+1 for VSCode, I use it practically everywhere these days,
HTML/Javascript/TypeScript/PHP/C/C++/Python/Lua, all on VSCode.
On Mon, 16 Sept 2024 at 13:07, Barel wrote:
>
> On Sat, 14 Sept 2024 at 23:44, Barel wrote:
>>
>> Hi
>>
>> For C/C++ development I usually use CLion from Jetbrains but I tri
@Robert I know windows has problems with moving files that are opened
by other processes,
BUT this still works fine on Windows 10 running on NTFS:
rename returns true and the file really is moved (and the file is no
longer automatically deleted - i suspect PHP's tmpfile() try to delete
the origina
multiple times per week now, i get this Security
Sicherheitsüberprüfung captcha page when visiting php.net and it's
really annoying to solve that captcha multiple times per week.
"PHP is that annoying language where you have to solve captchas just
to read the documentation"
is not the experience we
7;s just
hardcoded in German.
(tl;dr: if an English version exists, I have no idea why I was served
the German version.)
On Sun, 14 May 2023 at 23:36, Rowan Tommins wrote:
>
> On 14 May 2023 21:48:51 BST, Hans Henrik Bergan wrote:
> >fwiw for those of you lucky enough to not get the ca
>outdated format, standard has been changed while ago
What do you mean? Do you mean that the constant was legal at some point?
Was there ever a version of ISO8601 allowing the mixing of "extended
format" and "basic format" ? The earliest version I've read, iso8604:2004,
does not allow it (more on
I think it would be useful.
For some reason, lots of people on stackoverflow has a hard time
implementing this function in userland:
on
https://stackoverflow.com/questions/2517947/ucfirst-function-for-multibyte-character-encodings
there are 10 broken implementations of mb_ucfirst, and 1 correct on
>In my opinion, deprecating this does not do anything besides annoying
users.
In my opinion, since it isn't, and likely never was, a legal ISO8601
string, it's a no-brainer that it should be deprecated. (it's at least
been illegal since iso8601:2004 released in 2004)
On Fri, 26 May 2023 at 12:17,
sounds like array_find could be implemented by just adding a new flag
for array_filter's $mode:
ARRAY_FILTER_STOP_ON_FIRST_MATCH
or some such?
On Fri, 2 Jun 2023 at 02:15, Casper Langemeijer wrote:
>
> On Thu, Jun 1, 2023, at 18:02, Janusz Szczypka wrote:
> > array_find(): This function would all
DATE_ISO8601 doesn't have to be removed anytime soon, but no new code
should be written using that constant, thus an E_DEPRECATED is
warranted.
Is anyone really arguing against that statement?
On Tue, 30 May 2023 at 18:26, Hans Henrik Bergan wrote:
>
> >In my opinion, deprecating
Can I get some attention to https://github.com/php/php-src/pull/11254
? It's been 3 weeks and nothing so far
faster too: https://quick-bench.com/q/j3k_unXcE91gVdTRH9Dm0nxpDUA
(guess it's because it avoids the `flags < 0` thing)
On Tue, 6 Jun 2023 at 12:54, Hans Henrik Bergan wrote:
>
> Can I get some attention to https://github.com/php/php-src/pull/11254
> ? It's been 3 weeks and nothing so far
how are errors handled, like if the format of php://input is
unrecognized, not valid multipart/form-data and not valid
application/x-www-form-urlencoded?
errors? exceptions? nothing?
On Tue, 20 Jun 2023 at 11:26, Ilija Tovilo wrote:
>
> Hi internals
>
> A while ago I encountered a limitation of h
maybe we could do a
declare(internal_strict_types=1);
on a per-file basis just like the existing userland strict_types?
(name is up for bikeshedding ofc)
On Tue, 29 Aug 2023 at 17:49, Claude Pache wrote:
>
>
>
> > Le 29 août 2023 à 15:19, Saki Takamachi a écrit :
> >
> >> Hi,
> >>
> >> The large
9 Aug 2023 at 18:36, Hans Henrik Bergan wrote:
>
> maybe we could do a
> declare(internal_strict_types=1);
> on a per-file basis just like the existing userland strict_types?
> (name is up for bikeshedding ofc)
>
> On Tue, 29 Aug 2023 at 17:49, Claude Pache wrote:
> >
&g
Argon2 is opt-in, not opt-out, at compile-time, so then we would have to
agree on it being acceptable for PASSWORD_DEFAULT to have different values
depending on compile-time options, maybe thats completely fine, or maybe it
isn't, idk.
