Hello
New to PHP internals. Keen on fixing a bug or two where I can.
Warm Regards
Peter Chaula
Hi Marcio,
On 11 February 2015 at 20:50, Marcio Almada wrote:
> Hi internals!
>
> Since no new discussion topics appeared, the voting on the Group Use
> Declarations RFC for PHP7 is now open:
>
> RFC: https://wiki.php.net/rfc/group_use_declarations#votes
> Patch: https://github.com/php/php-src/p
On 16 February 2015 at 16:42, François Laupretre wrote:
> Hi,
> >
> > De : Arvids Godjuks [mailto:arvids.godj...@gmail.com]
> >
> > The 0.1 RFC version was mentioned a lot as a good compromise by many
> > people
> > and had major support.
> > Maybe someone competent could pick it up, make necessa
Hello,
I would like to ask someone more skilled with PHP internals, where can I
found some documentation when I want to start to develop new PHP SAPI. For
many years I'm using PHP as FastCGI but standrad FastCGI handler and also
new PHPFPM does not suits my needs.
So how to start? Where can I fin
One thing to consider when annotations are classes is whether using an
annotation should make the annotated class depend on the annotation
classes it uses. In other words, would a missing annotation class
produce an error? It doesn't in Java (at runtime, see
http://stackoverflow.com/a/3567969) and
't lead anywhere. And if this is really about the
voting practise, why is the numbers on what it would do with your RFC to
ignore the oldtimers relevant?
regards,
Peter Petermann
2015-03-15 15:19 GMT+01:00 Anthony Ferrara :
> All,
>
> I ran some numbers on the current votes of th
On 15 March 2015 at 15:46, Nikita Popov wrote:
> Hi internals!
>
> To ensure we have no shortage of new RFC votes...
>
> https://wiki.php.net/rfc/reclassify_e_strict#vote
>
> Voting is open for ten days :)
>
Nikita, don't forget to start a new thread with the tag [VOTE] in the
subject line a
On 16 March 2015 at 01:40, Wei Dai wrote:
> Hi internals,
>
> The RFC to add a user-land function for an easy-to-use and reliable
> preg_replace_callback_array() in PHP is up for discussion:
> https://wiki.php.net/rfc/preg_replace_callback_array
>
> This proposes adding one function: `preg_replac
On 15 March 2015 at 15:23, Levi Morrison wrote:
> On Sun, Mar 15, 2015 at 8:29 AM, Michael Wallner wrote:
> >
> >> On 15 03 2015, at 15:19, Anthony Ferrara wrote:
> >>
> >> All,
> >>
> >> I ran some numbers on the current votes of the dual-mode vote right
> >> now. There were a number of voters
On 16 March 2015 at 14:59, Xinchen Hui wrote:
> Hey:
>
> On Mon, Mar 16, 2015 at 5:45 PM, Peter Cowburn
> wrote:
> > On 16 March 2015 at 01:40, Wei Dai wrote:
> >
> >> Hi internals,
> >>
> >> The RFC to add a user-land function for an easy-t
On March 16, 2015 2:32:39 PM GMT+01:00, Pascal Chevrel
wrote:
>It's too late, Bob's Basic STH missed the schedule for PHP 7, it was
>proposed way too late and the coercive STH RFC has just zero chance to
>pass, it's too much of a BC break for everybody. The dual mode STH is
>the only chance
On 17 March 2015 at 08:02, Sanford Whiteman wrote:
> > rather than having a single untyped parameter amongst typed ones
>
>
> Yes, when experimenting with strict types, I'd rather move things in and
> out of 'mixed' than remove the notation completely. Like you said, 'mixed'
> means, "I've revie
On March 16, 2015 11:10:41 PM GMT+01:00, Pierre Joye
wrote:
>On Mar 17, 2015 7:05 AM, "Peter Petermann"
>wrote:
>>
>>
>>
>> On March 16, 2015 2:32:39 PM GMT+01:00, Pascal Chevrel <
>pascal.chev...@free.fr> wrote:
>>
>> >It&#
On 21 March 2015 at 08:14, Xinchen Hui wrote:
> Hey:
>
> On Fri, Mar 20, 2015 at 9:14 PM, Xinchen Hui wrote:
> > Hey:
> >
> > On Fri, Mar 20, 2015 at 7:53 PM, Alain Williams
> wrote:
> >> On Fri, Mar 20, 2015 at 10:46:58PM +1100, Pierre Joye wrote:
> >>> On Fri, Mar 20, 2015 at 7:03 PM, Wei Dai
h applies both to
DateTime::add and DateTime::sub)? I've tried searching the internals list
but couldn't see any discussion of it. It seems like a bug that never got
fixed to the point where there are tests to make sure things are still
calculated wrong.
