> Hmm.. I was wondering if we should go one step further and also provide a
> stream to the data. If the most common usage of this construct is going to
> be reading the data after __HALT_PHP_PARSER__ then we should optimize for
> that case. Something like
>
> $data = gzdeflate(file_get_content
Hmm.. I was wondering if we should go one step further and also provide
a stream to the data. If the most common usage of this construct is
going to be reading the data after __HALT_PHP_PARSER__ then we should
optimize for that case. Something like
...
I would suggest keeping such implementat
Andi Gutmans wrote:
Yeah I would go and over-engineer this patch.
I agree with you guys, I was just brain-storming ;-)
It's not exactly a general purpose patch especially when it comes to
web. So I think it is already questionable how many ppl would actually
use it. Taking that an over-engineerin
Moriyoshi Koizumi wrote:
Hi,
I modified your patch so it can capture the position where the
supposed data begins into the constant __HALT_PHP_PARSER__.
There may be a problem with my patch if more than one require()'d /
include()'d script contain __HALT_PHP_PARSER__, but it'd be
quite handy if such
Yeah I would go and over-engineer this patch.
It's not exactly a general purpose patch especially when it comes to web.
So I think it is already questionable how many ppl would actually use it.
Taking that an over-engineering it doesn't make sense.
Andi
At 07:19 AM 3/12/2005 -0500, John Coggesha
I think the lexer patch is good enough.
John
On Sat, 2005-03-12 at 06:58, Christian Schneider wrote:
> Moriyoshi Koizumi wrote:
> > I modified your patch so it can capture the position where the
> > supposed data begins into the constant __HALT_PHP_PARSER__.
>
> Sounds like a good idea to me as
Moriyoshi Koizumi wrote:
I modified your patch so it can capture the position where the
supposed data begins into the constant __HALT_PHP_PARSER__.
Sounds like a good idea to me as all the manual work to guess the start
of the data look a bit kludgy to me.
abc
def
Hmm.. I was wondering if we sh
Hi,
I modified your patch so it can capture the position where the
supposed data begins into the constant __HALT_PHP_PARSER__.
There may be a problem with my patch if more than one require()'d /
include()'d script contain __HALT_PHP_PARSER__, but it'd be
quite handy if such an issue is resolved.
Sara Golemon wrote:
Just a nudge about this code approach.
#1 It doesn't detect EOF
Well, if you encounter EOF before the HALT tag, it means as a developer
of the script you are trying to break your own code ;-)
#2 It forgets about the newline returned by fgets(
True, I suppose strncmp could
On Fri, Mar 11, 2005 at 04:43:21PM -0500, Ilia Alshanetsky wrote:
> Daniel Convissor wrote:
> >Interesting. I'm wondering about the security implications of this.
> >This makes it very easy to use PHP as a means to propogate all sorts of
> >nasty things.
>
> You can already use PHP to propagate al
On Fri, Mar 11, 2005 at 04:49:50PM -0500, John Coggeshall wrote:
> There is no issue here. You can throw binary data at the end of a PHP
> script as it is now:
>
>
>/* stuff */
>exit;
> ?>
>
True enough.
Thanks,
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M
> 1) while (fgets($fp) != ''));
>
Just a nudge about this code approach.
#1 It doesn't detect EOF
#2 It forgets about the newline returned by fgets()
#3 It doesn't allow the HALT; to float within a line between other content
(not that you'd do that anyway but...
while (($tmp = fgets($fp)) &
Wez Furlong wrote:
If you name the token __HALT_PHP_PARSER__ instead (or something
equally unlikely to be used by accident and unambiguous in meaning),
you'll get a +1 from me :-)
I aim to please ;-) Here is the revised patch that makes the token a bit
clearer and also increases the strictness of
On Fri, 2005-03-11 at 16:37, Daniel Convissor wrote:
> Interesting. I'm wondering about the security implications of this.
> This makes it very easy to use PHP as a means to propogate all sorts of
> nasty things. Well, people could even do that today in one script by
> setting a variable to a
If you name the token __HALT_PHP_PARSER__ instead (or something
equally unlikely to be used by accident and unambiguous in meaning),
you'll get a +1 from me :-)
--Wez.
On Fri, 11 Mar 2005 14:36:16 -0500, Ilia Alshanetsky <[EMAIL PROTECTED]> wrote:
> The attach patch implements a special "token"
Daniel Convissor wrote:
Interesting. I'm wondering about the security implications of this.
This makes it very easy to use PHP as a means to propogate all sorts of
nasty things.
You can already use PHP to propagate all sorts of nasty things, nothing
changes in this respect.
Well, people coul
Hi Ilia:
On Fri, Mar 11, 2005 at 04:27:53PM -0500, Ilia Alshanetsky wrote:
> The data will not be parsed or output. When you need it you would make
> the script open itself and read the (binary) data dump from the end of
> the file and use it various creative ways.
Interesting. I'm wondering
Would the data after that point be sent directly to STDOUT? Or would the
present script somehow be able to use it?
The data will not be parsed or output. When you need it you would make
the script open itself and read the (binary) data dump from the end of
the file and use it various creative w
Hi Ilia:
On Fri, Mar 11, 2005 at 02:36:16PM -0500, Ilia Alshanetsky wrote:
> The attach patch implements a special "token" that can be
> used to stop the Zend lexical parser from parsing any data after this
> token.
Would the data after that point be sent directly to STDOUT? Or would the
pre
We've been talking about this on IRC for awhile now and I think it's a
nice patch to minimize memory usage when you want to create these sorts
of "bundled" PHP/data hybrid scripts.
John
On Fri, 2005-03-11 at 14:36, Ilia Alshanetsky wrote:
> The attach patch implements a special "token" that can
The attach patch implements a special "token" that can be
used to stop the Zend lexical parser from parsing any data after this
token.
The idea behind this patch is to allow tucking on of any data (binary
and otherwise) to the PHP script without having to encode it. It also
saves on memory/cp
21 matches
Mail list logo