But as Dusterhus points out, Argon2 is inferior to bcrypt anyw
@Craig warning, it's very random what kind of CPU performance you get
on your t2 instances, the CPUs vary greatly from modern to many years
old.
I know of Fortune 500 companies that have automated systems to spin up
t2 instances until they randomly get "a good one", then discard the
others, becaus
>web hosters *love* their ancient hardware
No kidding. dreamhost.com host over 1.5 million websites, presumably most
are on their "Shared Unlimited" package, which runs on
AMD Opteron 4122, a high-end server CPU from 2010.
Some benchmarks there:
hanshenrik@jonathan-dayton:~$ cat /proc/cpuinfo | h
ash)
Cost 14: 140.695820 total (1.406958 per hash)
real4m31.854s
user4m13.115s
sys 0m2.168s
hanshenrik@jonathan-dayton:~$ cat /proc/cpuinfo | head
(...)
model name : AMD Opteron(tm) Processor 4122
On Tue, 12 Sept 2023 at 18:01, Tim Düsterhus wrote:
>
> Hi
>
>
I think the submodule approach is fine, but maybe it should be moved from
Dmitry's gh to php-src gh, or maybe it's own dedicated group, to reduce the
bus factor (how much work needs to be done if Dmitry is hit by a bus~)
On Sat, Sep 16, 2023, 00:22 Tim Düsterhus wrote:
> Hi
>
> On 9/15/23 17:50,
the php-fpm master<->php-fpm worker glue code. php-fpm master usually
runs as *root*, so a compromise in that glue could lead to webserver
rooting
On Mon, 25 Sept 2023 at 10:49, Derick Rethans wrote:
>
> Hi,
>
> The Foundation is organising an external audit/security check of the PHP
> source cod
> If have any idea, feel free to comment to me.
i think the C code would look something like
void mb_trim(size_t *strlen, char **str, const size_t
trim_lengths_num, const size_t *trim_lengths, const char **trim_chars)
{
size_t local_strlen = *strlen;
char *local_str = *str;
for (;;)
i = -1;
}
}
2x nested loops reduced to 1 loop, and goto removed~
On Sun, 1 Oct 2023 at 10:43, Hans Henrik Bergan wrote:
>
> > If have any idea, feel free to comment to me.
>
> i think the C code would look something like
>
>
> void mb_trim(si
sorry for late.
> I confirmed works fine.
> https://gist.github.com/youkidearitai/0018dee27353c00aebaff3bf57c5b8c6
>
> However, this code is C++17, php-src is C code.
> If you would like contribute, I would like written to C code.
>
> Regards
> Yuya
>
> 2023年10月1日(日) 19:46 Hans Henrik
The only thing socket_set_blocking() is good for is to confuse people
looking for socket_set_block()
been years since i checked, but last time i checked, BCMath supports
floating point numbers,
and PHP's GMP wrappers does not (this is not a limitation of GMP
itself, but of PHP's GMP wrappers)
- has the GMP api floating issues been fixed? a quick test suggest
/no/: https://3v4l.org/FQaI4
On Thu,
I had no idea PDO's PARAM_INT and PARAM_BOOL was so buggy, good catch!
On Sat, Nov 4, 2023, 07:59 Saki Takamachi wrote:
> Hi internals,
>
> As shown in the following issue, the behavior of `PDO::PARAM_` is
> inconsistent and I would like to fix this.
> https://github.com/php/php-src/issues/1
I think it'd be a good idea if they used FILTER_VALIDATE_BOOLEAN and
FILTER_VALIDATE_INTEGER type logic, with an error if conversion fails..
I wonder if PDO::PARAM_BOOL_OR_NULL would be worthwhile
On Sun, Nov 5, 2023, 10:10 Saki Takamachi wrote:
> Hi,
>
> To think more deeply about this issue,
With the dominance of UTF-8 (a fixed-endian encoding), surely no new
code should utilize any of declare(encoding='...') / zend.multibyte /
zend.script_encoding / zend.detect_unicode.
I propose we deprecate all 4.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https
> What is the migration path for legacy code that use those directives?
The migration path is to convert the legacy-encoding PHP files to UTF-8.
