On Sun, 25 Sep 2016 at 06:29 Pierre Joye wrote:
> Also this behavior is clearly documented:
>
> http://th1.php.net/manual/en/function.get-class.php
>
> "If object is omitted when inside a class, the name of that class is
> returned."
>
> I am opposed to break BC because we change our mind about h
On 25 September 2016 at 06:29, Pierre Joye wrote:
> I am pretty sure it is by design (for what I can remember)
I do not believe that is correct.
The commit message* says: "Restore PHP-5.2 behaviour when passing null
inside object scope to get_class()"
The commit does not restore the previous b
On Sep 25, 2016 4:29 PM, "Leigh" wrote:
>
>
>
> On Sun, 25 Sep 2016 at 06:29 Pierre Joye wrote:
>>
>> Also this behavior is clearly documented:
>>
>> http://th1.php.net/manual/en/function.get-class.php
>>
>> "If object is omitted when inside a class, the name of that class is
>> returned."
>>
>>
On 25.09.2016 at 11:29, Leigh wrote:
> On Sun, 25 Sep 2016 at 06:29 Pierre Joye wrote:
>
>> Also this behavior is clearly documented:
>>
>> http://th1.php.net/manual/en/function.get-class.php
>>
>> "If object is omitted when inside a class, the name of that class is
>> returned."
>>
>> I am oppo
2016-09-25 15:19 GMT+02:00 Christoph M. Becker :
> On 25.09.2016 at 11:29, Leigh wrote:
>
> > On Sun, 25 Sep 2016 at 06:29 Pierre Joye wrote:
> >
> >> Also this behavior is clearly documented:
> >>
> >> http://th1.php.net/manual/en/function.get-class.php
> >>
> >> "If object is omitted when insid
Hi Stas,
I agree with you on all of this.
Stanislav Malyshev wrote:
Hi!
The broader context of this proposal is to provide a simple and usable
mechanism that will allow developers to opt-in to stricter language
semantics on a per-library (or more specifically, per-namespace) basis,
thus allev
On Sep 26, 2016 12:09 AM, "Niklas Keller" wrote:
>
> 2016-09-25 15:19 GMT+02:00 Christoph M. Becker :
>>
>> On 25.09.2016 at 11:29, Leigh wrote:
>>
>> > On Sun, 25 Sep 2016 at 06:29 Pierre Joye wrote:
>> >
>> >> Also this behavior is clearly documented:
>> >>
>> >> http://th1.php.net/manual/en/fu
Hi all,
Timestamp based session management is required to manage session as it
should. I've updated the session manual pages a while a ago to explain
why.
http://php.net/manual/en/session.security.php
http://php.net/manual/en/function.session-regenerate-id.php
Although session module has over 10
2016-09-25 20:58 GMT+02:00 Pierre Joye :
> On Sep 26, 2016 12:09 AM, "Niklas Keller" wrote:
> >
> > 2016-09-25 15:19 GMT+02:00 Christoph M. Becker :
> >>
> >> On 25.09.2016 at 11:29, Leigh wrote:
> >>
> >> > On Sun, 25 Sep 2016 at 06:29 Pierre Joye
> wrote:
> >> >
> >> >> Also this behavior is c
why not have a new session module? those who want no change for existing
applications keep the old one, new projects can use the new one, those who want
more security port their code to the new one. e.g. use session2_start(), etc.
Regards
Thomas
Yasuo Ohgaki wrote on 25. Sept 2016 22:35:
> Hi
> On Sep 25, 2016, at 16:40, Thomas Bley wrote:
>
> why not have a new session module? those who want no change for existing
> applications keep the old one, new projects can use the new one, those who
> want more security port their code to the new one. e.g. use session2_start(),
> etc.
If
Hi Thomas,
On Mon, Sep 26, 2016 at 6:40 AM, Thomas Bley wrote:
> why not have a new session module? those who want no change for existing
> applications keep the old one, new projects can use the new one, those who
> want more security port their code to the new one. e.g. use session2_start(),
Hi Paul,
On Mon, Sep 26, 2016 at 7:12 AM, Paul Jones wrote:
>> On Sep 25, 2016, at 16:40, Thomas Bley wrote:
>>
>> why not have a new session module? those who want no change for existing
>> applications keep the old one, new projects can use the new one, those who
>> want more security port t
Also follow the discussion here
https://github.com/php/php-src/pull/2137#issuecomment-249353056
On Sep 23, 2016 12:38 PM, "Pierre Joye" wrote:
> Adding the RMs.
>
> Dacey, I think this needs a deeper look and decision.
>
> On Sep 22, 2016 7:51 AM, "Pierre Joye" wrote:
> >
> > On Sep 22, 2016 1
Hi all,
On Mon, Sep 26, 2016 at 5:35 AM, Yasuo Ohgaki wrote:
> Since session management is very important feature for web apps, we
> shouldn't keep providing halfway implemented API forever.
> Implementation or removal is required.
>
> I would like to propose either
>
> timestamp based (precise
Hi!
> Timestamp based session management is required to manage session as it
> should. I've updated the session manual pages a while a ago to explain
> why.
Could you explain what you mean here? "As it should" is kind of broad :)
> http://php.net/manual/en/session.security.php
> http://php.net/m
Hi!
> Please read session_regenerate_id() example #2.
>
> Example #2 Avoiding lost session by session_regenerate_id()
In this example, why you do session_commit() in my_session_start()?
There's no point in writing stale session.
I also see no code that actually removes old sessions - is it by d
17 matches
Mail list logo
