Hi all,
Few years ago, I have proposed strict session.
It seems PHP 5.4 and php-src don't have protection against session
adoption yet.
Since there will be many TLDs, session adoption attack will be
very easy for some domains until browsers support them.
Even without new TLDs, attacker may place
On Thu, Nov 3, 2011 at 7:30 PM, Anthony Ferrara ircmax...@gmail.com wrote:
Paul,
I wasn't saying whether it should be included or not. I was saying
that performance should not be a justification for it being included.
It may be a benefit, but it's a very small side benefit as opposed to
a
On Fri, Nov 4, 2011 at 10:33 AM, André Rømcke a...@ez.no wrote:
On Thu, Nov 3, 2011 at 7:30 PM, Anthony Ferrara ircmax...@gmail.com
wrote:
Paul,
I wasn't saying whether it should be included or not. I was saying
that performance should not be a justification for it being included.
On Thu Nov 3 03:06 PM, Will Fitch wrote:
Wouldn't you consider spl_autoload_register an interoperability
solution? Only your defined autoloading function would then need to
know how your file system is structured, there'd be no need for
include_path declarations and you wouldn't have to
Jonathan,
The problem with spl_autoload_register() is it isn't clear what the
autoloading function is supposed to do if the class if not found.
Then that's a documentation problem. If you throw an exception in
yours, sure that's going to cause problems for anyone else. It's 100%
possible
On Sat Oct 22 04:38 AM, Nathan Nobbe wrote:
Hi folks,
With a 5.4 release right around the corner I'd like a moment of your
time to reconsider this issue [1].
Just curious why it died on the table if several folks saw value in
it, including Stephan who I gather is the primary architect of
On Nov 4, 2011, at 7:19 AM, Anthony Ferrara wrote:
Jonathan,
The problem with spl_autoload_register() is it isn't clear what the
autoloading function is supposed to do if the class if not found.
Then that's a documentation problem. If you throw an exception in
yours, sure that's going
Hi Tyra3l,
Comments are inline.
On Fri, Nov 4, 2011 at 8:35 AM, Ferenc Kovacs tyr...@gmail.com wrote:
On Fri, Nov 4, 2011 at 10:33 AM, André Rømcke a...@ez.no wrote:
On Thu, Nov 3, 2011 at 7:30 PM, Anthony Ferrara ircmax...@gmail.com
wrote:
Paul,
I wasn't saying whether it should be
Guilherme,
What's the status regarding the finalised PSR-0 implementation so we
can hand it over to DavidC to finish the C implementation and apply
this to 5.4 branch.
Cheers,
- Paul
On Fri, Nov 4, 2011 at 5:27 PM, guilhermebla...@gmail.com
guilhermebla...@gmail.com wrote:
Hi Tyra3l,
Guilherme,
The language is problematic, FIG/PSG are just trying to have zillions
different implementations. Everyone would expect that language to set
the standards, avoiding millions of weird pieces of code out there.
Actually, I'd argue that what you're saying here is the exact opposite
of
my comments are also inline
did you read the blogpost? most of your replies were cowered there.
Yes.
you mean you or André?
If you use lowerCamelCase on the class names or your namespace, it will
(/should) be exactly like on disk as well.
So as previously said, it just
11 matches
Mail list logo