On 7/12/10 6:35 AM, Reindl Harald wrote:
Am 12.07.2010 15:29, schrieb Rasmus Lerdorf:
Even for small sites, you can get your own VM from Rackspace
Cloud for about $10/month or from linode or any number of providers
where you are not sharing your PHP environment with anyone.
-Rasmus
On 7/10/10 2:32 PM, Reindl Harald wrote:
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's VERY bad to schedule thmen always only with
the normal bugfixes and also on production
On 7/10/10 3:17 PM, Reindl Harald wrote:
Am 10.07.2010 23:52, schrieb Rasmus Lerdorf:
On 7/10/10 2:32 PM, Reindl Harald wrote:
Why there are no point releases for security-bugs?
The changelog form 5.3.2 to 5.3.3 RCx shows many
security releases which are well known in the meantime
It's
On 7/10/10 3:34 PM, Reindl Harald wrote:
Am 11.07.2010 00:29, schrieb Rasmus Lerdorf:
On 7/10/10 3:17 PM, Reindl Harald wrote:
What is enough on shared hosting because there are many ways
to trigger local exploits. If there is ANY eval-injection
in a for the admin unkown script you heave
On 7/10/10 4:00 PM, Reindl Harald wrote:
Am 11.07.2010 00:39, schrieb Rasmus Lerdorf:
We do fix them, but we don't have the capacity to do point releases for
every local exploit fix. We simply don't have enough people to do that.
A shared host who is worried about local exploits need
On 6/23/10 6:56 AM, Wietse Venema wrote:
Stas Malyshev:
Hi!
could anybody tell me why also for every single php file engine must lstat
all path?
Why php engine don't simply try to open directly the file?
There are some places where PHP engine has to know true name of the
file - i.e.
On 6/23/10 12:38 PM, Stas Malyshev wrote:
Hi!
But sadly not usable with common apps or frameworks as it will break
very easily.
That's fixable (userland) but painful.
I didn't mean the stat call but rather the open call which precedes
include_once. stat is a separate issue.
APC works
On 6/21/10 9:35 AM, Vincenzo D'Amore wrote:
Thanks Rasmus,
we are using wordpress. Looking at code:
find . -type f -exec grep realpath {} \;
I see a lot of:
if ( function_exists('realpath') )
$path = realpath($path);
if ( function_exists('realpath') )
$path = realpath($path);
if (
On 6/19/10 11:49 PM, Vincenzo D'Amore wrote:
Could anybody explain me why I have this behavior and if it is attributable
to a misconfiguration of php?
This doesn't look like a PHP misconfiguration. It looks more like an
application-level issue. Do a grep for realpath in your application
code.
On 6/20/10 1:21 PM, Lester Caine wrote:
( Foregot to change address again :( )
Ilia Alshanetsky wrote:
What are your views on including APC in the core, or reasons not to?
Dictatorship?
Optional module which have well used alternatives should not be proced
on by default! Probably more
On 6/20/10 2:05 PM, Lester Caine wrote:
Rasmus Lerdorf wrote:
On 6/20/10 1:21 PM, Lester Caine wrote:
( Foregot to change address again :( )
Ilia Alshanetsky wrote:
What are your views on including APC in the core, or reasons not to?
Dictatorship?
Optional module which have well used
On 6/20/10 2:32 PM, Lester Caine wrote:
Rasmus Lerdorf wrote:
On 6/20/10 2:05 PM, Lester Caine wrote:
Rasmus Lerdorf wrote:
On 6/20/10 1:21 PM, Lester Caine wrote:
( Foregot to change address again :( )
Ilia Alshanetsky wrote:
What are your views on including APC in the core, or reasons
On 6/20/10 7:44 PM, Stas Malyshev wrote:
Hi!
Can you elaborate? What average user-facing features are non-obvious?
We should document them if nothing else.
This recently caught my attention:
http://pecl.php.net/bugs/bug.php?id=16745
As I understood from this bug, APC changes how PHP
On 6/20/10 7:55 PM, Scott MacVicar wrote:
On Jun 20, 2010, at 11:21 AM, Ilia Alshanetsky wrote:
I for one think it is a really good idea, there is no compelling
reason not to include APC, I would even go as far as say we should
enable it by default.