Regards
Peter
--
WWW: plphp.dk / plind.dk
CV: careers.stackoverflow.com/peterlind
LinkedIn: plind
Twitter: kafe15
On 13 April 2015 at 22:20, Derick Rethans wrote:
> On Sun, 12 Apr 2015, Peter Lind wrote:
>
> > Hi,
> >
> > I wanted to get into PHP code development so I grabbed a random bug from
> > bugs.php.net. Which turned out to be
> https://bugs.php.net/bug.php?id=69378
&
On 13 April 2015 at 22:20, Derick Rethans wrote:
> On Sun, 12 Apr 2015, Peter Lind wrote:
>
> > Hi,
> >
> > I wanted to get into PHP code development so I grabbed a random bug from
> > bugs.php.net. Which turned out to be
> https://bugs.php.net/bug.php?id=69378
&
cc-ing doc list
On 22 April 2015 at 10:40, Stelian Mocanita
wrote:
> Hello internals,
>
> I would like to ask what on your thoughts on removing the Oracle drive for
> PDO from the documentation (http://us1.php.net/manual/en/ref.pdo-oci.php)
> at least since it's been experimental for a long time
On 22 April 2015 at 11:24, Peter Cowburn wrote:
> cc-ing doc list
>
> On 22 April 2015 at 10:40, Stelian Mocanita
> wrote:
>
>> Hello internals,
>>
>> I would like to ask what on your thoughts on removing the Oracle drive for
>> PDO from the documentatio
On 22 April 2015 at 11:40, Stelian Mocanita wrote:
> Peter,
>
> I did not know about the documentation part, thanks for clearing that out.
>
> I would like to ask though, what is the benefit of having the dead
> extensions there?
> From my point of view, it does more harm
On 19 May 2015 at 17:16, Levi Morrison wrote:
> I strongly disagree with this action. These types required an RFC; why
> should this be different? Also note that neither of the reserve
> typename RFC were unanimous.
>
> Furthermore, we are past the RFC stage. We are *supposed to already
> have an
isely this purpose:
> https://wiki.php.net/rfc/libsodium
>
> Regards,
>
> Scott Arciszewski
> Chief Development Officer
> Paragon Initiative Enterprises <https://paragonie.com>
>
--
Peter Petermann
Email: ppeterman...@gmail.com - get my public PGP key from SKS Keyservers
PGP Key:
http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0x0E6DBD675836A5C7
On 7 June 2015 at 14:14, Alexandre Pereira Bühler <
alexan...@simaoebuhler.com.br> wrote:
> Kaplan,
> Good day,
> I already have karma to push in
> http://git.php.net/?p=web/gtk.git;a=summary
> See: https://people.php.net/user.php?username=buhlerax
> The problem is that the php-gtk project is half
On 28 April 2015 at 14:24, Olivier Garcia wrote:
> Dear Internals,
>
> The "Improved Error Callback Mechanism" RFC is now in voting phase.
>
> You can cast your vote on the Wiki [1] and the according patch is
> available as a Pull Request [2].
>
> Vote will be open for two weeks, counting from to
On 4 August 2015 at 10:13, Lauri Kenttä wrote:
> On 2015-08-03 23:54, Scott Arciszewski wrote:
>
>> $AES = new \PCO\Symmetric('openssl:cipher=AES-128');
>>
>
> It would be great if you could just ask for cipher=AES-128 without
> explicitly specifying the provider (openssl).
>
>
Even better wo
On 4 August 2015 at 13:56, Scott Arciszewski wrote:
>
> Hi Peter,
>
> It's not really a "made-up string format", in the sense that it has a
> precedent (PDO).
>
>
True, and that format sucks royally. It trips people up.
Combining several arguments into one
On 17 August 2015 at 15:24, Sebastian Bergmann wrote:
> Am 17.08.2015 um 16:00 schrieb Derick Rethans:
> > Actually, I don't call this intended. This is just as much as a BC break
> > as the original implementation where Errors where also Exceptions. IMO,
> > set_exception_handler() should be cha
Hello,
There came up another idea/issue about the Phar extension and its
native SSL support.
