> > Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
> > even significantly weak when used properly
> >
> Also there are sites hosting md5 hashes and the equivalent text for
> password cracking.
>
This is exactly what I meant by "used properly" the problem you're
describing
Sara Golemon wrote:
> Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
> even significantly weak when used properly, but she's in the twlight years
> and it's time to send ma to the old folks home for some rest and green
> jello.
>
Also there are sites hosting md5 hashes
Ilia Alshanetsky wrote:
> Stefan,
>
> There will be another RC, but I'd prefer to reserve this feature till
> PHP 5.1.1.
>
> Ilia
>
Hi Guys,
Are there any chances of getting this implemented in the next releases
of PHP 5.0.X and 4.4.X?
Regards
--jm
--
Jacques Marneweck
http://www.powertrip.c
Bob,
As mentioned, attached is what I had for the String class (have not touched
the code for many months now). It contains the methods below. What I was
aiming for was to have the best of the C++ and Java String methods, plus
some new methods named after the PHP-specific string functions.
__cons
Jochem,
the point with most of these issues is that there's no common
understanding of what things like protected or static interface members
mean; from an OO point of view, they make no sense, and I was only
trying to explain why.
Unless there is a common understanding what a certain language co
Do you hit the same issue with using the latest PHP 5.1 snapshot?
--Jani
On Wed, 16 Nov 2005, Michael Sisolak wrote:
I'm trying to debug an issue I'm seeing with PHP 5.0.5 and Apache
2.0.55 (using apache2handler SAPI) running under Windows 2000 Server.
I need to set the mssql.max_pro
Eek. Just ignore me. Please. Didn't read the message properly :)
--
David Zülke
[EMAIL PROTECTED]
Tel: +49 (0)89 21 58 27 53
Fax: +49 (0)89 21 58 27 55
bitXtender GbR
Scherbaumstr. 19
81737 München
> -Original Message-
> From: David Zülke [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, Nov
Hello,
There has already been a discussion about this with the subject "Subject
and Observer Interfaces" opened by Jeff Moore. I must say that I
completely agree with Marcus Boerger on this subject.
It is not difficult to extend Subject and Observer so you can pass
additional information to the O
Hello Rasmus,
to have this idea posted a second time. I think we should have all native
types be auto converted and add a flag for the _ex version of the parsing
api that prevents from auto conversion. However we are to close to release
so i think we should do that only in 5.1.1 (ilia most proba
I don't have an answer to your main question, but I guess you could just as
well use http://www.php.net/manual/en/function.set-error-handler.php
couldn't you?
- David
> -Original Message-
> From: Ryan Dingman [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 16, 2005 9:02 PM
> To: in
I sent this message last week and haven't received a single reply. I
was hoping for someone to either agree that it was a bug and advise
if/when a patch would be included in PHP or explain why they believe
that this is the "correct" behavior for PHP.
Thanks in advance,
Ryan Dingman
[EMA
Right, so bottom line, MD5 is showing signs of fatigue. Not "broken" or
even significantly weak when used properly, but she's in the twlight years
and it's time to send ma to the old folks home for some rest and green
jello.
SHA1 isn't quite the matriach yet, but despite having miles to go before
An interface is a public contract that describes the behaviour of an object.
If you're not using interfaces in that way, you're doing something
fundamentally wrong.
--Wez
On 11/16/05, Jochem Maas <[EMAIL PROTECTED]> wrote:
> why does the engine care about the visibility of interface methods I dec
Andi Gutmans wrote:
Please read the archives where discussions took place.
As you stated it would be "abusing" the notion of what interfaces ar
Take a look at abstract classes. That might help you.
Andi,
I read pretty much everything but the account requests on internals
(and have done sinc
"Ilia Alshanetsky" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Ron Korving wrote:
> > I just read this news that an MD5 collision can now be done by anyone in
45
> > minutes (avg) on a P4 1.6 GHz:
> >
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid
Ron Korving wrote:
> I just read this news that an MD5 collision can now be done by anyone in 45
> minutes (avg) on a P4 1.6 GHz:
> http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid=93&tid=228
> http://www.stachliu.com.nyud.net:8090/collisions.html
>
> MD5 as the stan
I just read this news that an MD5 collision can now be done by anyone in 45
minutes (avg) on a P4 1.6 GHz:
http://it.slashdot.org/article.pl?sid=05/11/15/2037232&threshold=-1&tid=172&tid=93&tid=228
http://www.stachliu.com.nyud.net:8090/collisions.html
MD5 as the standard for hashing is definately
I'm trying to debug an issue I'm seeing with PHP 5.0.5 and Apache
2.0.55 (using apache2handler SAPI) running under Windows 2000 Server.
