[PHP-DEV] Remove get_browser() from core

Hello together, i think it's time to deprecate the function get_browser(). The reason is simple: Since the browscap.ini file has grown a lot this function does need way too much time, see here for example http://stackoverflow.com/questions/12067641/get-browser-slowing-down-page-load-any-alternati

RE: [PHP-DEV] PHP 7.0.0 final RTM delay

Hi, > -Original Message- > From: Anatol Belski [mailto:weltl...@outlook.de] > Sent: Tuesday, November 24, 2015 5:39 PM > To: internals@lists.php.net > Subject: [PHP-DEV] PHP 7.0.0 final RTM delay > > Hi, > > based on the discussion of the last few days and the reached consent, the final

[PHP-DEV] Re: [RFC] HTTP/2 Server Push support in ext/curl

Hi all, I wanted to give another update, thanks to the input of Sean DuBois, the patch is now pretty much final. There is one more memory leak, but I believe it's in libcurl itself, I'll follow up over there on that. Sara expressed a desire to get this into HHVM, so I'm going to follow up with he

Re: [PHP-DEV] Pear.php.net SSL cert

On Tue, Dec 1, 2015 at 7:35 PM, Davey Shafik wrote: > On Mon, Nov 30, 2015 at 10:35 AM, Ferenc Kovacs wrote: > >> > PHP's certs are also "broken" for >> > svn.php.net and edit.php.net, there are browser warnings because of the >> > SHA1 certificate signatures. >> > >> >> those are separate issue

Re: [PHP-DEV] Pear.php.net SSL cert

On Mon, Nov 30, 2015 at 10:35 AM, Ferenc Kovacs wrote: > > PHP's certs are also "broken" for > > svn.php.net and edit.php.net, there are browser warnings because of the > > SHA1 certificate signatures. > > > > those are separate issues, already reported on syst...@php.net > these kind of problems

Re: [PHP-DEV] HashDos protection

On Dec 1, 2015 4:50 PM, "Dmitry Stogov" wrote: > > I think only big arrays coming from external sources should be checked. I tend to agree here. We discussed it with Remote last week. I was trying to explain why having a crafted hash function for inputs may be better and safer. That includes ge

Re: [PHP-DEV] HashDos protection

On Tue, Dec 1, 2015 at 3:48 PM, Nikita Popov wrote: > On Tue, Dec 1, 2015 at 10:50 AM, Dmitry Stogov wrote: > >> Hi Nikita, >> >> few notes: >> >> It looks like the patch messes the attempt of catching the problem (few >> lines related to zend_hash_find_bucket changes) with optimization to >> co

Re: [PHP-DEV] Changes in 7.0 RMs team

I would like to thank Kalle for the work and dedicated he previously offered to PHP. And of course thanks to all the current developers that continue with PHP. On Mon, Nov 30, 2015 at 4:42 AM, wrote: > Hi, > > I'm writing to inform the community that from now on Kalle is considered > retired. H

Re: [PHP-DEV] HashDos protection

On Tue, Dec 1, 2015 at 10:50 AM, Dmitry Stogov wrote: > Hi Nikita, > > few notes: > > It looks like the patch messes the attempt of catching the problem (few > lines related to zend_hash_find_bucket changes) with optimization to > compensate collision check overhead (everything else). I think it'

Re: [PHP-DEV] HashDos protection

On 1 December 2015 at 09:50, Dmitry Stogov wrote: > Hi Nikita, > > few notes: > > It looks like the patch messes the attempt of catching the problem (few > lines related to zend_hash_find_bucket changes) with optimization to > compensate collision check overhead (everything else). I think it's be

RE: [PHP-DEV] INI_SCANNER_TYPED: New in PHP 5.6 or PHP 7?

Hi, > -Original Message- > From: Peter Cowburn [mailto:petercowb...@gmail.com] > Sent: Tuesday, December 1, 2015 10:25 AM > To: Sebastian Bergmann > Cc: PHP internals > Subject: Re: [PHP-DEV] INI_SCANNER_TYPED: New in PHP 5.6 or PHP 7? > > Hi Sebastian, > > On 1 December 2015 at 09:11,

Re: [PHP-DEV] HashDos protection

Hi Nikita, few notes: It looks like the patch messes the attempt of catching the problem (few lines related to zend_hash_find_bucket changes) with optimization to compensate collision check overhead (everything else). I think it's better to separate these parts. Introduction of zend_hash_add_or_

Re: [PHP-DEV] INI_SCANNER_TYPED: New in PHP 5.6 or PHP 7?

Hi Sebastian, On 1 December 2015 at 09:11, Sebastian Bergmann wrote: > According to UPGRADING [1], INI_SCANNER_TYPED was added in PHP 7: > >"- parse_ini_file(): > - parse_ini_string(): > . Added scanner mode INI_SCANNER_TYPED to yield typed > .ini values." > > However, the

[PHP-DEV] INI_SCANNER_TYPED: New in PHP 5.6 or PHP 7?

According to UPGRADING [1], INI_SCANNER_TYPED was added in PHP 7: "- parse_ini_file(): - parse_ini_string(): . Added scanner mode INI_SCANNER_TYPED to yield typed .ini values." However, the INI_SCANNER_TYPED constant already exists in PHP-5.6 and seems to be actually used.

Re: [PHP-DEV] HashDos protection

Le 01/12/2015 02:28, Anatol Belski a écrit : >From what I was testing, the configuration is not absolutely necessary. My first thinking, seeing this hardcoded limit was also, "we need to make it an new ini option". So I run a few tests. Especially the Anatol one (a bit optimized to get more uni