Something I would add to this - I personally do use short tags in an open source project because mod_rewrite functionality, implemented either at the .htaccess level or at the httpd.config level. In either event, if you can use mod_rewrite, setting the php flag for short tags is trivial so I know it will be available. It's simply not possible (that I know of) to config a server such that mod_rewrite is available and php_flags short_open_tags will not be.
On Thu, May 19, 2011 at 11:35 AM, Thomas Hruska <thru...@cubiclesoft.com>wrote: > On 5/19/2011 12:23 AM, Arvids Godjuks wrote: > >> It's essentially the same what I said - move it out of stort_tags and >> make it "On" permanently. >> >> As I remember the decision to remove short_tags was made together with >> register_globals, magic_quotes and other legacy stuff. I can be that I >> remember wrongly, but really do people really use<% ? >> > > Would be **really** nice if '<?' with a whitespace as the next byte was > also detected (i.e. '<? ', '<?\n', etc). (Single-quotes have been added to > aid readability.) > > The '<? ' short tag is syntactic sugary convenience that is **widely** > used: Internal corporate servers, personal machines, and millions upon > millions of websites. The results and financial costs of cleaning up the > upgrade fallout of removing the '<? ' short tag are incalculable. > > Comparing short tags to magic_quotes/register_globals is apples to oranges. > The two are so vastly different and not in the same class. The latter is a > failed security measure. The former is a syntactic sugary convenience. > Every PHP userland developer I know understands the risks associated with > magic_quotes and register_globals but, at the same time, they use the '<? ' > short tag extensively wherever possible. > > Or, perhaps more simply put: If you remove the "syntactic sugary > convenience" of the '<? ' short tag, you'll have an army of developers > dropping by shortly after the release of PHP 6 and they will be incredibly > unhappy. But you just go ahead and remove the '<? ' short tag for PHP 6. > You'll be adding it back into PHP 6.0.1. > > The ONLY reason anyone types '<?php ' in the first place is because '<? ' > isn't guaranteed to work everywhere. And that rule really only applies to > open source software and certain web hosts, which is a very small segment of > the total PHP market share. It would probably be fine if you removed the > _option_ itself but merged '<? ' detection into the core. I don't know > anyone who uses anything but '<? ', so it won't likely be a huge loss for > anyone if '<% ' support is dropped (but I could be wrong about that). > > The important part of this discussion is making sure convenient > functionality doesn't just vanish for stupid reasons. I recognize there > will be breakage regardless because it is a new major version, but looking > ahead one extra byte isn't going to kill you. > > -- > Thomas Hruska > CubicleSoft President > > Barebones CMS is a high-performance, open source content management system > for web developers operating in a team environment. > > An open source CubicleSoft initiative. > Your choice of a MIT or LGPL license. > > http://barebonescms.com/ > > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > >
