode characters.
>
> Then use a single UNICODE character set where every character has
> both an upper and lower case representation. Problem solved.
Not possible - see below.
>
""Christoph M. Becker"" wrote in message
news:320b3863-e36b-2ed4-543b-fcbd433b1...@gmx.de...
On 14.09.2017 at 23:22, Stanislav Malyshev wrote:
[Nikita wrote]
+1 on doing this. I can understand having case-insensitive constants,
but
having both case-sensitive and case-insensitive at the same
On Fri, Sep 15, 2017 at 10:04:51AM +0100, Tony Marston wrote:
> >The light bulb was invented by an English man (Joseph Swan), the
> >television by a
> >Scott (John Logie Baird); so should the Brits and Scots be the
> >ones that define
> >light bulb and TV standards to suit their convenience ?
> >
Hi,
On Fri, Sep 15, 2017 at 11:51 AM, Tony Marston wrote:
>
>> Far better that that
>> problem is taken away from the file system (which should be clean, robust
>> and
>> fast) and if you want case independence put it up at the application
>> layer.
>
>
> You try telling that to the billions of W
"Daniel Morris" wrote in message
news:1505397937.4137791.1106049000.16b88...@webmail.messagingengine.com...
On Thu, 14 Sep 2017, at 02:48 PM, Tony Marston wrote:
Because the English-speaking world invented both computers and the
languages used to program them.
It was a German that invented b
"Alain Williams" wrote in message
news:20170914135519.gw8...@phcomp.co.uk...
On Thu, Sep 14, 2017 at 02:48:06PM +0100, Tony Marston wrote:
"Rowan Collins" wrote in message
news:7394e3ce-b05a-474e-8ab5-a651fdd35...@gmail.com...
>
>On 14 September 2017 13:59:20 BST, Tony Marston
> wrote:
>>Why
"Alain Williams" wrote in message
news:20170914134603.gs8...@phcomp.co.uk...
On Thu, Sep 14, 2017 at 02:36:27PM +0100, Tony Marston wrote:
""Christoph M. Becker"" wrote in message
news:98ab178e-b999-7e36-5ff5-7b8c28fe0...@gmx.de...
>
>On 14.09.2017 at 14:59, Tony Marston wrote:
>
>>Introducin
"Alain Williams" wrote in message
news:20170914133846.gq8...@phcomp.co.uk...
On Thu, Sep 14, 2017 at 02:16:47PM +0100, Tony Marston wrote:
A minor detail. Windows followed all the previous OSes which I had
used in being case insensitive, which makes unix the odd one out.
Besides there are far
49 matches
Mail list logo