+1
We'd need to get
Has anybody thought about adding Gearman support to the fpm sapi?
Managing Gearman workers is pretty much identical to managing fastcgi
workers, so it doesn't seem like much of a stretch.
-Rasmus
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit:
On 6/10/10 8:30 AM, Frederic Hardy wrote:
On 06/10/2010 17:20, Brian Moon wrote:
The big difference is that different processes do different jobs in
Gearman. All PHP workers in fpm just run what ever code is handed to
them. How do you handle that?
Threading ;) ?
Definitely not. Gearman is
On 6/10/10 8:53 AM, Tjerk Anne Meesters wrote:
All fpm workers would be called using the same function name (e.g.
runphp). This allows you to reuse a gearmand instance for other
workers too.
I don't think we would need to require that. Obviously you could build
your Gearman worker such that
On 6/10/10 9:31 AM, Brian Moon wrote:
[gearman]
worker1.path = /path/to/worker1.php
worker1.pm = dynamic
worker1.pm.max_children = 10
worker1.pm.start_servers = 5
worker2.path = /path/to/worker2.php
worker2.pm = dynamic
worker2.pm.max_children = 4
worker2.pm.start_servers = 2
So, this
On 6/7/10 9:58 AM, Felipe Pena wrote:
Hi all,
I just edited the RFC page [1] about array dereferencing as now we have a
patch for such.
RFC page: http://wiki.php.net/rfc/functionarraydereferencing
The patch is simple, it just required to change the grammar file. I also
added some tests
On 04/14/2010 02:01 AM, Jérôme Loyet wrote:
The patch seems good (I didn't test it yet) but I'm curious about the
way you check the memory real size:
+ if(zend_memory_usage(1 TSRMLS_CC)
fpm_global_config.term_on_memory_limit){
I don't know much about the
A few people, well ok, Lukas mainly, seem to be confused about our
current process, or lack of it. I think it is pretty simple, and it is
what we used for years. We commit all new code to trunk. Bug fixes
should obviously be committed to any active branches they apply to as
well. When we have
On 04/06/2010 10:08 AM, Justin Dearing wrote:
So pending review an acceptance by Dmitry, I've written my first patch for
PHP. While there is a good chance I will need to make further revisions to
the test or code, I don't know what that is.
However, I've got some free time at the moment,
On 04/06/2010 10:47 AM, Scott MacVicar wrote:
On Apr 6, 2010, at 10:34 AM, Rasmus Lerdorf wrote:
On 04/06/2010 10:08 AM, Justin Dearing wrote:
So pending review an acceptance by Dmitry, I've written my first patch for
PHP. While there is a good chance I will need to make further revisions
On 04/02/2010 01:22 PM, Martin Jansen wrote:
On 02.04.10 19:56, Rasmus Lerdorf wrote:
rasmus Fri, 02 Apr 2010 17:56:37 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=297350
Log:
Update the FILTER_VALIDATE_EMAIL filter to fix bug #49576
I should also mention that most of the popular validators I checked came
to the same conclusion. There is a chart here:
http://www.dominicsayers.com/isemail/results.php
If you look closely you will see that all 5 validators in the chart
reject single-word domains.
-Rasmus
--
PHP Internals -
On 04/02/2010 02:37 PM, Sean Coates wrote:
If you look closely you will see that all 5 validators in the chart
reject single-word domains.
Note that this regex also considers anyth...@localhost to be an invalid email
address.
I hear your point about the difference between a local machine
On 04/02/2010 04:47 PM, Jared Williams wrote:
Would make sense. Especially considering HTML5's current validation
rules of emails is something different again.
http://www.whatwg.org/specs/web-apps/current-work/multipage/states-of-
the-type-attribute.html#e-mail-state
Having a mismatch in
On 04/02/2010 02:17 PM, GM wrote:
What do you guys think? I really want PHP 6 to rock and have an even
better reputation among businesses, programmers, etc.