As you might know or not, when building PHP:
./configure --with-openssl --enable-phar
the Phar extension will get so-called native SSL enabled through
OpenSSL directly. However, when built like this:
.
On Mon, 26 Aug 2024 at 20:05, Calvin Buckley wrote:
> As such, it might be a bit tricky for people on Windows/AIX; the easiest
> solution if PHAR is using the openssl extension's symbols would be to not
> build the openssl extension as shared.
I've just checked Windows build and the PHP downloade
On Wed, 4 Sept 2024 at 15:07, Christoph M. Becker wrote:
>
> Hi all,
>
> that issue came up the other day on a pull request[1], but since it is
> not particularly related to any single PR, I wanted to ask here for
> clarification.
>
> This is about changes to `./configure` options of php-src, and
On 15 December 2011 16:19, David Soria Parra wrote:
> As outlined in my previous post. An author in git is identified
> by "NAME ". We will rewrite commit information to match
> this format during the SVN to Git migration. At the moment
> this affects php-src only, but it will probably expand to o
asonable in many cases, IMO, but makes all chains a potential
fatal. An exception would make a lot more sense, and allow us to
centralize handling of such "exceptional" cases rather than throwing
if-checks everywhere. (Which is exactly what exceptions are for.)
>
> --Larry Garfield
>
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
Seems to me this change would encourage bad habits (breaking the law of
Demeter) which would personally put me against it.
Regards
Peter
On 22 February 2012 20:04, Larry Garfield wrote:
> On 2/22/12 12:37 PM, Peter Lind wrote:
>
>>> I would also support this. There's a myriad reasons why something may
>>
>> return NULL or FALSE when you expect it to return an object, some of them
>> even
On 2 March 2012 01:56, Philip Olson wrote:
> Hello!
>
> Please clarify whether or not get_magic_quotes_gpc() and
> get_magic_quotes_runtime()
> are deprecated, because I do not think they are. Deprecated means people
> should not
> use them while writing new code, but they are perfectly sensible
Hi Pierre,
The length of the reply being replied
On 7 March 2012 10:12, Pierre Joye wrote:
> On Wed, Mar 7, 2012 at 11:05 AM, Derick Rethans wrote:
>
>
to is irrelevant. The length of the reply is also
> > The mailinglist guidelines also are for you, so let me repeat what I
> > wrote yester
There is a Planet PHP which aggregates many blogs articles written by
contributors:
http://planet-php.net/
Peter
On Thu, Mar 8, 2012 at 09:58, adit adit wrote:
> Hi,
>
> Can you tell me which one of you guys has any blogs on which i can read
> about the php internals?
> I'v
On 30 March 2012 11:51, Ferenc Kovacs wrote:
> AFAIK mariuz should have karma for the interbase and pdo_firebird exts, see
>
http://svn.php.net/viewvc/SVNROOT/global_avail?view=markup#l176 and
> http://svn.php.net/viewvc/SVNROOT/global_avail?view=markup#l292
> so it is either a bug in the new kar
On 30 March 2012 12:28, Ferenc Kovacs wrote:
>
> nice catch!
>
Thanks. Here's an updated patch since Pierre changed the firebird karma.
Maybe Pierre could apply this? :)
Index: global_avail
===
--- global_avail(revision 32463
On 30 March 2012 12:35, Peter Cowburn wrote:
>
> Thanks. Here's an updated patch since Pierre changed the firebird karma.
> Maybe Pierre could apply this? :)
>
Philip has applied the patch, I don't know how often the git server updates
the karma file but you should be able
tional parameters always get NULLs
> or their default values?
It needs to be the default values, otherwise it will be a huge WTF for
developers.
With that in mind: +1 if default values are used when skipping
parameters, -1 if NULL is used when skipping parameters (not that I
have voting pow
On 18 April 2012 10:25, Daniel Macedo wrote:
> But I couldn't support the comma train, for the insane «lots of
> parameters» case, would hate to read some fn($some $var,,, $other)
> call.
> I'd rather reuse a reserved word like 'default' (or even get a shorter
> one?)
