Re: [PHP-DEV] Randomize hash-function in php

On 18 Mar, 2012, at 2:32 PM, Xinchen Hui wrote: >> What if php uses salts for specific hashes only, such as GPC (or all >> hashes whose lifetime is limited to the current reuqest), and use a >> zero-value salt for all others? > definitely no，thinking of pre-calculated hash. Pre-calculated hash o

Re: [PHP-DEV] Randomize hash-function in php

Sent from my iPhone 在 2012-3-18，15:05，Tjerk Meesters 写道： > On 18 Mar, 2012, at 2:32 PM, Xinchen Hui wrote: > >>> What if php uses salts for specific hashes only, such as GPC (or all >>> hashes whose lifetime is limited to the current reuqest), and use a >>> zero-value salt for all others? >> de

[PHP-DEV] Data type coercion

I just though it was worth throwing in this link to the 'debate' on data type hints and casting ... http://dyemanov.blogspot.co.uk/2011/07/data-type-coercion-vs-comparison-rules.html While it goes back a little time wise, it flags the SQL standard which while that is not available to simply vie

[PHP-DEV] PHP5.4 'nannying'

OK having jumped through several hoops trying to get a stable installation of Apache2.4.1 with PHP5.4 and Firebird 2.5.1 I now have a machine running and while I've not been able to do a speed comparison as yet performance does seem to be improved on what a simple comparison of machine speed imp

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

2012/3/18 John Crenshaw : > >>       2. Unenforced type hinting: > > This almost happened in 5.4, but eventually got pulled. More interestingly, > the *community* rejected it because it is useless. See the comments at > http://sebastian-bergmann.de/archives/900-Scalar-Type-Hints-in-PHP-5.3.99.htm

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

On 3/17/2012 11:46 PM, Marco Pivetta wrote: Thank you for clarifying some things :) 4. Strict weak type hinting: This realm is the most likely to succeed because the core already does something like this for internal functions (via zend_parse_parameters). This balances utility (enforcing

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

2012/3/18 Simon Schick : > 2012/3/18 John Crenshaw : >> >>>       2. Unenforced type hinting: >> >> This almost happened in 5.4, but eventually got pulled. More interestingly, >> the *community* rejected it because it is useless. See the comments at >> http://sebastian-bergmann.de/archives/900-Sc

Re: [PHP-DEV] PHP5.4 'nannying'

Am 18.03.2012 10:14, schrieb Lester Caine: > I think what I am probably looking for is a clean guide as to how code SHOULD > be written nowadays in order to avoid > the nanny messages since it's certainly not my normal practice after 10 years > of coding in PHP5 ... usually it would have been

Re: [PHP-DEV] PHP5.4 'nannying'

May I suggest changing the error reporting value, that way we can stop hearing about your damn code ;) Seriously though, I doubt anyone has a guide like that. I know I've always had E_STRICT enabled and honestly don't have the slightest clue how to trigger a strict warning. When you develop with

Re: [PHP-DEV] PHP5.4 'nannying'

hi Lester, Discussing periodically about the introduction of new notices or warnings in releases is not very fun and interesting. Good habits and related topics can be discussed on the php general mailing list or any other support channels. Thanks for your understanding, On Sun, Mar 18, 2012 at

Re: [PHP-DEV] PHP5.4 'nannying'

Reindl Harald wrote: Am 18.03.2012 10:14, schrieb Lester Caine: > I think what I am probably looking for is a clean guide as to how code SHOULD be written nowadays in order to avoid > the nanny messages since it's certainly not my normal practice after 10 years of coding in PHP5 ... usuall

Re: [PHP-DEV] Randomize hash-function in php

On 18/03/12 06:56, Tjerk Anne Meesters wrote: > On Sun, Mar 18, 2012 at 8:12 AM, Stas Malyshev wrote: >> Obvious solution would be to use a salt for the hash, which prevents blind >> pre-computing of hash collisions. However, due to the fact that PHP hash >> values can be reused in different proce

Re: [PHP-DEV] PHP5.4 'nannying'

On Sun, Mar 18, 2012 at 4:53 PM, Lester Caine wrote: > Reindl Harald wrote: > >> >> Am 18.03.2012 10:14, schrieb Lester Caine: >> >>> > I think what I am probably looking for is a clean guide as to how >>> code SHOULD be written nowadays in order to avoid >>> > the nanny messages since it's cer

Re: [PHP-DEV] PHP5.4 'nannying'

On Sun, 2012-03-18 at 15:53 +, Lester Caine wrote: > So I need to work out why with PHP5.4 we have such an overload of warning > messages ... so I CAN fix them ... which is why I'm asking here for advise on > migration information to a clean code base in PHP5.4 ... See http://php.net/migrati

Re: [PHP-DEV] PHP5.4 'nannying'

Ferenc Kovacs wrote: * *|E_ALL|* now includes *|E_STRICT|* level errors in the error_reporting configuration directive. I would guess your code was running clean, because you didn't have E_STRICT in your

Re: [PHP-DEV] PHP5.4 'nannying'

Johannes Schlüter wrote: This list is not for user support. This list is for future development. Please help all here to keep it productive. Thanks. And hopefully to educate developers to understand some of the problems that they are creating by their actions? -- Lester Caine - G8HFL -

[PHP-DEV] Git Migration: Status Update for Todays Migration

Hi Internals, we will start migrating the php-src repository today and SVN access will be closed by 21:30 UTC. Thanks do Alexander Moskaliov we now have a much better, rewritten Mail script. Thanks to Florian Anderiasch we have a bugweb script. I added a wiki page for the workflow at http://wiki