I really doubt named parameters would have much of an impact on
anything, but I'd be willing to consider it if a clean implementation
was
On 04/02/2010 06:25 PM, Jared Williams wrote:
-Original Message-
From: Rasmus Lerdorf [mailto:ras...@lerdorf.com]
Sent: 03 April 2010 01:20
To: Jared Williams
Cc: internals@lists.php.net
Subject: Re: [PHP-DEV] Re: [PHP-CVS] svn: /php/php-src/
branches/PHP_5_2/NEWS
branches
On 04/01/2010 07:32 AM, speedy wrote:
1. Imagine that from time to time, some background processing takes 1
second of CPU time - w/o multithreading, all your async operations,
like accepting a connection to a socket, aio or others are basically
stalled. So, async is a
On 04/01/2010 09:03 AM, speedy wrote:
Also, keep in mind that the web is slowly shifting towards real-time
communication
/ streaming with emergence of Comet, HTML5 Web Sockets etc. There are already
many web
server implementations specialising in that, and PHP is _not_ their language
of
On 03/30/2010 08:41 PM, Philip Olson wrote:
It's awesome that PHP has so many great options for the next Release Manager
because all of the proposed people would do great. However, I'd like to see
Rasmus become RM. Not sure about the co-RM topic but Chris Jones comes to
mind. I love the
On 03/24/2010 08:01 AM, Martin Jansen wrote:
Inspired by the recent addition of FNV hashing, I had a look at how hard
it would be to add support for Jenkins's one-at-a-time hashing to
ext/hash. The result is attached to this mail. I don't think I have
karma for php-src, so given enough
On 03/24/2010 07:12 AM, Zeev Suraski wrote:
Hi,
Over the last few weeks we've been working on several ideas we had for
performance enhancements. We've managed to make some good progress. Our
initial tests show roughly 10% speed improvement on real world apps. On
pure OO code we're seeing
On 03/24/2010 08:09 AM, Felix De Vliegher wrote:
Hi
Ulf already indicated this in a bug report, but I'd like to bring it up here
too:
There's no PHP 6 any more. What shall happen to those reports: close, bogus,
test against 5.3, test against new trunk?
There's a lot of open PHP6 / SVN
On 03/23/2010 09:11 AM, Pierre Joye wrote:
hi,
I would rather have some kind of rules defined before opening trunk
again (or the pandora box). That's what we are discussing right now.
May I know why you choosed that now is the right time to do it and
declare it open?
We have rules. Large
On 03/23/2010 09:32 AM, Pierre Joye wrote:
On Tue, Mar 23, 2010 at 5:21 PM, Rasmus Lerdorf ras...@lerdorf.com wrote:
On 03/23/2010 09:11 AM, Pierre Joye wrote:
hi,
I would rather have some kind of rules defined before opening trunk
again (or the pandora box). That's what we are discussing
On 03/23/2010 09:36 AM, Lukas Kahwe Smith wrote:
On 23.03.2010, at 17:21, Rasmus Lerdorf wrote:
On 03/23/2010 09:11 AM, Pierre Joye wrote:
hi,
I would rather have some kind of rules defined before opening trunk
again (or the pandora box). That's what we are discussing right now.
May I
On 03/23/2010 10:05 AM, Lukas Kahwe Smith wrote:
On 23.03.2010, at 17:59, Rasmus Lerdorf wrote:
On 03/23/2010 09:36 AM, Lukas Kahwe Smith wrote:
On 23.03.2010, at 17:21, Rasmus Lerdorf wrote:
On 03/23/2010 09:11 AM, Pierre Joye wrote:
hi,
I would rather have some kind of rules defined
On 03/23/2010 04:02 PM, Lukas Kahwe Smith wrote:
In conclusion:
There should of course be fun in just hacking out cool stuff, but I think for
most developers a big part of the fun is actually seeing your ideas in a
stable release.