>
>
How about "null"? (T
On 18 April 2012 11:38, Daniel Macedo wrote:
> You can't do that, NULL is a perfectly acceptable value to pass into a
> function, you wouldn't be able to know when you wanted to pass NULL or
> use the default value, e.g.:
>
>
You totally missed the point: hinting, not-so-subtly, at the
long-estab
em run in parallel would
be a very nice feature :)
Regards
Peter
--
WWW: plphp.dk / plind.dk
LinkedIn: plind
BeWelcome/Couchsurfing: Fake51
Twitter: kafe15
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
y by mixing sources? I.e. will the result be
"more random"? Won't it just be as random as the most random source?
Other than that, the SPL version seems like a nice idea.
Regards
Peter
--
WWW: plphp.dk / plind.dk
LinkedIn: plind
BeWelcome/Couchsurfing: Fake51
Twitter: ka
On 14 June 2012 15:35, Anthony Ferrara wrote:
> Peter,
>
>> Whether or not a CSPRNG is needed depends on what you're doing, your
>> needed level of security. Perhaps add a parameter to control this, so
>> it would be possible to make use of this function even if you
o promote either.
> You wouldn't be "educating in the right way".
And I'm obviously not advocating a shared salt (at least, I wasn't
thinking I was, especially seeing as I asked for a parameter in
function to make sure that salts would be more random).
Regards
Peter
-
.
>
Other bracket-less blocks allow authors to shoot themselves in the foot
equally so, yet PHP supports these as well. The actual problem here is an
inconsistency in the parser, which I'd consider to be a bug.
Peter
> --
> Rafael Dohms
> PHP Evangelist and Community Leader
> http://www.rafaeldohms.com.br
> http://www.phpsp.org.br
>
_hash($my_128_char_pepper . $password, PASSWORD_DEFAULT);
Which obviously renders the hashing useless, as you'll be hashing the
same 72 chars over and over again. Which, currently, crypt() let's you
get away with without as much as a hiccup.
Regards
Peter
--
WWW: plphp.dk / plind.dk
CV:
On 31 July 2012 22:02, Anthony Ferrara wrote:
> Peter,
>
> On Tue, Jul 31, 2012 at 3:46 PM, Peter Lind wrote:
>>
>> On 31 July 2012 18:21, Anthony Ferrara wrote:
>>
>> *snip*
>>
>> >
>> > Also, be aware that BCrypt only uses the first
On 2 August 2012 07:35, Adam Harvey wrote:
> Thoughts? (Do we even want to auto-fill this from $OLDRELEASES, or
> would we rather have a manual array?) Specific notes on
> vulnerabilities to add to branches? Better versions of the copy in the
> initial blurb?
Why is this information not just disp
On 2 August 2012 09:36, Morgan L. Owens wrote:
> Just as each release announcement dated with detailed kept on a distinct
> page (linked in that list), all that's needed there is a date when support
> ended, with (any available) information on what was obsoleted in the process
> also on a distinct
On 3 August 2012 16:09, Rasmus Schultz wrote:
> Is this all the documentation there is for the use-clause for
> anonymous closures?
>
> http://us2.php.net/manual/en/functions.anonymous.php
>
> For one, it would be nice to have documentation that explains whether
> the variables listed in the use-c
On 21 August 2012 23:26, Yasuo Ohgaki wrote:
> array_walk is the best(fast and memory efficient) way
> to delete elements.
If array_walk() is the best (fast and memory efficient) way to delete
elements, why have we had the following line in the manual, for the
array_walk() callback, for over a de
nable
AOP in PHP directly. I was wondering if there are any interests/possibility
to include AOP into the PHP core?
Best regards,
Peter
/8/23 William Betts
> On Thu, Aug 23, 2012 at 7:36 AM, Peter Nguyen wrote:
> > Hi,
> >
> > AOP (http://en.wikipedia.org/wiki/Aspect-oriented_programming) when used
> > correctly, can make your application really modular. I've seen several
> > implementat
a on pastebin ;) But I have no idea how it could look
> like
>
> Regards,
> Sebastian
>
>
> Am 23.08.2012 16:36, schrieb Peter Nguyen:
>
> Hi,
>>
>> AOP
>> (http://en.wikipedia.org/wiki/**Aspect-oriented_programming<http://en.wikipedia.org/wiki
s executed...
Another option is not to use wildcards and define the joint point
explicitly.