Luckily this can be largely automated, here is my attempt:
https://github.com/divinity76/php2utf8/blob/main/src/php2utf8.php
but that code definitely nee
i-endian encodings (like UTF16/UTF32) ^^
On Tue, 28 Nov 2023 at 21:47, Hans Henrik Bergan wrote:
>
> > What is the migration path for legacy code that use those directives?
>
> The migration path is to convert the legacy-encoding PHP files to UTF-8.
> Luckily this can be larg
_unicode"
> > ini-option is specifically to scan for BOMs, and BOMs are
> > significantly less useful in fixed-endian encodings (like UTF8) than
> > bi-endian encodings (like UTF16/UTF32) ^^
> >
> > On Tue, 28 Nov 2023 at 21:47, Hans Henrik Bergan
> > wrot
verload" => ini_get("mbstring.func_overload"),
"PHP_VERSION" => PHP_VERSION,
));
```
there? What do you get?
On Wed, 29 Nov 2023 at 00:47, youkidearitai wrote:
>
> 2023年11月29日(水) 8:07 Hans Henrik Bergan :
> >
> > @youkidearitai right now the code
=> ini_get("zend.detect_unicode"),
"mbstring.internal_encoding" => ini_get("mbstring.internal_encoding"),
"mbstring.func_overload" => ini_get("mbstring.func_overload"),
"PHP_VERSION" => PHP_VERSION,
"r
i think Shift_JIS can also be automatically converted to UTF-8, does
this seem right?
https://github.com/divinity76/php2utf8/commit/6e08c4c16312961170cce821195816a8d24e23f6
On Wed, 29 Nov 2023 at 01:21, youkidearitai wrote:
>
> > Use zend.script_encoding=sjis and zend_bultibyte=true
> >
> > ❯ ~/p
Can we add the BLAKE3 hash?
Created a PR here: https://github.com/php/php-src/pull/13194
BLAKE3 is a very fast ("blazing fast") cryptographically secure hash. It is
the latest iteration of the BLAKE hash, which was a SHA3 finalist~ see
https://github.com/BLAKE3-team/BLAKE3 for more info on BLAKE
tions: ["length"=>1000]): blake3_8000
that shouldn't be too difficult to implement either! good idea
On Fri, 19 Jan 2024 at 20:20, tag Knife wrote:
>
> On Fri, 19 Jan 2024 at 18:43, Hans Henrik Bergan wrote:
>
> > Can we add the BLAKE3 hash?
> >
> >
nk it should be a separate PR, after the initial support gets merged.
On Fri, 19 Jan 2024 at 21:42, Hans Henrik Bergan wrote:
>
> >BLAKE3 has 2 default sizes
>
> Nope, only 1 canonical size, 256 bits.
> *BUT* BLAKE3 is XOF, it can be exactly as long as you want it to be:
>
>
On Mon, 22 Jan 2024 at 07:10, tag Knife wrote:
>
> That's why I suggested implementing separate lengths of the like we have for
> SHA3, so we could have BLAKE3_256 and BLAKE3_512 and maybe inbetweens.
we can look into exposing blake3's XOF (arbitrary length) capabilities
after (and if) initial b
Maybe vote on it? (that was suggested in the PR too,
https://github.com/php/php-src/pull/13194#issuecomment-1900430400 )
Can think of 6 things
1: Should BLAKE3 be added to PHP? yes/no
2: Should ARM Neon (2007) optimized implementation be bundled? yes/no
3: Should x86_64 SSE2 (2000) optimized impl
On Wed, 24 Jan 2024 at 17:59, Marco Pivetta wrote:
>
> Depends on the actual numbers: is there any way to make a comparison that
> is relatively stable across architectures?
>
> Would it be feasible to start with the
> cross-platform-let-the-compiler-do-its-job version (that somebody may
> actuall
just tested ARM Neon optimizations on Oracle Cloud's cheapest ARM VPS:
VM.Standard.A1.Flex, Ubuntu 22.04, GCC11.4,
results:
-O2 portable: 596MB/s
-O2 -march=native portable: 601MB/s
-O2 ARM Neon optimized implementation: 1138MB/s
Again, even with -march=native, the compiler cannot make the portabl
with
https://github.com/php/php-src/commit/52dba99d47563f38d8ed5f84690a3cb2c1785475
,
the PR ( https://github.com/php/php-src/pull/13194 ) got the first merge
conflict. I fixed it, but what's next?