Exactly. But that means we need to wait and see which
On 03/16/2010 10:40 AM, dreamcat four wrote:
As for text files on disk, if they are unicode, they are most commonly
utf-8 too. So then, why use utf-16 as internal unicode representation
in Php? It doesn't really make a lot of sense for most regular people
who want to use Php for their web
On 03/16/2010 12:05 PM, dreamcat four wrote:
On Tue, Mar 16, 2010 at 6:32 PM, Rasmus Lerdorf ras...@lerdorf.com wrote:
On 03/16/2010 10:40 AM, dreamcat four wrote:
As for text files on disk, if they are unicode, they are most commonly
utf-8 too. So then, why use utf-16 as internal unicode
On 03/13/2010 08:57 AM, Derick Rethans wrote:
On Thu, 11 Mar 2010, Rasmus Lerdorf wrote:
So I think Lukas and others are right, let's move the PHP 6 trunk to a
branch since we are still going to need a bunch of code from it and
move development to trunk and start exploring lighter and more
On 03/13/2010 08:55 AM, Keryx Web wrote:
Hi again
Trying to drive home this message I am starting a new thread.
Mini-summary: The next *major* edition of PHP must be 7, not 6.
Summary:
A. There seem to be universal agreement that the up until last week
branch of PHP called trunk was
Ah, Jani went a little crazy today in his typical style to force a
decision. The real decision is not whether to have a version 5.4 or
not, it is all about solving the Unicode problem. The current effort
has obviously stalled. We need to figure out how to get development
back on track in a way
On 03/11/2010 12:20 PM, Jani Taskinen wrote:
The main focus should be that we actually start working. And not wait
for someone to do something miraculous on their own. I'm just sick and
tired of the cloak and dagger style and secret meetings and committees.
So please, do the talking openly on
You can now use https://svn.php.net/respository for your authenticated
checkouts to keep your svn account safer. You can switch an existing
checkout using:
svn switch --relocate http://svn.php.net/repository
https://svn.php.net/repository
If you get any sort of ca-root errors, install the
Karsten Dambekalns wrote:
Why is that advisable? Any pointers to background information welcome.
The gc code when combined with apc is still a bit shaky in 5.3. I
haven't figured out why yet. And my motivation for figuring it out is
pretty low as code that relies on gc is slow.
-Rasmus
--
I think some of this discussion has been from very different interesting
angles. Let me explain how I see and use PHP.
PHP is the frontend of your backend. It is not your backend in any
sizable system. By that I mean that PHP is not the place to play around
with large data sets. Databases,
Tim Starling wrote:
That's not the world I live in. I work on a pure-PHP application which
is widely used on servers where the installing user does not have the
ability to change their php.ini or to install extensions or middleware.
The same application (with a few small extensions in C/C++)
steve wrote:
Having 8 cores with only 1G of ram would be a weird server config.
A single socket quad-core with hyper-threading and 2GB RAM for a
32-bit webserver is not weird. Not everyone is Yahoo where you can
just throw money around.
Hyperthreading doesn't come anywhere near making a
Stan Vassilev wrote:
Dots and spaces in variable names are converted to underscores. For
example input name=a.b / becomes $_POST[a_b].
Any reason why? and any way to modify this behaviour to preserve dots
and spaces? (dots specifically)
I'm also using dots for this reason, so I feel your
Stan Vassilev wrote:
Well, that conversion still needs to happen somewhere, since plenty
of apps call extract() on those superglobals, but with
register_globals entirely gone in PHP 6, I suppose that conversion
can be moved to the extract() call.
-Rasmus
Hi,
I'm not sure it needs to
Eddie Drapkin wrote:
On Tue, Jan 19, 2010 at 11:05 AM, Stanislav Malyshev s...@zend.com wrote:
The second was next on my list, while the first seems to me kind of exotic -
why create object only to call one method and immediately drop it? Why this
method is not static then?
Why would this
Eddie Drapkin wrote:
On Tue, Jan 19, 2010 at 12:02 PM, Rasmus Lerdorf ras...@lerdorf.com wrote:
Eddie Drapkin wrote:
On Tue, Jan 19, 2010 at 11:05 AM, Stanislav Malyshev s...@zend.com wrote:
The second was next on my list, while the first seems to me kind of exotic
-
why create object only
Stanislav Malyshev wrote:
Hi!
I wrote a small patch that enables this kind of syntax in PHP:
foo()();
What it means is that if foo() returns callable value (which probably
should be function name or closure) then it would be called. Parameters
and more than two sets of () work too.
