Search Discussions
-
Voting is now open with options which PHP version to release with and how to name it (since some seem to prefer the more compact __debug()) https://wiki.php.net/rfc/debug-info
Sara Golemon
Feb 3, 2014 at 8:06 pm
Feb 12, 2014 at 11:42 pm -
Hi internals, as I've received no further feedback I've opened the voting on "Timing attack safe string comparison function": - https://wiki.php.net/rfc/timing_attack Voting ends on 2014/02/09 ...
Rouven Weßling
Feb 2, 2014 at 10:50 pm
Mar 19, 2014 at 2:31 am -
I was playing with the most recent snap builds and, as expected, the openssl delegation to OS maintained certificate stores does not work in windows (like it does everywhere else). In sane distros ...
Daniel Lowrey
Feb 3, 2014 at 6:08 pm
Mar 2, 2014 at 9:07 pm -
Hi all, I thought it might be good for us to have declaring minimum PHP version required to execute script. http://jp1.php.net/manual/en/control-structures.declare.php Something like <?php ...
Yasuo Ohgaki
Feb 3, 2014 at 6:58 am
Feb 5, 2014 at 5:40 pm -
Morning Internals [, and Dmitry :)], I came across a reason to think about assertions again today, my original, pretty radical, patch was worked on by dmitry, I updated the RFC a while ago but ...
Joe Watkins
Feb 2, 2014 at 11:25 am
Feb 5, 2014 at 10:22 pm -
Hi all, This is a little improvement for HTML escape. https://wiki.php.net/rfc/secure-html-escape "/" escape is recommended by OWASP and we may follow them. Any comments? Regards, -- Yasuo Ohgaki ...
Yasuo Ohgaki
Feb 2, 2014 at 3:10 am
Feb 23, 2014 at 5:03 am -
hi, About the timing attack RFC, I have asked for some review and advice and here is a useful one already, thanks Alex :) Please keep him as CC as I do not know if he is on this list. Cheers, ...
Pierre Joye
Feb 5, 2014 at 10:20 am
Feb 12, 2014 at 4:30 pm -
Hi all, "Optional PHP tags by php.ini and CLI options" RFC has been discussed very long time. https://wiki.php.net/rfc/nophptags I would like to know is there anyone who would like not to have this ...
Yasuo Ohgaki
Feb 10, 2014 at 7:36 am
Feb 15, 2014 at 12:04 am -
hi, Unicode still remains one of the top requested features in PHP. However as Rasmus and other stated earlier, it is not a trivial job. Some of the keys point we need to take care of are: - UTF-8 ...
Pierre Joye
Feb 20, 2014 at 5:54 am
Mar 14, 2014 at 10:12 pm -
hi, There are a lot of additions and discussions about entropy source and (P)RNG lately. PHP already has a ini setting to define a strong entropy source for the session module, which defaults to ...
Pierre Joye
Feb 7, 2014 at 11:25 am
Feb 15, 2014 at 12:50 pm -
Hi all, Secure Session Module Options by Default https://wiki.php.net/rfc/secure-session-options-by-default Session is core of web security. Therefore, default should be as secure as possible by ...
Yasuo Ohgaki
Feb 1, 2014 at 10:34 pm
May 12, 2014 at 8:14 am -
Hi all, uniqid() is producing unique ID for the system which is good for email's message ID etc. Many users are using uniqid() as secure unique ID which is very bad thing to do for security. It may ...
Yasuo Ohgaki
Feb 2, 2014 at 4:33 am
Feb 3, 2014 at 9:26 pm -
Hi all, This RFC changes default session settings and introduces a new setting that disables possible timing attack against session ID. All of them help to improve general session ID security except ...
Yasuo Ohgaki
Feb 17, 2014 at 4:28 am
Feb 24, 2014 at 2:09 pm -
hi, I put my thoughts and summary of the recent discussions about what could be PHP 6 here: https://wiki.php.net/ideas/php6 Things like "we should name it php7" has not been covered, for one obvious ...
Pierre Joye
Feb 17, 2014 at 6:28 am
Feb 21, 2014 at 1:13 pm -
Hi, I just submitted a PR (https://github.com/php/php-src/pull/588) to allow utf-8 chars to be included in file names that are put into a phar file. I thought I'd ask for feedback here as it would be ...
Dan Ackroyd
Feb 13, 2014 at 9:55 pm
Apr 25, 2014 at 8:29 am -
Hi all, Since this RFC is declined, https://wiki.php.net/rfc/multibyte_char_handling We need another short term resolution for it at least. Any suggestions? Regards, -- Yasuo Ohgaki <span ...
