Re: [PHP-DEV] Re: header() removes all header of the same name.

Hi Yasuo, I still have an issue with that. I believe the correct behaviour here is (assuming the `replace` argument to header() is honoured) what you’re seeing. Yes, it might be *unexpected* for new users, but its also *expected* by millions of current users/projects. I would suggest perhaps

Re: [PHP-DEV] Re: header() removes all header of the same name.

Hi Stephen, On Wed, Oct 19, 2016 at 1:34 PM, Yasuo Ohgaki wrote: >> I realise you’re trying to remove WTF cases, but I don’t think removing >> advanced capabilities is the way to do that. > > Yes. Even framework developer(?) seems to have current behavior. To be honest, I

Re: [PHP-DEV] Re: header() removes all header of the same name.

Hi Stephen, On Wed, Oct 19, 2016 at 12:18 PM, Stephen Reay wrote: > I still have an issue with that. I believe the correct behaviour here is > (assuming the `replace` argument to header() is honoured) what you’re seeing. > Yes, it might be *unexpected* for new users,

Re: [PHP-DEV] Bug fix and RFC/Merge rule

Hi! > I don't understand the reasoning why it requires RFC nor Merge > approval. As we all know, there are many bug fixes without RFC nor > discussion. If the fix is uncontroversial (everybody agrees), no RFC/approval is needed, since there already is approval, since nobody objects, which is by

[PHP-DEV] [PHP DEV] Bugs, BC, Strict Mode??

I've seen a couple bug fixes come up that create BC breaks for the code reliant on the broken behavior. JavaScript has a opt in strict mode for this. Perhaps PHP could do the same. An opt in mode with the declare directive that turns on bug fixes that are BC problems. One recent example, the

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Joe, On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins wrote: >> This change should go through the standard RFC process and should be >> targeted at 7.2+ (master) *only*. > >> Please check with the RMs before merging functionality changes into >> release >> branches. All

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On 18/10/16 11:02, Niklas Keller wrote: >> 'Suppliers' should perhaps be helped to configure their systems so the >> > users can use things, but things like /dev/urandom may need some >> > additional notes to help identify problems when frameworks like owncloud >> > start throwing errors. As

Re: [PHP-DEV] header() removes all header of the same name.

Hi Stephen, On Tue, Oct 18, 2016 at 5:54 PM, Stephen Reay wrote: > If the replace flag was fixed, isn’t this then just a case of making sure > userland sets replace to false if they want existing set-cookie headers > retained? Yes and no. If users use the replace flag

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

On Tue, Oct 18, 2016 at 3:35 AM, Sara Golemon wrote: > As it says on the tin: Wrap the BN (BigNumber) library in OpenSSL. > > https://wiki.php.net/rfc/openssl.bignum > Why do we need this when we already have GMP? If the only reason is "not all environments install GMP" then

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On 18/10/16 08:35, Yasuo Ohgaki wrote: >> Sure, but it did happen that shared hosts block it, noticed during >> > random_compat adoption. >> > >> > You claimed there isn't any BC break. > The line should be > > "There is no BC for usable systems" > > Any file permission could disturb PHP script

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On Tue, Oct 18, 2016 at 8:00 PM, Lester Caine wrote: > On 18/10/16 11:02, Niklas Keller wrote: >>> 'Suppliers' should perhaps be helped to configure their systems so the >>> > users can use things, but things like /dev/urandom may need some >>> > additional notes to help

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On Tue, Oct 18, 2016 at 4:16 PM, Niklas Keller wrote: > Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 08:47: >> >> Hi Niklas, >> >> On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote: >> > Yasuo Ohgaki schrieb am Di.,

Re: [PHP-DEV] header() removes all header of the same name.

(Apologies for the dupe, re-sending for the list.) If the replace flag was fixed, isn’t this then just a case of making sure userland sets replace to false if they want existing set-cookie headers retained? Removing the ability to write a custom Set-Cookie header introduces a bigger problem

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Morning, > This change should go through the standard RFC process and should be > targeted at 7.2+ (master) *only*. > Please check with the RMs before merging functionality changes into release > branches. All functionality changes need consent and consensus. Bug fixes > (that don't change

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

On 18.10.2016 at 09:07, Ferenc Kovacs wrote: > the initial setup is done, let me know what did I miss. Thanks, Ferenc. It seems that the navigation to symbols in another file is broken. Consider, for instance, . Clicking on

[PHP-DEV] header() removes all header of the same name.