Could vote on it, if there is little more to discuss?
quick recap
AMD Ryzen 9 7950x:
portable -O2
just like the constructor accepts
new DateTime("@0.123456"); // 1970-01-01 00:00:00.123456
new DateTime("@".microtime(true));
IMO setTimestamp should accept the same:
$dt->setTimestamp(0.123456); // 1970-01-01 00:00:00.123456
$dt->setTimestamp(microtime(true));
Can we change setTimestamp to accep
EventLoop::repeat($pingInterval,
function(...$args)use($client){$client->ping(...$args)});
Can we make sleep accept int|float?
Made a PR: https://github.com/php/php-src/pull/13401
For years when I wanted to sleep for 0.1 seconds, it annoyed me that I
couldn't do
`sleep(0.1);`
instead I had to do
`usleep(figure out how many microseconds there are in 0.1 seconds and put
it here);`
FWIW P
My name is "Hans Henrik Bergan", usually go by the nickname
"divinity76", I've contributed to OSS (including PHP) for years, and
am currently involved in 3 things that might require an RFC, and
requesting RFC karma for wiki account "divinity76".
1/3:
Can we add automatic formatting checks for pull requests?
Made a PR: https://github.com/php/php-src/pull/13417
php-src use "tabs" instead of "spaces", that is... quite unusual,
and I'm probably not the first person to accidentally use spaces
instead of tabs, ref
https://github.com/php/php-src/pull
On Fri, 16 Feb 2024 at 09:36, Alexandru Pătrănescu wrote:
>
>
> On Fri, Feb 16, 2024 at 10:18 AM Hans Henrik Bergan wrote:
>>
>> Can we make sleep accept int|float?
>> Made a PR: https://github.com/php/php-src/pull/13401
>>
>> For years when I wanted to sl
On Sat, 17 Feb 2024 at 08:22, Hans Henrik Bergan wrote:
>
> My name is "Hans Henrik Bergan", usually go by the nickname
> "divinity76", I've contributed to OSS (including PHP) for years, and
> am currently involved in 3 things that might require an RFC, and
&g
On Sat, Feb 17, 2024, 15:27 Gina P. Banyard wrote:
> On Saturday, 17 February 2024 at 11:24, Hans Henrik Bergan <
> h...@loltek.net> wrote:
>
> > Can we add automatic formatting checks for pull requests?
> > Made a PR: https://github.com/php/php-src/pull/13417
> &g
On Sun, 18 Feb 2024 at 00:51, Ilija Tovilo wrote:
>
> Hi Hans
>
> On Sat, Feb 17, 2024 at 3:31 PM Gina P. Banyard wrote:
> >
> > On Saturday, 17 February 2024 at 11:24, Hans Henrik Bergan
> > wrote:
> >
> > > Can we add automatic formatting che
bruary 2024 22:18:05 GMT, Ilija Tovilo wrote:
> >Hi Hans
> >
> >On Sat, Feb 17, 2024 at 3:31 PM Gina P. Banyard wrote:
> >>
> >> On Saturday, 17 February 2024 at 11:24, Hans Henrik Bergan
> >> wrote:
> >>
> >> > Can we ad
Made a RFC draft: https://wiki.php.net/rfc/sleep_function_float_support
First time, so I'm not surprised if there are some mistakes there.
Feedback is very welcome.
I have tried sending this email 4 times over 2 days from hans at loltek dot
net and every time the email server said delivery fail
Voting has now been simplified to 3x no/php 8.4/php 9.0 questions.
(I actually would've preferred the original 6, would have been
unambiguous if people are supposed to checkbox only 8.4 or both 8.4
and 9.0, and would have been easier to see the % of people who voted
only 9.0, I think. But I don't
On Tue, 5 Mar 2024 at 20:17, Larry Garfield wrote:
>
> A 3 way up-down vote doesn't make sense. What happens if none of the 3
> options reaches 66%?
>
> The viable options here are a single RCV vote (which we've done before), or a
> single "Should we do this" vote that requires 66%, followed by
On Fri, 3 May 2024 at 17:49, Derick Rethans wrote:
>
> Which *API* in PHP is 1-indexed?