Of
Jani Taskinen wrote:
On 01/17/2010 05:19 AM, Raphael Geissert wrote:
Jani Taskinen wrote:
16.1.2010 20:10, Raphael Geissert wrote:
Some of the other patches include:
libdb_is_-ldb
Why? Potentially breaks things when you assume db/ being correct place..
Do you have an example of any
Raphael Geissert wrote:
Gwynne Raskind wrote:
Though I thought the use of high-numbered diversions was
actually a supported thing - or was that only in 2.13?
That argument is not supported by the autoconf manual. Please see the
discussion at
Rasmus Lerdorf wrote:
Raphael Geissert wrote:
Gwynne Raskind wrote:
Though I thought the use of high-numbered diversions was
actually a supported thing - or was that only in 2.13?
That argument is not supported by the autoconf manual. Please see the
discussion at
http://bugs.debian.org
Raphael Geissert wrote:
Patrick ALLAERT wrote:
2010/1/13 Derick Rethans der...@php.net:
On Tue, 12 Jan 2010, Raphael Geissert wrote:
[snip]
Would it be possible to force short_open_tag to a specific value for
those applications alone? Perhaps through an .htaccess file? That way,
Debian
Raphael Geissert wrote:
Can you tell me what exactly we are breaking? divert calls should only be
used internally by autoconf and the, apparently useless, usage of them in
php makes it fail to build with any other autoconf.
Have a look in the archives. I tried getting the divert stuff
Raphael Geissert wrote:
I'm still looking for a way to warn about the use of open_short_tag not
being explicitly enabled on the PERDIR level. Otherwise the only thing I see
would make applications change would be when the default is Off and they
break.
But why do you want them to change?
Raphael Geissert wrote:
Rasmus Lerdorf wrote:
Raphael Geissert wrote:
I'm still looking for a way to warn about the use of open_short_tag not
being explicitly enabled on the PERDIR level. Otherwise the only thing I
see would make applications change would be when the default is Off
Alain Williams wrote:
On Wed, Jan 13, 2010 at 10:25:01AM -0500, Graham Kelly wrote:
Hi,
Optimizations such as 5+7 into 13 really don't get you much. ZEND_ADD (and
other basic opcodes) are not in any way a slow point in a program. And
unfortunately to be able to optimize these you would
Richard Quadling wrote:
Hello.
In looking at numer vs string comparison, I think I've found an oddity.
You can successfully compare hex strings ...
var_dump(255 == '0xff');
but not octal strings ...
var_dump(63 == '077');
Is this a bug (lack of octal support) or an unexpected
Tim Starling wrote:
Given this, sometimes it's easy to forget that PHP is pathologically
memory hungry, to the point of making simple tasks difficult or
impossible to perform in limited environments. It's the worst language
I've ever encountered in this respect. An array of small strings will
Alain Williams wrote:
On Wed, Jan 13, 2010 at 07:48:17AM -0800, Rasmus Lerdorf wrote:
Alain Williams wrote:
Unfortunately: APC does not work with PHP 5.3 -- I have a site where I would
love to use it but I cannot. I use APC to great effect elsewhere.
The svn version works ok with 5.3. Turn
Raphael Geissert wrote:
Rasmus Lerdorf wrote:
Raphael Geissert wrote:
However, we would like to contribute in the quest to make applications
stop using short_open_tag. To do so, we have decided to throw an
E_DEPRECATED warning when an application makes use of short_open_tag. The
current
Tim Starling wrote:
Rasmus Lerdorf wrote:
For me, working in super high-load environments, this was never an issue
because memory was always way more plentiful than cpu. You can only
slice a cpu in so many slices. Even if you could run 1024 concurrent
Apache/PHP processes, you wouldn't want
Stanislav Malyshev wrote:
Hi!
Says 93.2482 for me. Should be even less since string generated by
On 64-bit I get about 170 bytes for 5.2, don't have 5.3 build handy on
64-bit.