Hi all, I understand why header() is made to remove all headers of the same name. This is needed in some cases, but it does not work well for some cases. We need to decide what to do with https://bugs.php.net/bug.php?id=72997 There is 2 issues. - header() removes all headers of the same name

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

On Tue, Oct 18, 2016 at 4:07 PM, Ferenc Kovacs wrote: > hi, > the initial setup is done, let me know what did I miss. Thank you! -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Lester Caine schrieb am Di., 18. Okt. 2016, 11:42: > On 18/10/16 08:35, Yasuo Ohgaki wrote: > >> Sure, but it did happen that shared hosts block it, noticed during > >> > random_compat adoption. > >> > > >> > You claimed there isn't any BC break. > > The line should be > > >

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

Morning Ferenc, Thanks for taking the time to do that, mucho appreciated(o). PECL extensions are missing. We used to have hhvm, and other implementations too ... at least hhvm is nice for reference, not bothered about the others. I think that's all ... Cheers Joe On Tue, Oct 18,

Re: [PHP-DEV] header() removes all header of the same name.

Hi Yasuo, I agree there are probably a lot using the default, but I think it’s reasonable to expect anyone using a header(‘Set-Cookie:..’); call rather than setcookie() to be aware of the 2nd argument for header(), so this solution sounds good to me. Cheers Stephen > On 18 Oct 2016, at

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

2016-10-18 14:41 GMT+02:00 Yasuo Ohgaki : > Hi Niklas, > > On Tue, Oct 18, 2016 at 9:33 PM, Niklas Keller wrote: > > 2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki : > >> > >> Hi Niklas, > >> > >> On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On 18/10/16 12:37, Yasuo Ohgaki wrote: > The patch committed is pure bug fix. https://www.google.co.uk/search?q=%2Fdev%2Furandom+is+not+readable+by+php Even bug fixes need proper documentation to avoid the WTF ! -- Lester Caine - G8HFL - Contact -

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On Tue, Oct 18, 2016 at 8:47 PM, Lester Caine wrote: > On 18/10/16 12:37, Yasuo Ohgaki wrote: >> The patch committed is pure bug fix. > https://www.google.co.uk/search?q=%2Fdev%2Furandom+is+not+readable+by+php > > Even bug fixes need proper documentation to avoid the WTF !

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Joe, On Tue, Oct 18, 2016 at 8:30 PM, Yasuo Ohgaki wrote: > > On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins wrote: >>> This change should go through the standard RFC process and should be >>> targeted at 7.2+ (master) *only*. >> >>> Please check with

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki : > Hi Niklas, > > On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote: > >> > >> As you can see from last minutes discussion. > >> > >> "/dev/urandom cannot be read" is FUD. > >> It's pure bug fix. (I intentionally

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Niklas, On Tue, Oct 18, 2016 at 9:33 PM, Niklas Keller wrote: > 2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki : >> >> Hi Niklas, >> >> On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote: >> >> >> >> As you can see from last minutes

Re: [PHP-DEV] [RFC] Counting of non-countable objects

On 17.10.2016 at 23:09, Craig Duncan wrote: > On 17 October 2016 at 21:57, Nikita Popov wrote: >> >> I'm not sure I understand the motivation for throwing a deprecation notice >> instead of a warning. In particular, what is the action that will be taken >> here in the next

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Niklas, On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote: >> >> As you can see from last minutes discussion. >> >> "/dev/urandom cannot be read" is FUD. >> It's pure bug fix. (I intentionally made patch easy to extend used >> chars, though) >> >> Would you consider

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

2016-10-18 14:02 GMT+02:00 Yasuo Ohgaki : > Hi Joe, > > On Tue, Oct 18, 2016 at 8:30 PM, Yasuo Ohgaki wrote: > > > > On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins > wrote: > >>> This change should go through the standard RFC process

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

2016-10-18 18:41 GMT+02:00 Anatol Belski : > AFM the patch is not acceptable for 7.0. It is true that some place was moved > to the new random int functionality (in password AFAIR). But, it is done at > the place and the way that a BC breach is unlikely. Using the throwing

RE: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Yasuo, > -Original Message- > From: Yasuo Ohgaki [mailto:yohg...@ohgaki.net] > Sent: Tuesday, October 18, 2016 2:03 PM > To: Joe Watkins > Cc: Niklas Keller ; Leigh ; PHP Internals > > Subject: Re:

[PHP-DEV] BAD Benchmark Results for PHP Master 2016-10-18

Results for project PHP master, build date 2016-10-18 06:25:44+03:00 commit: 0a67b29 previous commit:abd2c04 revision date: 2016-10-18 09:14:57+09:00 environment:Haswell-EP cpu:Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores, stepping 2, LLC 45 MB