2012/8/24 Sebastian Krebs
> 2012/8/24 Peter Nguyen
>
> > Your argument is a general issue when refactoring code. Whenever you
> > change the name of a method/class, you need to change it in all
>
>> AOP is the future and a very awesome complement to OOP. It is a shame that
>> very few are doing it and I think this would attract some good attention
>> to
>> PHP after traits (both are horizontal reuse mechanisms).
>>
>> On Fri, Aug 24, 2012 at 2:01 AM,
Anthony,
2012/8/24 Anthony Ferrara
> Peter,
>
> On Fri, Aug 24, 2012 at 2:36 PM, Peter Nguyen wrote:
>
>> This is exactly the "problem" that AOP solves. I think the decorator
>> pattern is just a solution for the shortcoming of the language itself.
>
>
FYI, there is already namespace support in the extension, and you can also
use type hinting on the pointcuts with interfaces/traits besides class
names.
On 26 August 2012 18:48, Stas Malyshev wrote:
>
>> I got a PHP Wiki account but couldn't vote. Are you sure the Wiki
>> accounts got the permissions to vote?
>
> Hm... Not sure, maybe somebody has to enable it?
There is a special group ("voting" IIRC) for wiki accounts with voting
rights. "Ordin
On 26 August 2012 19:20, Stas Malyshev wrote:
> Putting aside the fact that democracy has very little to do with what
> we're trying to do here (we're not government, we're opensource
> project), that's how democracy *doesn't work*. As you noticed, it is
> "too bad", and it is exactly the problem
That's why I thnk the extension is superior to all other solutions, because
it doesn't require code generation in userland. Also, it will be possible
to backtrace to the declaration of the aspects.
2012/8/26 Rasmus Schultz
> >
> > On Thu, Aug 23, 2012 at 7:36 AM, Peter Ngu
" (read:
per-instance) string format with something like setToStringFormat() or
whatever, that becomes *more* work than just calling format().
Thank you kindly,
Peter
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Best solution from a random developers perspective:
- stick the 4-line solution in the docs and on to the bug report. Then
mark as won't implement
It's a far better solution than choosing a random format for users, as
should be more than evident by now.
Regards
Peter
--
WWW
duction Value: Off
In a production environment with display_errors off, E_STRICT doesn't
crash anything. Actually, even with it on, it doesn't crash anything -
shitty code does, by creating notices and then using header() calls
afterwards to create redirects.
Solution: fix your server. Fix
know - I'm still yackin' about the
print_r(glob("{/home/currentuser/,/etc/}*",GLOB_BRACE)) issue combined
with the glob file name disclosure issue)
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
LOB_BRACE));
.. are possible even in safe_mode/open_basedir-restrictions, these new
functions will have pretty small effect unless one works his way
entirely around the session functionality in the first place...
E.g.:
http://basedir.ter.dk/globall.php
--
- Peter Brodersen
--
PHP Internals - PHP
beta"-consideration.
For the sake of the references-fix, I suppose it's a case of DIYDDIYD.
I agree with Zeev regarding the importance of the wording in the
release notes.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
;) == ...)
Of course I'm not against notices, but I think there is a clear
distinction (or should be...) between stuff that might exist beyond
our control (user-submitted data) and stuff that we rely on (own
variables).
But all in all: very exciting. As mentioned, there really migh
instead of \\1 or $1)
I'm not that worried about my own preg-usage. I just want to be
prepared if I ever have to review some code for the purpose of
migrating to PHP6.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Hi,
> Why this crashes:
>
> php -r 'class a { function b() { return $this->b(); }} $c = new a(); $c-
> >b();'
>
> and this does not?
>
> php -r 'function a() { return a(); }'
because you forgot to call a();
This also crashes:
php -r "function a() { return a(); } a();"
Sven
--
PHP Internals -
f,pdf,bmp,raw}",GLOB_BRACE));
If all you want is to supply glob() with a list of full or partial
patterns I think the desired functionality is already present.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
ms like glob.h is that troublesome.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
t an observation than solutions. Some of the
suggestions might even be patronizing ("you should reply in a good
manner, not in a bad manner").
I suppose there are reasons for many things. I suppose a lot of the
.-answers are when there are many open bugs and a nice developer
decides that
like users to search the bug database at
first it might be treated more as a knowledge base. It wouldn't be a
here-and-now solution but could reduce the bogus bug submissions in
time.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
spect a lot of applications will. The
>fact date() now tries to be intelligent about it but fail is a real problem.
Just out of curiousity of the scope of this issue... where did the
string "IDT" come from in the first place?