Yasuo Ohgaki
Feb 24, 2014 at 9:41 am
Mar 1, 2014 at 12:20 am -
Hey folks, I've written up an RFC/Patch to gauge interest and get feedback on the addition of a combined comparison (aka: spaceship) operator. You can see the RFC at ...
Davey Shafik
Feb 13, 2014 at 3:58 am
Feb 14, 2014 at 4:10 pm -
Voting is now open for the Improved TLS Defaults RFC and will run through Wednesday Feb. 19: https://wiki.php.net/rfc/improved-tls-defaults#vote Note that while the implementation is vote-ready at ...
Daniel Lowrey
Feb 11, 2014 at 8:08 pm
Feb 20, 2014 at 8:04 pm -
Hello internals, there has already been a lot of talk about improving secure random number generation for PHP6. One thing I'd like to improve as well, would be non-secure random number generation ...
Rouven Weßling
Feb 23, 2014 at 6:45 pm
Feb 27, 2014 at 10:34 pm -
I think an explanation of my recent posts is probably due. The bulk of my income is from council and other local authority customers who are required to jump through many often difficult to identify ...
Lester Caine
Feb 8, 2014 at 11:49 am
Feb 8, 2014 at 9:12 pm -
Hi internals! I opened the vote on the array of RFC: https://wiki.php.net/rfc/arrayof#vote Voting will end 2014/03/07 Phil
Philip Sturgeon
Feb 28, 2014 at 4:32 pm
Mar 3, 2014 at 8:39 pm -
Hello guys, What is the current status of the named params implementation (RFC [1])? According to RFC it's under discussion and proposed for 5.6 release. Can we really expect this feature in 5.6 ...
Gleb Golubitsky
Feb 21, 2014 at 12:15 pm
Feb 27, 2014 at 12:44 pm -
12
Singletons
Hello. ^^ I just wanted to ask, if there is a singleton implementation? The current one is rather „hackish“, by using a static property, initializer and a function to itneract with it all. Sadly, I ...Kevin Ingwersen
Feb 5, 2014 at 10:19 am
Feb 5, 2014 at 6:27 pm -
Hi, I've just wanted to mention that after some discussion with Julien and considering the small number of unresolved open RFCs, we decided that the next release after alpha3(which is already tagged ...
Ferenc Kovacs
Feb 27, 2014 at 9:04 am
Mar 11, 2014 at 12:58 pm -
Hi all, Current PHP has security issue that attacker may execute arbitrarily script via encoding based attack. These 2 RFCs are for short and long term resolution for this issue. Short term ...
Yasuo Ohgaki
Feb 10, 2014 at 3:57 am
Feb 20, 2014 at 10:55 am -
Hi internals, To complement array_search(), I'm gauging the interest in adding the following function: mixed array_usearch(array $haystack, callable $fn, int $flags = 0) It returns the first array ...
Tjerk Meesters
Feb 6, 2014 at 2:38 pm
Feb 9, 2014 at 2:02 am -
Hi, here another idea for PHP 6 the simply means removing the datatype "resource" because and convert current resources into classes/objects as it's already done with GMP. Because resources are ...
Marc Bennewitz
Feb 21, 2014 at 8:07 pm
Mar 6, 2014 at 5:29 pm -
Hi internals! I wrote a patch to expose PCRE mark information in PHP, see https://github.com/php/php-src/pull/609/files. The last passed *MARK will be added to the $matches array under key "MARK". If ...
Nikita Popov
Feb 28, 2014 at 8:37 pm
Mar 18, 2014 at 2:54 pm -
So, when trying to upload the latest Xdebug release I get this *incorrect* nonsense preventing me from making a release: ERROR: The compliance between the package version in package.xml and extension ...
Derick Rethans
Feb 28, 2014 at 4:47 pm
Feb 28, 2014 at 6:36 pm -
Hello, We just released PHP 5.5.10 RC1 , which you can download from http://downloads.php.net/jpauli/ You can test it and report any bugs or regressions that you may notice using the bug system at ...
Julien Pauli
Feb 20, 2014 at 11:56 am
Feb 22, 2014 at 12:15 am -
Hey. Just a while ago, i started writing a C++ library, that I would like to utilize in PHP. Since the original aproach was made in C++, I would like to keep the OOP syntax in PHP. Already, months ...
Kevin Ingwersen
Feb 13, 2014 at 8:22 pm
Feb 14, 2014 at 9:54 am -
mcrypt_create_iv() is the cleanest access to a universal system-level primitive that supports both /dev/urandom and php_win32_get_random_bytes() under the hood. Unfortunately, it resides in ...