Re: [PHP-DEV] Constants for better double edge case handling

Hi Anatol 2016-10-18 20:46 GMT+02:00 Anatol Belski : > Hi, > > I would like to suggest adding the following constants > > REGISTER_MAIN_LONG_CONSTANT("PHP_DBL_DIG", DBL_DIG, CONST_PERSISTENT | > CONST_CS); > REGISTER_MAIN_DOUBLE_CONSTANT("PHP_DBL_MAX", DBL_MAX,

[PHP-DEV] Constants for better double edge case handling

Hi, I would like to suggest adding the following constants REGISTER_MAIN_LONG_CONSTANT("PHP_DBL_DIG", DBL_DIG, CONST_PERSISTENT | CONST_CS); REGISTER_MAIN_DOUBLE_CONSTANT("PHP_DBL_MAX", DBL_MAX, CONST_PERSISTENT | CONST_CS); REGISTER_MAIN_DOUBLE_CONSTANT("PHP_DBL_MIN", DBL_MIN,

RE: [PHP-DEV] Constants for better double edge case handling

Hi Kalle, > -Original Message- > From: kalle@gmail.com [mailto:kalle@gmail.com] On Behalf Of Kalle > Sommer Nielsen > Sent: Tuesday, October 18, 2016 9:05 PM > To: Anatol Belski > Cc: PHP Internals ; Davey Shafik ;

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

On 18/10/2016 11:43, Christoph M. Becker wrote: On 18.10.2016 at 09:07, Ferenc Kovacs wrote: the initial setup is done, let me know what did I miss. Thanks, Ferenc. It seems that the navigation to symbols in another file is broken. Consider, for instance,

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Kalle and all, On Wed, Oct 19, 2016 at 1:43 AM, Kalle Sommer Nielsen wrote: > 2016-10-18 18:41 GMT+02:00 Anatol Belski : >> AFM the patch is not acceptable for 7.0. It is true that some place was >> moved to the new random int functionality (in password

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On 18/10/2016 20:52, Yasuo Ohgaki wrote: Which is important? - uniqid() is not unique - Really broken system that shouldn't be used may emit error Frankly, both are pretty rare cases. From the way you talk about it, everybody who uses uniqid() will get duplicate values all the time, when

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Rowan, On Wed, Oct 19, 2016 at 5:14 AM, Rowan Collins wrote: > On 18/10/2016 20:52, Yasuo Ohgaki wrote: >> >> Which is important? >> - uniqid() is not unique >> - Really broken system that shouldn't be used may emit error > > > Frankly, both are pretty rare cases.

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Anatol, On Wed, Oct 19, 2016 at 1:41 AM, Anatol Belski wrote: > AFM the patch is not acceptable for 7.0. It is true that some place was moved > to the new random int functionality (in password AFAIR). But, it is done at > the place and the way that a BC breach is

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

> Looks ok to me. Would probably not hurt also add tests for various error > conditions. > There's one TypeError test in there, but I can easily add more. (And probably will on my flight tomorrow.) > I realise this is only exposing functionality already available with > OpenSSL but is it worth

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21: > Hi all, > > I committed this patch that simply use php_random_bytes() w/o any BC. > Doesn't this throw now in some environments where /dev/urandom isn't readable? Regards, Niklas

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

Am 18.10.2016 um 08:23 schrieb Sara Golemon: > I'm mostly curious about thoughts on API decisions. Can we make the constructor non-public and instead only have named constructors? * public static function createFromBinary(string $number): BigNum; * public static function createFromInteger(int

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

On Mon, Oct 17, 2016 at 11:41 PM, Sebastian Bergmann wrote: > Am 18.10.2016 um 08:23 schrieb Sara Golemon: >> I'm mostly curious about thoughts on API decisions. > > * public static function createFromBinary(string $number): BigNum; > * public static function

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Hi Niklas, On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote: > Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21: >> >> Hi all, >> >> I committed this patch that simply use php_random_bytes() w/o any BC. > > > Doesn't this throw now in some environments

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

2016. okt. 17. 13:49 ezt írta ("Joe Watkins" ): > > Morning Ferenc, > > I would love lxr back, Adam has a setup in the mean time, but I'm sure he would not like everyone using it. > > More words of encouragement here ... > > Cheers > Joe > > On Sat, Oct 15, 2016 at

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 08:47: > Hi Niklas, > > On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote: > > Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21: > >> > >> Hi all, > >> > >> I committed this patch that