Re: [PHP-DEV] PHP5.4 'nannying'

On Sun, Mar 18, 2012 at 6:53 PM, Lester Caine wrote: > [...] SO my original question still applies, but for different > reasons ... is there a crib sheet to help eliminate strict code errors in > legacy code bases? Uhm, I'm not sure whether I am completely stupid and miss something obvious: But wh

Re: [PHP-DEV] PHP5.4 'nannying'

Am 18.03.2012 18:53, schrieb Lester Caine: > Ferenc Kovacs wrote: >> * *|E_ALL|* now includes *|E_STRICT|* level errors in the error_reporting >> >> >> configuration >> directive. >> >> I would guess your

Re: [PHP-DEV] Git Migration: Status Update for Todays Migration

Hi David: On 18 Mar 2012, at 19:00, David Soria Parra wrote: > Hi Internals, > > we will start migrating the php-src repository today and SVN > access will be closed by 21:30 UTC. > > Thanks do Alexander Moskaliov we now have a much better, rewritten Mail > script. > Thanks to Florian Anderias

Re: [PHP-DEV] Git Migration: Status Update for Todays Migration

David Soria Parra wrote: > we will start migrating the php-src repository today and SVN > access will be closed by 21:30 UTC. You'll leave it going read-only for a while I hope? I assume quite a few people have uncommitted patches. cheers, Derick -- PHP Internals - PHP Runtime Development Mai

Re: [PHP-DEV] Git Migration: Status Update for Todays Migration

@Stefan: travis could be setup to build PHP and check your branches on your own fork whenever you push... That would reduce some of the overhead hopefully. Marco Pivetta http://twitter.com/Ocramius http://marco-pivetta.com On 18 March 2012 19:14, Stefan Marr wrote: > Hi David: > > On 18 Mar

Re: [PHP-DEV] Git Migration: Status Update for Todays Migration

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/18/2012 07:14 PM, Stefan Marr wrote: > Hi David: > > On 18 Mar 2012, at 19:00, David Soria Parra wrote: > >> Hi Internals, >> >> we will start migrating the php-src repository today and SVN >> access will be closed by 21:30 UTC. >> >> Thanks

Re: [PHP-DEV] Git Migration: Status Update for Todays Migration

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/18/2012 07:31 PM, Derick Rethans wrote: > David Soria Parra wrote: > >> we will start migrating the php-src repository today and SVN >> access will be closed by 21:30 UTC. > You'll leave it going read-only for a while I hope? I assume quite >

[PHP-DEV] cvs.php.net

Hi, Now that the git migration is reaching php-src, I would like to know what will we do with cvs.php.net (eg. the pserver still running on it). There is also a mention of cvsup.php.net on http://php.net/cvsup.php I guess that also uses/depends on the pserver, but I'm not that familiar with the se

Re: [PHP-DEV] PHP5.4 'nannying'

Forgot the pigging reply all :( Nikita Popov wrote: On Sun, Mar 18, 2012 at 6:53 PM, Lester Caine wrote: > [...] SO my original question still applies, but for different > reasons ... is there a crib sheet to help eliminate strict code errors in > legacy code bases? Uhm, I'm not sure wheth

[PHP-DEV] SVN Account Request: michaelhood

contributing memory improvements/bugfixes to FPM, mysqli, mysqlnd. (see recent patch on #61430) thanks! -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

On Sun, Mar 18, 2012 at 7:12 AM, Simon Schick wrote: > > Hi, All > > Just to add an example why I want a more strictly type-check here as > we have in the current type-juggling: > > http://www.brandonsavage.net/an-xss-vulerability-in-the-making/?utm_source=rss&utm_medium=rss&utm_campaign=an-xss-vu

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

2012/3/18 Adam Jon Richardson : > On Sun, Mar 18, 2012 at 7:12 AM, Simon Schick > wrote: > >> >> Hi, All >> >> Just to add an example why I want a more strictly type-check here as >> we have in the current type-juggling: >> >> http://www.brandonsavage.net/an-xss-vulerability-in-the-making/?utm_sour

[PHP-DEV] [benchmarks] Still under active development?

Hi, All I got some feedback from Paul Biggar and Nuno Lopes (the founders of the RFC https://wiki.php.net/rfc/better_benchmarks) and both want to give it to a new maintainer. I fond quite a bunch of possible starts but don't know which one would be the best to start with or if we should start fro

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

On Sun, Mar 18, 2012 at 7:11 PM, Simon Schick wrote: > Hi, Adam > > I totally agree that type-hinting should not cover what the programmer > should do for validating the given input ... > But I just wanted to point out that this is something the author (and > I) would never expect to happen ... >

[PHP-DEV] HEADS UP: php-src is in read only mode

Migration is underway. Will take a while. Import takes a few hours. Expect git access to be available by Monday afternoon. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] HEADS UP: php-src is in read only mode

On Mon, Mar 19, 2012 at 12:33 AM, David Soria Parra wrote: > Migration is underway. > Will take a while. Import takes a few hours. > Expect git access to be available by Monday afternoon. Great work organizing and carrying out this update, David. Git's gonna be great! Adam

Re: [PHP-DEV] Scalar-type-hinting - which way is the best to go?

> But I just wanted to point out that this is something the author > (and I) would never expect to happen ... > in_array("123abc", array(3, 7, 123, 28)) === true Well, would you never expect select ( '123abc' in (3,7,123,28) ) to return boolean true in SQL? Because it does. Me, I'm happy