Thomas Hruska
Feb 7, 2014 at 7:05 am
Feb 7, 2014 at 9:28 pm -
6
[VOTE] RFC: Introduce session_start() options - read_only, unsafe_lock, lazy_write and lazy_destroy
Hi all, I almost forgot to start vote for this RFC. This RFC is to introduce options to session_start(). Options are read_only, lazy_write, unsafe_lock and lazy_destroy. lazy_destroy is bug fix in ...Yasuo Ohgaki
Feb 13, 2014 at 3:40 am
Mar 16, 2014 at 6:12 am -
These two files in PHP-5.6 branch actually are the same than master. I just noticed that when I wanted to write about the merge of pow operator RFC… Could someone please fix that one? Bob
Bob Weinand
Feb 6, 2014 at 8:53 am
Feb 6, 2014 at 2:14 pm -
Hi, as the concerns on the BC breach by zpp and macros changes are huge, we've invented the below to make the essential change only visible. This branches have zpp and macros change reverted (like #2 ...
Anatol Belski
Feb 1, 2014 at 12:30 pm
Feb 5, 2014 at 11:39 pm -
Hi all, Build OpenSSL Module by Default https://wiki.php.net/rfc/build-openssl-by-default Internal developers and application developers' life could be a lot easier if OpenSSL can be used always ...
Yasuo Ohgaki
Feb 3, 2014 at 5:16 am
Feb 4, 2014 at 6:55 am -
Hi, I was recently answering a question about null byte injection into PCRE and the OP claimed that a pattern such as "~.+~e\x00u" would be accepted; they were using 5.3. The commit that fixed it was ...
Tjerk Meesters
Feb 18, 2014 at 7:43 pm
Feb 20, 2014 at 10:30 pm -
Hi, Just trying to make sure before opening a bug, have someone built mysqli in 5.6.0 alpha2? Used this configure flag: --with-mysqli=shared,/usr/bin/mysql_config mysql: 5.5.35 ...
Lior Kaplan
Feb 15, 2014 at 5:01 pm
Feb 16, 2014 at 7:08 am -
I propose that we increase the minimum duration for an RFC to be in the voting phase from one week to something longer. The rationale is quite simple: - One week is often not enough time for me to ...
Levi Morrison
Feb 4, 2014 at 9:47 pm
Feb 5, 2014 at 6:10 am -
Hi, we have the plan to change types we use for zval data. A common place we use this in is the family of zend_parse_[method_]parameters[_ex] functions. The issue there is that those a variadic so ...
Johannes Schlüter
Feb 17, 2014 at 8:42 pm
Feb 18, 2014 at 5:59 pm -
Hi all. On our server we infrequently get a warning when session_start() is called. The message says "The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and ...
Christian Stoller
Feb 11, 2014 at 7:31 am
Feb 12, 2014 at 8:20 am -
Hi, I hope I am submitting this message to the correct list. I have a blocking issue on thread safety in our PHP extension module that we have developed at Saxonica called Saxon/C, which provides ...
O'Neil Delpratt
Feb 26, 2014 at 3:58 pm
Feb 26, 2014 at 5:35 pm -
Hey. For a long time now, I have been using nodejs and its async methods. I am even working on bridging nodejs and PHP via a native addon…but thats more complex for another thread. But, as I used ...
Kevin Ingwersen
Feb 25, 2014 at 4:43 pm
Feb 25, 2014 at 7:22 pm -
FYI, these are things I plan to work on for the post-5.6 timeframe: - Support for SNI in *servers* (currently only supported by clients) - Support for DTLS (datagram client/server encryption) - ...
Daniel Lowrey
Feb 12, 2014 at 1:22 pm
Feb 21, 2014 at 9:18 pm -
Hi all, We have number of RFC that has been declined. It's good we agree not to introduce proposal. However, it's not good we don't see the reason why. Since RFC is technical discussion, there should ...
Yasuo Ohgaki
Feb 13, 2014 at 1:58 am
Feb 13, 2014 at 6:35 am -
Hi Pierre, Why is uniqid() is not guarantee uniqueness under windows? https://bugs.php.net/bug.php?id=65626 It seems PHP_WIN32 and __CYGWIN__ check is obsolete. Could it be removed? Regards, -- Yasuo ...
Yasuo Ohgaki
Feb 8, 2014 at 9:15 pm
Feb 9, 2014 at 11:34 pm -
Hi, After Bob merged the pow related changes, executing the new tests with --enable-debug I've got two memory leaks: [tyrael@Ferencs-MacBook-Pro-135 php-src.git (PHP-5.6.0 ✗)]$ cat ...
Ferenc Kovacs
Feb 6, 2014 at 3:40 pm
Feb 6, 2014 at 8:34 pm -
Hello there! I just wanted to ask what the current status for this RFC is: https://wiki.php.net/rfc/deprecated-modifier Currently, I am just browsing thru the RFCs available. Some of them have ...
