On 8/6/2012 2:24 AM, Maxwell Smart wrote:
Maxwell Smart wrote:
You're right. I went back through some e mails and found a note from
Dan about short tags in php.ini file. By default it's off in php5.3
install. It needs to be on according to Dan. I switched it on,
restarted Apache and everything works as expected.
Is there any security issue with having shot tags set to on?
_*You mean someone actually READS these??? *_
OMG! I'll have to make sure I'm /RIGHT /more often! :-)
FWIW: Short tags are not a real security issue unless you're in a
mixed-scripting environment, in which case short tags can result in some
odd (and sometimes extremely difficult to trace) problems -- especially
with XML interoperability!
The elimination of short tags in PHP5.3 is actually a change (ok, maybe
a migration) in the language syntax.... However, according to some
documentation, elimination of short tags may be REQUIRED in the next
major revision (PHP6)... there does seem to be some push-back in the PHP
community (regarding the deprecation of even allowing short tags - the
community appears to strongly favor keeping at least the option
available, so I wouldn't be surprised to see it re-enabled as an
option...).
However, as we (as a computing community) continue to move toward a
platform-independent model, we're going to have to live better with
other languages (like xml), and thus/as a coding style/, short tags need
to be phased out as we maintain our PHP scripts (and templates). (It
should be as easy as a global replace in php-only files!)
Just my thoughts! Before you complain, remember how much you paid for them!
Dan McAllister
--
IT4SOHO, LLC
PO Box 507
St. Petersburg, FL 33731-0507
CALL TOLL FREE:
877-IT4SOHO
We have support plans for QMail!
