PHP 6

The PHP world is really excited about the upcoming release of PHP 6.0. Amongst all the uncertainties in any new release, PHP 6.0 seems to be getting rid of three of the earlier troublesome features: register_globals, magic_quotes_gpc and safe_mode. The first was a big security hole, the second messed with the data and made changing environments quite difficult, while the third was usually misread, and provided a false sense of security. There’s also quite a lot of work scheduled to do with Unicode. Read more for some of the changes:

  • The register_globals, safe_mode and various quotes options will be removed.

  • The ereg extension is removed, while the XMLReader, XMLWriter and Fileinfo extensions are added to the core, and by default are on.

  • Another addition I find particularly exciting is that APC (Alternative PHP Cache) will be added to the core, though will be off by default. APC can provide serious performance benefits.

  • All E_STRICT messages will be merged into E_ALL, another positive change that will encourage good programming practice.

  • ASP style <% tags will no longer be supported.

  • A new switch in php.ini will allow you to disable Unicode semantics (by default they will be on).

  • There will also be various string improvements related to Unicode.

  • The microtime() function will return the full floating point number, rather than microseconds unix_timestamp, as at present, probably making the function more readily useful.

  • The {} notation for string indexes will no longer be supported, while the [] version will get added to substr() and array_slice() functionality.

  • FastCGI will always be enabled for the CGI SAPI, and will not allow it to be disabled.
    The ancient HTTP_*_VARS globals will no longer be supported.

  • var will alias public. var was permitted with PHP4 classes, but in PHP 5 this raised a warning. In PHP 6 var will simply be an alias for public, so no warning is necessary.

  • zend.ze1 always tried to retain old PHP4 behaviour, but apparently it “doesn’t work 100%” anyway, so it will be removed totally and throw an E_CORE_ERROR if detected

  • Dynamic functions will no longer be permitted, to be called with static syntax.

  • Both ‘$foo =& new StdClass()’ and ‘function &foo’ will now raise an E_STRICT error.

  • Support for both Freetype 1 and GD 1 support will be removed.Let us await the exiting GD3 soon

  • The FastCGI code will be cleaned up and always enabled for the CGI SAPI, it will not be able to be disabled.

PHP Engine Additions

  • 64 bit integers-A new 64 bit integer will be added (int64). There will be no int32 (it is assumed unless you specify int64)
  • Goto- No ‘goto’ command will be added, but the break keyword will be extended with a static label - so you could do ‘break foo’ and it’ll jump to the label foo: in your code.
  • ifsetor()- It looks like we won’t be seeing this one, which is a shame. But instead the ?: operator will have the ‘middle parameter’ requirement dropped, which means you’d be able to do something like this: “$foo = $_GET[’foo’] ?: 42;” (i.e. if foo is true, $foo will equal 42). This should save some code, but I personally don’t think it is as ‘readable’ as ifsetor would have been.
  • foreach multi-dim arrays-This is a nice change - you’ll be able to foreach through array lists, i.e. “foreach( $a as $k => list($a, $b))”.
  • {} vs []-You can currently use both {} and [] to access string indexes. But the {} notation will raise an E_STRICT in PHP5.1 and will be gone totally in PHP6. Also the [] version will gain substr and array_slice functionality directly - so you could do “[2,]” to access characters 2 to the end, etc. Very handy.

OO changes

  • Static Binding-A new keyword will be created to allow for late static binding - static::static2(), this will perform runtime evaluation of statics.
  • Namespaces-It looks like this one is still undecided - if they do implement namespaces it will be using their style only. My advice? Don’t hold your breath!
  • Type-hinted Return Values-Although they decided against allowing type-hinted properties (becaue it’s “not the PHP way”) they will add support for type-hinted return values, but have yet to decide on a syntax for this. Even so, it will be a nice addition.
  • Calling dynamic functions as static will E_FATAL-At the moment you can call both static and dynamic methods, whether they are static or not. Calling a dynamic function with the static call syntax will raise an E_FATAL.

Additions

  • APC to be in the core distribution-The opcode cache APC will be included in the core distribution of PHP as standard, it will not however be turned on by default (but having it there saves the compilation of yet another thing on your server, and web hosts are more likely to allow it to be enabled)
  • Hardened PHP patch-This patch implements a bunch of extra security checks in PHP. They went over it and the following changes will now take place within PHP: Protection against HTTP Response Splitting will be included. allow_url_fopen will be split into two: allow_url_fopen and allow_url_include. allow_url_fopen will be enabled by default. allow_url_include will be disabled by default.

PHP6 is taking an interesting move in my mind - it’s as if the PHP developers want to now educate developers about the right way to code something, and remove those lingering issues with “Well you SHOULD be doing it this way, but you can still do it the old way”. This will not be the case any longer. Removing totally the likes of register globals, magic quotes, long arrays, {} string indexes and call-time-pass-by-references will force developers to clean up their code.