Kevin Ingwersen
Feb 2, 2014 at 4:43 pm
Feb 2, 2014 at 5:41 pm -
Hi, As a simpler to implement approach to Unicode, could we perhaps support it just by adding an “is UTF-8” flag to strings internally? Then unmodified functions would just see a normal string and ...
Andrea Faulds
Feb 20, 2014 at 4:17 pm
Feb 20, 2014 at 8:37 pm -
This is embarrassing ... So I made the mistake of git pull on each branch (5.4/5/6/master) (without --rebase) before pushing a small update tonight. So when I merged each branch the merge commits ...
Daniel Lowrey
Feb 19, 2014 at 2:58 am
Feb 19, 2014 at 10:34 am
Group Overview
| group | php-internals |
| categories | php |
| discussions | 70 |
| posts | 971 |
| users | 101 |
| website | php.net |
101 users for February 2014
Archives
- June 2016 (1)
- May 2016 (648)
- April 2016 (33)
- March 2016 (575)
- February 2016 (423)
- January 2016 (40)
- December 2015 (266)
- November 2015 (481)
- October 2015 (23)
- April 2015 (156)
- March 2015 (988)
- February 2015 (836)
- January 2015 (1,468)
- December 2014 (710)
- November 2014 (703)
- October 2014 (787)
- September 2014 (730)
- August 2014 (700)
- July 2014 (1,142)
- June 2014 (488)
- May 2014 (816)
- April 2014 (355)
- March 2014 (611)
- February 2014 (971)
- January 2014 (963)
- December 2013 (489)
- November 2013 (468)
- October 2013 (562)
- September 2013 (622)
- August 2013 (451)
- July 2013 (330)
- June 2013 (422)
- May 2013 (364)
- April 2013 (359)
- March 2013 (497)
- February 2013 (537)
- January 2013 (547)
- December 2012 (335)
- November 2012 (148)
- October 2012 (480)
- September 2012 (632)
- August 2012 (661)
- July 2012 (841)
- June 2012 (362)
- May 2012 (317)
- April 2012 (1,101)
- March 2012 (908)
- February 2012 (780)
- January 2012 (428)
- December 2011 (466)
- November 2011 (690)
- October 2011 (331)
- September 2011 (628)
- August 2011 (777)
- July 2011 (558)
- June 2011 (1,099)
- May 2011 (488)
- April 2011 (345)
- March 2011 (236)
- February 2011 (137)
- January 2011 (230)
- December 2010 (434)
- November 2010 (701)
- October 2010 (211)
- September 2010 (277)
- August 2010 (362)
- July 2010 (205)
- June 2010 (399)
- May 2010 (416)
- April 2010 (473)
- March 2010 (635)
- February 2010 (148)
- January 2010 (325)
- December 2009 (335)
- November 2009 (334)
- October 2009 (270)
- September 2009 (205)
- August 2009 (276)
- July 2009 (605)
- June 2009 (460)
- May 2009 (285)
- April 2009 (254)
- March 2009 (351)
- February 2009 (335)
- January 2009 (451)
- December 2008 (347)
- November 2008 (475)
- October 2008 (795)
- September 2008 (620)
- August 2008 (673)
- July 2008 (829)
- June 2008 (654)
- May 2008 (642)
- April 2008 (653)
- March 2008 (872)
- February 2008 (804)
- January 2008 (751)
- December 2007 (752)
- November 2007 (563)
- October 2007 (490)
- September 2007 (499)
- August 2007 (660)
- July 2007 (965)
- June 2007 (359)
- May 2007 (904)
- April 2007 (476)
- March 2007 (451)
- February 2007 (465)
- January 2007 (499)
- December 2006 (480)
- November 2006 (454)
- October 2006 (391)
- September 2006 (437)
- August 2006 (389)
- July 2006 (840)
- June 2006 (397)
- May 2006 (778)
- April 2006 (426)
- March 2006 (591)
- February 2006 (291)
- January 2006 (391)
- December 2005 (434)
- November 2005 (1,060)
- October 2005 (554)
- September 2005 (677)
- August 2005 (1,157)
- July 2005 (419)
- June 2005 (704)
- May 2005 (195)
- April 2005 (446)
- March 2005 (474)
- February 2005 (770)
- January 2005 (210)
- December 2004 (295)
- November 2004 (308)
- October 2004 (558)
- September 2004 (580)
- August 2004 (734)
- July 2004 (927)
- June 2004 (653)
- May 2004 (575)
- April 2004 (774)
- March 2004 (585)
- February 2004 (819)
- January 2004 (700)
- December 2003 (903)
- November 2003 (682)
- October 2003 (530)
- September 2003 (297)
- August 2003 (659)
- July 2003 (604)
- June 2003 (952)
- May 2003 (994)
- April 2003 (557)
- March 2003 (556)