Any specific distribution? Default OS setting?
--
- Peter
L
>extension, point your browser at
>http://pecl4win.php.net/ext.php/php_oci8.dll
AOL! I mean... great work! :-)
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
eloper/user with no control of his sysadm's settings?
Would there be any concerns for PHP users who would like their code to
work in different setups? (one with the old behaviour, one with the
new behaviour - both running the same 5.1.x version)
--
- Peter Brodersen
--
PHP Internals -
ehaviour could be a disservice as well. Even though they were meant
to ease a BC transition, you suddently can't be sure if your code runs
on any other servicer even if the x.y.z version is the same.
In some cases it could just result in Even Another Intial Ini-Check In
Your PHP Code.
--
- P
re thinking of.
I can't see any reason for that statement, though.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
On Sun, 9 Oct 2005 00:55:45 -0400 (EDT), in php.internals
[EMAIL PROTECTED] (Adam Maccabee Trachtenberg) wrote:
>We seem to be under the impression that the Unicode speed penalty will
>be so harsh that a Unicode-only PHP 6 will be too slow for
>use. However, we don't know that for sure. Yes, it wi
e cumbersome to help
people with php issues as the php version is not directly available.
Honestly I'm not sure how I would feel on the "expose version number"
issue if e.g. google would allow people to restrict their searches
based on header information as well.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
rojects. Apache, mod_ssl, mod_perl and so on. I can't recall they
seriously would encourage people to disable version information so
much that they would change their default settings to reflect this.
I would agree with Markus. This is security by obscurity. The
automated attacks do happen anyw
Furthermore, and just a though: would it be possible to have an option
when compiling an apache module of setting the open_basedir value to
the same as the virtual host's DOCUMENT_ROOT? I think deployment could
be much easier this way.
(oh yeah, and I really hope glob() results would
Of course the
larger web service providers would have automated their virtual host
generation and Apache2 users might just use mod_macro. Personally I feel
it kind of redundant to specify the users document_root as their open_basedir
value (although other might want to allow one level up giving
w
files. Other users wouldn't be able to read the files belonging to
"penguin".
This might be out of scope for php, but as a recommended setup I think
it would be fair to provide hints for general setup.
(and once again, I agree that safe_mode is not safe, it is a poor
functiona
"disable_exec_functions" might be a
setting that is clear about its purpose and impact.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
de would disable.
Furthermore, this behaviour would be vulnerable to new exec-functions
requiring a lot of maintenance for end users.
If this really is best practice, why don't we just rename safe_mode to
"disable_exec_functions" (and maybe remove UID checks)? It would be
easier to mai
ralized (the current php script)
I guess my main concern is that open_basedir is kept in PHP6 (based on
the talks), but it is pretty much useless if not backed up by other
tools (disable_exec_functions, some_exec_dir_restriction, ...)
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
sible new directives
it would be too early to put up some text.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
anging list of functions
under disable_functions which would make upgrades cumbersome.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
y an input where the number of
bits does not add up to a number divisible by eight? Or is this
feature of md5 simply not relevant to anybody?
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
a whole "independent" language.
I wouldn't like to see php projects have to create different packages
with individual code for different types of os or distribution.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
+1
(sorry for the first post)
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
them and maybe the ones
>who don't would go through the same process I went through once they get
>used to it J
>
>
>
>Andi
>
>
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
also expects the input to be UTF-8
encoded, but it replaces incomplete sequences with the character "?".
I don't know if it is a recommended standard for invalid input but I
have seen this conversion as well in a couple of other applications,
e.g. Firefox.
--
- Peter Brodersen
--
PH
",utf8_decode(chr(0xE0)));';
done
07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00
$ for a in `seq 1 20`; do php -r 'printf("%02x ",utf8_decode(chr(0xE0)));';
done
08 00 00 02 00 00 00 00 00 05 00 00 00 05 00 00 07 00 09 00
$ for a in `seq 1 20`; do php -r
t)
I'm not fond of the "?" feature as well, but it is present in
utf8_decode() and other non-php applications with utf-8 conversion.
My guess is still that some standard recommends this conversion as a
possible fallback for error handling.
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
ormed sequences or
unavailable characters does not conform to ISO 10646, will make
debugging more difficult, and can lead to user confusion.
==
--
- Peter Brodersen
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
1 - 100 of 676 matches
Mail list logo