>
> cheers,
> Derick
Certainly isn't normal but found 1 (and only 1!):
$stmt = $pdo->prepare('SELECT name FROM users WHERE id = ?');
$stmt->bindParam(1, $id);
>make it a no-op for now (and to deprecate for PHP8.5/9.0 whatever is next)
Sounds perfect.
Fwiw CURLOPT_BINARYTRANSFER was deprecated in 8.4.0alpha without an RFC,
but it had been a no-op since 5.1.4 in 2004
On Mon, Jul 29, 2024, 12:23 Christoph M. Becker wrote:
> On 28.07.2024 at 19:26, Aye
something like
$result = (new HashContext("SHA1"))->update($str1)->update($str2)->final();
(userland sample imp: https://3v4l.org/lXd3u )
I tried asking on the bugtracker ( https://bugs.php.net/bug.php?id=80221 ) ,
but was told to ask on this mailing list instead.
--
PHP Internals - PHP Runtim
i know this is unrelated to the thread at hand, but am i really
supposed to find the email of everyone who has replied to a thread,
and add them all manually to cc? (or is it sufficient to just send it
to intern...@list.php.net ? ) (also funfact, it seems if you regex the
innerHTML after opening an
ote:
>
> On Tue, 13 Oct 2020 at 10:43, Hans Henrik Bergan
> wrote:
>
> > i know this is unrelated to the thread at hand, but am i really
> > supposed to find the email of everyone who has replied to a thread,
> > and add them all manually to cc?
> >
>
>
&
@Rowan Tommins
>I think I'd prefer to drop the fluent interface (returning void on most
> things, and relevant values on others)
well both approaches has pros and cons,
that said, the sample implementation Sara posted returns $this,
if you (or anyone) feels strongly about it one way or the othe
i want BLAKE3 hash support in php,
some justifications can be found here https://bugs.php.net/bug.php?id=79492
primary reasons being that it's a "cryptographically secure hash",
predecessor BLAKE was nearly crowned "SHA3" (SHA3 finalist),
and it's very fast in software,
when i run it against php-s
@Rowan Tommins
not saying this is a good idea or anything, but i just want to point
out that there's another way to do it in
7.4
$object = new class($foo, $foo * 2, $nextBaz) {
public int $foo;
public int $bar;
public int $baz;
public function __construct($foo, $bar, $baz) {
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
@Nikita Popov
> How did you draw the conclusion that non-crypto hashes are not included?
yeah i know they're there when you run them, but if you look at the
benchmarks in the source code, from line 4 - 71, all the non-crypto
hashes are absent there,
https://github.com/php/php-src/blob/master/ext
@Christoph M. Becker
haha that's probably it, i guess that long ago PHP didn't have any
non-crypto hash algos,
one of the results read "256MB Windows 2000"
when was the last time someone rolled a 256MB ram windows 2000?
(am rolling some 128MB ram VPS's, but rolling Windows with such
amounts of ram
PR to make it "a constant number of bytes to hash" here:
https://github.com/php/php-src/pull/6386
.. was bugging me
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
being the fastest secure hash on the list, for exact
numbers check the PR.
thoughts?
On Wed, 21 Oct 2020 at 21:34, Hans Henrik Bergan wrote:
>
> i want BLAKE3 hash support in php,
>
> some justifications can be found here https://bugs.php.net/bug.php?id=79492
> primary reasons bei
@Levi
> However, I still see CPU related code in get_cpu_features. Are you
> sure you pushed the right thing?
I think it's correct, yes, the problem is ext/hash/blake3/blake3_dispatch.c,
which is just a copypaste of the upstream
https://github.com/BLAKE3-team/BLAKE3/blob/master/c/blake3_dispatch.
+1 for ::tokenize()
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
something i'm missing from Javascript is the ability to give names to closures,
this both gives closures the ability to reference themselves, but it
also makes for meaningful stack traces, eg this is legal javascript:
(function TheClosuresLocalName(){console.log(TheClosuresLocalName);
throw new Er
if i have understood the "as"-suggestion correctly:
$fn = function() as $lambdaOrAnyName {var_dump($lambdaOrAnyName);};
(function() as $lambdaOrAnyName{var_dump($lambdaOrAnyName);})();
then that syntax is fine with me. this is also very close to how it
works in JavaScript (except the "as" part),
so.. will the imagecreatefromstring() thing be fixed in 8.0.1 or 8.1.0 ?
