On 8/23/07, Zoe Slattery [EMAIL PROTECTED] wrote:
Hi - I've writing a few tests for the math extension and have a question
about floating point precision.
Here's a small example:
--TEST--
Test return type and value for expected input sin()
--INI--
precision = 14
--FILE--
?php
Hi,
IMHO, #42396 is not a bug, but it is the specification.
The normal script doesn't contain a null byte if it is not encoded in Unicode.
It is understandable the addition of a unique byte seqence
'0x' detection to support PHAR/PHK,
but it is a change to add a new feature.
Rui
On
First of all I don't want this to sound like a personal attack, its
professional. I just encountered something that really aggrevates me
about the state of PHP and I want to be heard by the developers.
I just read through this document,
http://www.php.net/~derick/meeting-notes.html
and
and read the notes on safe_mode and open_basedir. PHP as is, is a real
pain in the ass to lock down completely and it always has been. In fact,
I'd venture to say that its impossible. And believe me when I say that
No more and no less than any other scripting language, I'd say. And the
On Sun, August 26, 2007 2:31 pm, Mark Krenz wrote:
First of all I don't want this to sound like a personal attack, its
professional. I just encountered something that really aggrevates me
about the state of PHP and I want to be heard by the developers.
First make sure you understand what
On 8/26/07, Richard Lynch [EMAIL PROTECTED] wrote:
First make sure you understand what safe_mode does, and doesn't do,
and just how lame it is at what it tried to do, and fails to do, and
simply cannot do.
I am all for the removal of safe mode in php. I use safe_mode now,
but I patch it to
On 8/26/07, Mark Krenz [EMAIL PROTECTED] wrote:
So what is the plan for increasing the security of PHP rather than
decreasing it?
The plan is probably increasing the security of PHP, and removing
safe_mode is an step to do that, false sense of security is worst than
no security at all,
On Sun, Aug 26, 2007 at 09:15:54PM GMT, Stanislav Malyshev [EMAIL PROTECTED]
said the following:
No more and no less than any other scripting language, I'd say. And the
reason for that - it should be done on the OS level, not on the language
level. OS possesses the capability and created
Really? Take anything that runs through CGI. I can turn on suexec
for it and it will function the same plus it will run as the user and
that gives me more benefits. But the architecture of how it runs is
100% secure, putting aside any vulnerabilities in the code that come up.
It's what I
We already have class constant that use declarative syntax and of course
define() inside of class doesn't declare class constant.
The same was done for namespaces.
Thanks. Dmitry.
-Original Message-
From: Richard Lynch [mailto:[EMAIL PROTECTED]
Sent: Sunday, August 26, 2007 7:50 AM
10 matches
Mail list logo