178.4972 5.3 non-debug 64-bit Linux
-Rasmus
--
PHP Internals - PHP Runtime Development Mailing List
To
Tim Starling wrote:
Some other operations, like deleting items from the middle of the array
or adding items past the end (leaving gaps) would also have to trigger
conversion. The point would be to optimise the most common use cases for
integer-indexed arrays.
I still say this isn't something
Tim Starling wrote:
?php
class C {
var $v1, $v2, $v3, $v4, $v5, $v6, $v7, $v8, $v9, $v10;
}
$m = memory_get_usage();
$a = array();
for ( $i = 0; $i 1; $i++ ) {
$a[] = new C;
}
print ((memory_get_usage() - $m) / 1) . \n;
?
1927 bytes (I'll use 64-bit from now on
Tim Starling wrote:
For Mr. everyone has 8GB of memory and tiny little data sets Lerdorf,
I could point out that reducing the average zend_op size and placing
strings close to other op data will also make execution faster, due to
the improved CPU cache hit rate.
Nice twist there. I simply
Raphael Geissert wrote:
However, we would like to contribute in the quest to make applications stop
using short_open_tag. To do so, we have decided to throw an E_DEPRECATED
warning when an application makes use of short_open_tag. The current
implementation can be found at [1].
How does
Hans-Peter Oeri wrote:
Hi!
Christian Schneider wrote:
leads to another inconsistency: Depending on the hosting provider and/or
frameworks/modules used you'd have to write different error handlers.
I understand there are widely differing applications for php, that's why
I think
We can't just randomly reset variables based on their scope in this one
specific case. If we are going to fix this, it should be done by
introducing a way to do proper local scope variables. Resetting a
reference simply because it is convenient in this one case would be
completely inconsistent.
jvlad wrote:
Rasmus Lerdorf ras...@lerdorf.com wrote in message
news:4b3785ac.2000...@lerdorf.com...
We can't just randomly reset variables based on their scope in this one
specific case. If we are going to fix this, it should be done by
introducing a way to do proper local scope variables
jvlad wrote:
$a = array(1);
$b = 0;
$c = $b;
foreach($a as $c);
Now you are arguing that $b should not be 1?
The two pieces of code are identical
It's just a nightmare example. I wonder have you ever see anything like this
in real life?
Could you please let me see it too, for example
jvlad wrote:
Meanwhile I see that php core developers and Evangelist propose the way of
evolving difficulties.
For example, I used split() for many many years. Now it throws a warning and
it appears
that this function will be removed soon. I have to rewrite all my scripts
and replace
Can anyone think of a situation where you actually want our current
ignore_user_abort=false setting for the cli sapi?
-Rasmus
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
No, ignore_user_abort has no effect on what the process does when it
receives a SIGHUP, so that isn't relevant.
-Rasmus
Tjerk Anne Meesters wrote:
Maybe to make it respond to SIGHUP signals? Not exactly sure whether
that would constitute as user_abort though.
On 12/23/09, Rasmus Lerdorf ras
Richard Quadling wrote:
2009/12/23 Rasmus Lerdorf ras...@lerdorf.com:
Can anyone think of a situation where you actually want our current
ignore_user_abort=false setting for the cli sapi?
I would say that the default setting is pretty important as pressing
CTRL+C (at least on windows
I'm seeing some GC-related segfaults in current PHP_5_3. I haven't had
time to dive into it very far. All I have is a couple of bts and the
request that triggers it, but it is a gallery2 request and there is a
lot of code there. I'll see if I can get it down to something
manageable. The first
Jani Taskinen wrote:
1. Why are you constantly not merging stuff to HEAD?
2. Isn't this related to bug #50231 and why are you not using the proper
commit message then? Hint: - Fixed bug..
It's getting quite annoying that some people (Rasmus included) tend to
ignore that we have a
Jani Taskinen wrote:
Rasmus Lerdorf wrote:
Jani Taskinen wrote:
1. Why are you constantly not merging stuff to HEAD?
2. Isn't this related to bug #50231 and why are you not using the proper
commit message then? Hint: - Fixed bug..
It's getting quite annoying that some people (Rasmus
Jani Taskinen wrote:
This is caused by the divert() patch Rasmus committed. Nice work.