On Wed, 2 Dec 2020 at 10:57, Nikita Popov wrote:
>
> On Wed, Dec 2, 2020 at 10:21 AM Aimeos | Norbert Sendetzky <
> norb...@aimeos.com> wrote:
>
> > Am 01.12.20 um 18:24 schrieb Christoph M. Becker:
> > > On 01.12.2020 at 18
if this gets rid of a significant amount of implementation complexity
or runtime overhead, i'm all for it, and don't think i've ever seen
code like $GLOBALS = []; before,
given that it's technically a BC break, would have been nice as a
8.0.0 thing, but i hope it's small enough for an 8.x instead
given that file_put_contents() supports LOCK_EX
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
FWIW i'm surprised with the lack of ENT_DISALLOWED , personally i use
tohtml(string $str):string{ return htmlentities($str, ENT_QUOTES |
ENT_HTML401 | ENT_SUBSTITUTE | ENT_DISALLOWED, 'UTF-8', true);}
On Sat, 26 Dec 2020 at 12:03, Craig Francis
wrote:
> Hi,
>
> Could htmlspecialchars() use ENT_Q
PASSWORD_THROW_ON_ERROR
password_verify ( string $password , string $hash, int $flags = 0 ) : bool
On Fri, 29 Jan 2021 at 16:01, Benjamin Morel
wrote:
> Hi all, thanks for the constructive feedback.
>
> On Fri, 29 Jan 2021 at 15:52, Marco Pivetta wrote:
>
> >
> > Gonna be the usual person sayi
BLAKE3 is a very fast cryptographically secure hash algorithm,
when i run this implementation https://github.com/php/php-src/pull/6358
against ext/hash/bench.php on an i7-8565U, it's competing against adler32
in performance, and it's significantly faster than every other
cryptographic hash (~2.6 ti
if FWIW if DateTime::__toString() was just
function __toString():string{
return $this->format(\DateTime::RFC3339);
}
i certainly wouldn't complain.
On Wed, 3 Mar 2021 at 12:16, Bruce Weirdan wrote:
> On Wed, Mar 3, 2021 at 1:07 PM Moritz Friedrich wrote:
>
> > but I’m not too fond of the c
i would prefer to soft-deprecate them like we did with the mysql_ api,
where they do not generate E_DEPRECATED for quite some time, but the
documentation say
"this function is deprecated, instead use mb_convert_encoding ( $str ,
"UTF-8", "ISO-8859-1" ); or iconv("ISO-8859-1","UTF-8", $str)"
and..
just want to double check, 1.009 will then be an incompatible
cast to int(1), right? because the 0.009 will be lost?
On Wed, 14 Apr 2021 at 13:41, G. P. B. wrote:
> On Thu, 1 Apr 2021 at 12:39, G. P. B. wrote:
>
> > Hello internals,
> >
> > It's been a couple of weeks a
fwiw this can be implemented in userland, and i bet someone already made a
composer package for it ^^
On Tue, 25 May 2021 at 11:20, Karoly Negyesi wrote:
> Hi,
>
> I was wondering whether $array->map($somefunction) would be possible. I am
> not a C programmer by any stretch but reading ZEND_VM_H
i don't like this part of the RFC:
> There's a number of bug reports related to this. From what I understand,
the core problem here is not that the ISO8601 format is *wrong*, it's just
one of multiple legal ISO-8601 formats. As DateTime formats always refer to
a specific format, not a set of multi
On Tue, 15 Jun 2021 at 14:24, Nikita Popov wrote:
> On Tue, Jun 15, 2021 at 12:48 PM Hans Henrik Bergan
> wrote:
>
>> i don't like this part of the RFC:
>>
>> > There's a number of bug reports related to this. From what I understand,
>> the core pro
How is one supposed to use this? like
if(!is_trusted($val)){
$val = htmlentities($str, ENT_QUOTES | ENT_HTML401 | ENT_SUBSTITUTE |
ENT_DISALLOWED, 'UTF-8', true);
}
echo "$val";
(...)
if(!is_trusted($val)){
$val = $mysqli->real_escape_string($val);
}
$mysqli->query("INSERT INTO tbl VALUES(
short of a bug in esc_like(), i don't even see the vulnerability issue in
that code?
that sanitize call looks like a data corruption issue and i bet it fails to
search for binary data, but i don't see the critical vulnerability?