I need to set the mssql.max_procs setting to 300. If I change it in
php.ini everything works fine and the system is quite stable. To keep
all my config changes
Please read the archives where discussions took place.
As you stated it would be "abusing" the notion of what interfaces are.
Take a look at abstract classes. That might help you.
Andi
At 07:24 AM 11/16/2005, Jochem Maas wrote:
why does the engine care about the visibility of interface methods
Matthias Pigulla wrote:
why does the engine care about the visibility of interface
methods I declare?
I understand the argument that interface methods only have
'meaning' when applied as public methods of objects - but
thats rather academic and personally I can think of useful
ways to abuse in
> Ilia Alshanetsky
> 5.1 Release Master
Only a master of evil, Darth. [lightsabers clash]
SCNR ;)
- David
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Unfortunately several issues discovered in RC4 and the fixes were
sufficiently complex to warrant another release candidate. So here goes
the fifth and hopefully the final RC of 5.1.0. You can download the
source packages from here:
http://downloads.php.net/ilia/php-5.1.0RC5.tar.bz2
8a6d9b78203a25
> why does the engine care about the visibility of interface
> methods I declare?
> I understand the argument that interface methods only have
> 'meaning' when applied as public methods of objects - but
> thats rather academic and personally I can think of useful
> ways to abuse interfaces usin
why does the engine care about the visibility of interface methods I declare?
I understand the argument that interface methods only have 'meaning' when
applied
as public methods of objects - but thats rather academic and personally I can
think of useful ways to abuse interfaces using protected me
Thanks Derick, consider it done.
- Original Message -
From: "Derick Rethans" <[EMAIL PROTECTED]>
To: "Steph Fox" <[EMAIL PROTECTED]>
Cc: "internals"
Sent: Wednesday, November 16, 2005 7:22 AM
Subject: Re: [PHP-DEV] Upgrade notes for PHP 5.1 - 3rd draft
> On Tue, 15 Nov 2005, Steph Fox
Rasmus Lerdorf wrote:
Derick Rethans wrote:
On Tue, 15 Nov 2005, Andrei Zmievski wrote:
Perhaps, but I would maintain that passing "123abc" and having it
interpreted
as 123 is still wrong.
Yeah, I lean that way too, although trailing whitespace should be
supported IMO.
I don't like ha
Hello,
> assuming this is true then the built in session handler is pretty
> vulnerable right now no?
> one only has the choice of md5 or sha1 for the hashing mechanism of
> the session handlers id
> as far as I can see ... if php gets a sha256 in the core it would
> possibly be a good thing
> to
Stefan Esser wrote:
Hello,
with MD5 and SHA1 more or less broken, I have hacked together sha256() and
sha256_file(),
because people want a secure hashing function in plain PHP without the need for
3rd party
libraries like mhash.
assuming this is true then the built in session handler is pret
Rasmus Lerdorf wrote:
> Right now, without looking at the source code, there is no way to tell
> which functions do strict casting and which ones don't.
I know. I would rather see all functions do the strict casting. I want
be warned about passing wrong parameters. In my eyes, it's harder to
expla
Jakub Vrana wrote:
Rasmus Lerdorf wrote:
Yeah, I am leaning towards that as well. I don't like the inconsistency
between direct casting via (int) vs. zend_parse_parameter's strict
casting. It is much simpler to explain that functions will cast to the
required parameter type and have one cons
Rasmus Lerdorf wrote:
> Yeah, I am leaning towards that as well. I don't like the inconsistency
> between direct casting via (int) vs. zend_parse_parameter's strict
> casting. It is much simpler to explain that functions will cast to the
> required parameter type and have one consistent way to c
Jani Taskinen wrote:
On Tue, 15 Nov 2005, Rasmus Lerdorf wrote:
Derick Rethans wrote:
On Tue, 15 Nov 2005, Andrei Zmievski wrote:
Perhaps, but I would maintain that passing "123abc" and having it
interpreted
as 123 is still wrong.
Yeah, I lean that way too, although trailing whitespace s
Once we get GOTO and the ?: operator, we don't need no stinking macros! :)
--Jani
On Tue, 15 Nov 2005, Jason Garber wrote:
Hello Internals,
Remember the ifsetor() discussion? There were many, many people for
it, and many people that did not see the point. To this day, it's
not
On Tue, 15 Nov 2005, Rasmus Lerdorf wrote:
Derick Rethans wrote:
On Tue, 15 Nov 2005, Andrei Zmievski wrote:
Perhaps, but I would maintain that passing "123abc" and having it
interpreted
as 123 is still wrong.
Yeah, I lean that way too, although trailing whitespace should be supported
IM
34 matches
Mail list logo