I'll try figure out how to do it properly.
The easy way would be to get rid of the diverts completely. They don't
do anything in autoconf2.13 anyway, so I don't really see why they were
added in the first
Jani Taskinen wrote:
This is caused by the divert() patch Rasmus committed. Nice work.
I'll try figure out how to do it properly.
Getting rid of just the diverts in ext/standard/config.m4 fixes this for
me. There is still an unrelated libtool/autoconf-2.13 issue related to
finding ld though.
Sebastian Bergmann wrote:
Rasmus Lerdorf wrote:
rasmus Wed, 25 Nov 2009 01:30:06 +
Revision: http://svn.php.net/viewvc?view=revisionrevision=291283
Log:
Someone strap down Jani and give him a sedative please.
This makes our toolchain work
Jess Portnoy wrote:
Hello,
clang is indeed a great tool but since it does a lot more than just
static analysis.
For those cases where one wants source code analysis, especially
security oriented, I'd recommend flawfinder
[http://www.dwheeler.com/flawfinder].
I find that flawfinder is way
Michael Maclean wrote:
Hi,
Gwynne pointed me at the clang static analyser earlier on today, and so
I've run it against current PHP_5_3. In the course of messing with it,
it noticed a potential null dereference in ext/ftp - I've attached a
one-liner to fix it.
Thanks, committed.
--
PHP
Seems like a no-brainer for 5.3 and trunk. You will have to discuss
with Ilia for 5.2. It seems a bit late in the game for that branch to
get this.
-Rasmus
Rob Richards wrote:
The openssl extension is way to restrictive in the algorithms it
supports, i.e. no support for SHA265 which is
Alban wrote:
Le Sat, 21 Nov 2009 09:48:10 +0100, Lukas Kahwe Smith a écrit :
On 21.11.2009, at 06:12, Alban wrote:
This is not a big problem but if a solution exists, this would be so
cool ! Especialy when we have to check existance of twenty or more key
in array. Code would be be lighter
Alban wrote:
Le Sat, 21 Nov 2009 10:21:18 -0800, Rasmus Lerdorf a écrit :
The ternary isn't meant to solve the isset thing you are talking about.
It is simply a shortcut to normal ternary operations. The most common
case where you don't know if a variable is set is on the initial input
via
Samuel ROZE wrote:
Hello,
I'm working on two classes, Interval and IntervalList which describe
an interval and a list of intervals. These intervals are defined using
the Interval class:
?php
$interval = new Interval((int) $from, (int) $to);
?
These intervals can be stored in a list
A couple of notes.
You make it sound like this happens on all includes. It is only
include_once/require_once that have this problem. Regular
include/require do not.
This has been addressed in APC by overriding the opcode and providing
our own opcode handler for this case. See
Stanislav Malyshev wrote:
Hi!
Alternatively include() could be extended to allow resources, so the
above would turn info
if ($fp = @fopen($file, 'r', true)) {
include($fp);
fclose($fp);
}
This would break security distinction between file ops and include ops,
when URLs are
Richard K Miller wrote:
On Oct 22, 2009, at 1:42 AM, Antony Dovgal wrote:
On 22.10.2009 05:37, Richard K Miller wrote:
Is this a bug in PHP?
Search the bug DB before asking such questions.
http://bugs.php.net/bug.php?id=29992
http://bugs.php.net/bug.php?id=39307
Richard K Miller wrote:
It is one of these things that make perfect sense when you think about
it a little bit. Yes, it catches some people, just like strpos()
returning character position 0 on a first-char match catches some
people. There is no way to fix things like these without
The real answer is that there is no Unicode support in the ereg
functions, and like it or not, the world is going Unicode.
-Rasmus
Guilherme Blanco wrote:
It was fat, slow and everything that you can do with POSIX regex you
can easily do with PCRE regex, which is faster.
It is a decision
Lack of Unicode support is enough of a problem in that PHP6 will be all
Unicode all the time, so these functions simply won't work as they are
today. It would take someone sitting down and figuring out how to
emulate this stuff in a way that makes sense in a Unicode world for them
to come back,
701 - 800 of 1709 matches
Mail list logo