[PHP-DEV] Bug fix and RFC/Merge rule

Hi all, Following commit is reverted because someone requested "RFC" and/or demand "Merge approval from RM", http://git.php.net/?p=php-src.git;a=commitdiff;h=48f1a17886d874dc90867c669481804de90509e8 I don't understand the reasoning why it requires RFC nor Merge approval. As we all know, there

[PHP-DEV] [RFC] Driver-Specific PDO Param Types

Hi, I've created an RFC to change how types are defined in PDO: https://wiki.php.net/rfc/driver-specific-pdo-param-types Please share your feedback. I'm happy to hear thoughts about the pdo_dblib example, but the RFC is more about the possibility of driver-specific types than these particular

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

On Tue, Oct 18, 2016 at 9:14 PM, Rowan Collins wrote: > On 18/10/2016 11:43, Christoph M. Becker wrote: > >> On 18.10.2016 at 09:07, Ferenc Kovacs wrote: >> >> the initial setup is done, let me know what did I miss. >>> >> Thanks, Ferenc. It seems that the navigation to

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

And sorry for the spam (this should have been mentioned in the last email), as far as I can tell, there is no-way to say "I want a either a signed or unsigned integer with an N bits", I've come across this recently whilst trying to implement Murmur3 (128-bit) in PHP, I can of-course binary AND

Re: [PHP-DEV] [RFC] OpenSSL BigNum support

On Tue, 18 Oct 2016, at 09:22 AM, Nikita Popov wrote: > On Tue, Oct 18, 2016 at 3:35 AM, Sara Golemon wrote: > > > As it says on the tin: Wrap the BN (BigNumber) library in OpenSSL. Why do we need GMP when we have BCMath? GMP is faster (from what I've seen so far from various

Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

On Wed, Oct 19, 2016 at 8:01 AM, Anatol Belski wrote: >> -Original Message- >> From: Yasuo Ohgaki [mailto:yohg...@ohgaki.net] >> Sent: Tuesday, October 18, 2016 9:53 PM >> To: Anatol Belski >> Cc: Joe Watkins ; Niklas

Re: [PHP-DEV] Re: Fixing insane session_start() behaviors

Hi Yasuo, On Mon, Oct 17, 2016 at 4:47 PM, Yasuo Ohgaki wrote: > Hi Davey, > > On Sun, Oct 16, 2016 at 6:08 PM, Yasuo Ohgaki wrote: >> >> I was planning to fix session_start() behaviors by PHP 7.1, but I >> forgot to do this completely. Partial fix is

Re: [PHP-DEV] Bug fix and RFC/Merge rule

Hi Pierre, On Wed, Oct 19, 2016 at 9:52 AM, Pierre Joye wrote: > Like your session change, while not really critical to me (has been > like that for ages) is relatively logical while as a RM, I would not It's off topic, but I'll paste answer to a question regarding

RE: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness

Yasuo, > -Original Message- > From: Yasuo Ohgaki [mailto:yohg...@ohgaki.net] > Sent: Tuesday, October 18, 2016 9:53 PM > To: Anatol Belski > Cc: Joe Watkins ; Niklas Keller ; > Leigh ; PHP Internals

Re: [PHP-DEV] Re: lxr.php.net is coming soon.... finally....

On 19.10.2016 at 00:07, Ferenc Kovacs wrote: > On Tue, Oct 18, 2016 at 9:14 PM, Rowan Collins > wrote: > >> Looks like it's generating slightly the wrong link for some reason: it >> goes to http://lxr.php.net/source/s?defs=php_info_print_table_row >> oject=PHP-MASTER

Re: [PHP-DEV] Bug fix and RFC/Merge rule

hi Yasuo, On Wed, Oct 19, 2016 at 4:41 AM, Yasuo Ohgaki wrote: > Hi all, > > Following commit is reverted because someone requested "RFC" and/or > demand "Merge approval from RM", Yes, this is the rule for non obvious things. Or no matter what for stable branches in security

[PHP-DEV] Re: header() removes all header of the same name.

Hi all, On Tue, Oct 18, 2016 at 4:31 PM, Yasuo Ohgaki wrote: > I understand why header() is made to remove all headers of the same > name. This is needed in some cases, but it does not work well for some > cases. > > We need to decide what to do with >

[PHP-DEV] Re: Bug fix and RFC/Merge rule

Hi Yasuo! On 18.10.2016 at 23:41, Yasuo Ohgaki wrote: > After all, my question is "Should we discuss all bugs before commits?" No, I don't think that would be reasonable for time reasons. However, if someone steps in, raising doubts about a certain bug fix, that has to be discussed and if no