For more details:

http://php6dev.blogspot.com/#unicode

http://www.corephp.co.uk/archives/19-Prepare-for-PHP-6.html


0 comments

Php

Htaccess

Creating A .htaccess File

Creating a .htaccess file may cause you a few problems. Writing the file is easy, you just need enter the appropriate code into a text editor (like notepad). You may run into problems with saving the file. Because .htaccess is a strange file name (the file actually has no name but a 8 letter file extension) it may not be accepted on certain systems (e.g. Windows 3.1). With most operating systems, though, all you need to do is to save the file by entering the name as:

".htaccess"

(including the quotes). If this doesn't work, you will need to name it something else (e.g. htaccess.txt) and then upload it to the server. Once you have uploaded the file you can then rename it using an FTP program.

Start like this:

You can use custom error pages for any error as long as you know its number (like 404 for page not found) by adding the following to your .htaccess file:

ErrorDocument errornumber /file.html /*optional
RewriteEngine On .....this is line should be
 there in all htaccess file.

eg:

ErrorDocument errornumber /file.html
RewriteEngine On
RewriteRule ^article/([0-9]+)/? article.php&article=$1 [R]

.htaccess file to stop the directory list from being shown:

Options -indexes

You can block an IP address by using:

deny from 000.000.000.000

To allow : 
allow from 000.000.000.000
To denyl all :
deny from all

0 comments

Php

Ajax 

I find a lot of this AJAX stuff a bit of a hype.
Lots of people have been using similar things long
before it became "AJAX".  And it really isn't as
complicated as a lot of people make it out to be.
Here is a simple example from one of my apps.
First the Javascript:
 function createRequestObject() {
    var ro;
    var browser = navigator.appName;
    if(browser == "Microsoft Internet Explorer"){
        ro = new ActiveXObject("Microsoft.XMLHTTP");
    }else{
        ro = new XMLHttpRequest();
    }
    return ro;
}
 var http = createRequestObject();
 function sndReq(action) {
    http.open('get', 'rpc.php?action='+action);
    http.onreadystatechange = handleResponse;
    http.send(null);
}
 function handleResponse() {
    if(http.readyState == 4){
        var response = http.responseText;
        var update = new Array();
 
        if(response.indexOf('|' != -1)) {
            update = response.split('|');
    document.getElementById(update[0]).innerHTML = update[1];
        }
    }
}
This creates a request object along with a send request and handleresponse function.
So to actually use it, you could include
this js in your page.  Then to make one of these backend requests
you would tie it to something.  Like an onclick event or a straight
href like this:
   [foo]
 That means that when someone clicks on that link what actually
happens is that a backend request to rpc.php?action=foo will be
sent. In rpc.php you might have something like this:
   switch($_REQUEST['action']) {
    case 'foo':
      / do something /
      echo "foo|foo done";
      break;
    ...
  }
Now, look at handleResponse.  It parses the "foo|foo done" string
and splits it on the '|' and uses whatever is before the '|' as the
dom element id in your page and the part after as the new innerHTML
of that element.  That means if you have a div tag like this in
your page:
Once you click on that link, that will dynamically be changed to:   
  foo done
That's all there is to it.  Everything else is just building on
top of this.  Replacing my simple response "id|text" syntax with
a richer XML format and makine the request much more complicated
as well.Before you blindly install large "AJAX" libraries, have a
go at rolling your own functionality so you know exactly how it
works and you only make it as complicated as you need.
Often you don't need much more than what I have shown here.
Expanding this approach a bit to send multiple parameters in the
request, for example, would be really simple.  Something like:
   function sndReqArg(action,arg) {
    http.open('get', 'rpc.php?action='+action+'&arg='+arg);
    http.onreadystatechange = handleResponse;
    http.send(null);
  }
 And your handleResponse can easily be expanded to do much more
interesting things than just replacing the contents of a div.

0 comments

Php

PHP 5 (New function list)

In PHP 5 there are some new functions. Here is the list of them:

Arrays:

  • array_combine() - Creates an array by using one array for keys and another for its values

  • array_diff_uassoc() - Computes the difference of arrays with additional index check which is performed by a user supplied callback function

  • array_udiff() - Computes the difference of arrays by using a callback function for data comparison

  • array_udiff_assoc() - Computes the difference of arrays with additional index check. The data is compared by using a callback function

  • array_udiff_uassoc() - Computes the difference of arrays with additional index check. The data is compared by using a callback function. The index check is done by a callback function also

  • array_walk_recursive() - Apply a user function recursively to every member of an array

  • array_uintersect_assoc() - Computes the intersection of arrays with additional index check. The data is compared by using a callback function

  • array_uintersect_uassoc() - Computes the intersection of arrays with additional index check. Both the data and the indexes are compared by using a callback functions

  • array_uintersect() - Computes the intersection of arrays. The data is compared by using a callback function

0 comments

Php

Subscribe to: Posts (Atom)