Re: [PHP-DEV] Testing math functions

2007-08-26 Thread Pierre
On 8/23/07, Zoe Slattery [EMAIL PROTECTED] wrote: Hi - I've writing a few tests for the math extension and have a question about floating point precision. Here's a small example: --TEST-- Test return type and value for expected input sin() --INI-- precision = 14 --FILE-- ?php

Re: [PHP-DEV] [PATCH] zend-multibyte unicode detection vs. __halt_compiler()

2007-08-26 Thread Rui Hirokawa
Hi, IMHO, #42396 is not a bug, but it is the specification. The normal script doesn't contain a null byte if it is not encoded in Unicode. It is understandable the addition of a unique byte seqence '0x' detection to support PHAR/PHK, but it is a change to add a new feature. Rui On

[PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Mark Krenz
First of all I don't want this to sound like a personal attack, its professional. I just encountered something that really aggrevates me about the state of PHP and I want to be heard by the developers. I just read through this document, http://www.php.net/~derick/meeting-notes.html and

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Stanislav Malyshev
and read the notes on safe_mode and open_basedir. PHP as is, is a real pain in the ass to lock down completely and it always has been. In fact, I'd venture to say that its impossible. And believe me when I say that No more and no less than any other scripting language, I'd say. And the

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Richard Lynch
On Sun, August 26, 2007 2:31 pm, Mark Krenz wrote: First of all I don't want this to sound like a personal attack, its professional. I just encountered something that really aggrevates me about the state of PHP and I want to be heard by the developers. First make sure you understand what

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Nate Gordon
On 8/26/07, Richard Lynch [EMAIL PROTECTED] wrote: First make sure you understand what safe_mode does, and doesn't do, and just how lame it is at what it tried to do, and fails to do, and simply cannot do. I am all for the removal of safe mode in php. I use safe_mode now, but I patch it to

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Cristian Rodriguez
On 8/26/07, Mark Krenz [EMAIL PROTECTED] wrote: So what is the plan for increasing the security of PHP rather than decreasing it? The plan is probably increasing the security of PHP, and removing safe_mode is an step to do that, false sense of security is worst than no security at all,

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Mark Krenz
On Sun, Aug 26, 2007 at 09:15:54PM GMT, Stanislav Malyshev [EMAIL PROTECTED] said the following: No more and no less than any other scripting language, I'd say. And the reason for that - it should be done on the OS level, not on the language level. OS possesses the capability and created

Re: [PHP-DEV] Safe mode being removed in PHP6?

2007-08-26 Thread Stanislav Malyshev
Really? Take anything that runs through CGI. I can turn on suexec for it and it will function the same plus it will run as the user and that gives me more benefits. But the architecture of how it runs is 100% secure, putting aside any vulnerabilities in the code that come up. It's what I

RE: [PHP-DEV] Constants in namesapces

2007-08-26 Thread Dmitry Stogov
We already have class constant that use declarative syntax and of course define() inside of class doesn't declare class constant. The same was done for namespaces. Thanks. Dmitry. -Original Message- From: Richard Lynch [mailto:[EMAIL PROTECTED] Sent: Sunday, August 26, 2007 7:50 AM