17 Jul 2021 at 03:45, Craig Francis
wrote:
> On Fri, 16 Jul 2021 at 21:24, Hans Henrik Bergan
> wrote:
>
>> short of a bug in esc_like(), i don't even see the vulnerability issue in
>> that code?
>>
>
>
> Sorry Hans, I copied the wrong diff.
>
> Ther
fwiw i think no self-respecting codebase is depending on an ini-setting
being correct for the ua in cases where the ua is actually important, so
the breakage should be minimal.
On Sun, 27 Jun 2021 at 09:25, Aleksander Machniak wrote:
> On 27.06.2021 08:48, Michael Maroszek wrote:
> > That's what
>
> or doing nothing at all.
>
Sounds good to me.
On Tue, 3 Aug 2021 at 16:47, Sara Golemon wrote:
> On Tue, Aug 3, 2021 at 4:45 AM Hans Henrik Bergan
> wrote:
>
>> fwiw i think no self-respecting codebase is depending on an ini-setting
>> being correct for t
btw why isn't foo.bar=123 decoded to array("foo.bar"=>123); ?
this looks pretty bad to me https://3v4l.org/6Wa23
On Fri, 6 Aug 2021 at 10:29, Peter Bowyer wrote:
> On Fri, 6 Aug 2021 at 08:18, ignace nyamagana butera
> wrote:
>
> > I read your RFC and I understand the intent in improving the c
not sure if this message belongs on php-gene...@lists.php.net or
internals@lists.php.net or elsewhere, i'll just try here first and see what
happens,
recently made some tests to check performance of UTF8 validators, and in
that (simple non-comprehensive) test, preg_match() is ~33 times faster than
+1 from me, and yeah lets not care about that edge case, i hope the edge
gets removed at some point.. (but that's an issue for another thread)
FWIW if attempts at getting it in 8.2 fails, i would welcome another
attempt at this for PHP9
On Fri, 13 Aug 2021 at 15:29, Nikita Popov wrote:
> Hi in
Speaking of, i hope that one day we can support javascript-style let in php
:) like
foreach($it as let &$v){}
but that's a discussion for another thread (and i'm sure it has been
discussed before, i haven't actually checked though)
On Sat, 14 Aug 2021 at 15:23, Hossein Baghayi
wrote:
> On Fri, 1
well today you can do
foreach($it as &$value){...} unset($value);
- which is pretty close, but it will break with
$value="initial";foreach($it as &$value){...}unset($value); echo $value;
here $value will not be "initial", it will be undefined, however you *CAN*
do
$value="initial";(function()use(&
PS i've seen *HORRIBLE* fs performance for php-running-on-windows,
where the same filesystem operations on the same files took like 5 seconds
on linux-running-on-vmware-on-laptop-running-windows-10, versus several
minutes for the same operation on the same laptop on windows 10 directly..
for people
WSL1 or WSL2? afaik they have significant performance differences, and we
should only consider WSL2 as WSL1 is being deprecated afaik
On Tue, 7 Sept 2021 at 12:31, Kamil Tekiela wrote:
> > It would be great if someone on
> Windows and macos could repeat this experiment
>
> I ran this on Windows
>What use-case does that serve?
if some country want to change their timezone for whatever reason, to some
timezone that didn't exist previously, could happen at any time really
On Mon, 13 Sept 2021 at 13:32, Hans Henrik Bergan
wrote:
> > What use-case does that serve?
>
>
there's also plenty of broken links on reddit to git.php.net , ref
https://www.google.com/search?q=git.php.net+site%3Areddit.com
it wouldn't be hard to set up a redirector parsing commit ids out of the
url and redirecting to github,
+1 from me.
On Mon, 4 Oct 2021 at 07:04, Stanislav Malyshev wro
do it ^^
On Mon, 4 Oct 2021 at 08:01, Andreas Heigl wrote:
> Hey all.
>
> On 04.10.21 07:52, Hans Henrik Bergan wrote:
> > there's also plenty of broken links on reddit to git.php.net , ref
> > https://www.google.com/search?q=git.php.net+site%3Areddit.com
> >
&
essed)
it passes "Stanislav Malyshev"'s initial sample url, but it probably fails
on any other formats, if anyone has test urls, share em
On Mon, 4 Oct 2021 at 08:38, Hans Henrik Bergan
wrote:
> >So who's going to work on it? Doesn't make sense to have 5 people wor
1 - 100 of 165 matches
Mail list logo
