Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:107484 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 28600 invoked from network); 11 Oct 2019 00:21:18 -0000 Received: from unknown (HELO php-smtp3.php.net) (208.43.231.12) by pb1.pair.com with SMTP; 11 Oct 2019 00:21:18 -0000 Received: from php-smtp3.php.net (localhost [127.0.0.1]) by php-smtp3.php.net (Postfix) with ESMTP id DDD772D202E for ; Thu, 10 Oct 2019 15:04:17 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp3.php.net X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS3215 2.6.0.0/16 X-Spam-Virus: No Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by php-smtp3.php.net (Postfix) with ESMTPS for ; Thu, 10 Oct 2019 15:04:17 -0700 (PDT) Received: by mail-io1-xd36.google.com with SMTP id c25so17139257iot.12 for ; Thu, 10 Oct 2019 15:04:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7rRjcrPkGkvRthjIoQUHO7wqlFgwzivnNE+do2u9JhM=; b=bbk5y61Pk1IYsj43ZQQDN8XCkA0FpcwyDWZTcFRwJXP8XXHPvJalPROqvqWKufwke3 yN5wDrD1P5JS+qqfOLjX/j/lhxSskRjjhob6fmADBqMrM6n125IoGgpa2YdRpDD5itmv aaWA2j1nbdphArILi8jcaN5NTMR+M/PftMjUCvb5Omp3bIrJCWEb1xZ2BonIoImoy35S DVxO7WNbF6Fp8oK5oGn6xsmnjSWDm+M/i9ZA7sSJBlRdEUFDcluFBrZRtwDjeVyuaGvA r1UJxoyCVOIyuaLfdR7YHt7QRe3qBBRI9mt4WaVh4HOo6sgs71NKDvKvuvvSUFvxzOj6 AY/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7rRjcrPkGkvRthjIoQUHO7wqlFgwzivnNE+do2u9JhM=; b=cjR1kV9wqk7fH7kqWHctH4S08fQIkPsSBsCbb8LF+JErbSzL/Hg/qPk2nZpG/qeIyb Z4aMzHMneupejfl2HsjVBy7KS7Q9UGf3rPJpx2DlWzIz7YZcvDtC5g1XLPEe1q0gplYM 5QSwxkLDEtOo9q4ribHwMuFl5EJ4LtCMBARJ0dGX5VzsRPinJu0JQe9YFaFeAhFbyelV KwfpU/0cW7hs62aKfqLgugDGljDIGr7VZ5St7GevrlGibdCm4ref0sYOICqBuvQiDD27 gtDhFwWQpy8tFREe0qU9ChdqHQ3Z7aTH40VDaB3QOqqLbIbG/zhpxavzItJEYoIGYZUP T/Nw== X-Gm-Message-State: APjAAAWJPmYMGKCAV5xaVmpDKP2zd+yfxWu4k2eweqVfd5dFosxvoEDy IfeD4O5WxDC2d0/7QNDguWsvCj/ZNqhQwwsq+wM= X-Google-Smtp-Source: APXvYqxsmr1UFDnAfqOH8LkGWDmeZhmcJQVUbltZFM9dTj28nqPQSf9JvKvmJ22syyJdtIXbbP+hreQQ/gN0cDwFadc= X-Received: by 2002:a02:c041:: with SMTP id u1mr13719575jam.69.1570745056240; Thu, 10 Oct 2019 15:04:16 -0700 (PDT) MIME-Version: 1.0 References: <5d976928.1c69fb81.db3a8.78daSMTPIN_ADDED_MISSING@mx.google.com> <82012CD7-088D-4010-922E-AD54186AE37A@newclarity.net> <67A49D41-A65F-4C07-82B2-1C19F17B2200@newclarity.net> <826c5050-6f7b-33c8-d856-60996b6210f3@gmail.com> <5d9f941f.1c69fb81.ea3aa.d7d6SMTPIN_ADDED_MISSING@mx.google.com> In-Reply-To: <5d9f941f.1c69fb81.ea3aa.d7d6SMTPIN_ADDED_MISSING@mx.google.com> Date: Thu, 10 Oct 2019 15:04:07 -0700 Message-ID: To: Mark Randall Cc: PHP Internals Content-Type: multipart/alternative; boundary="0000000000001c298c0594959593" X-Envelope-From: Subject: Re: [PHP-DEV] Internals "camps" From: walterp@gmail.com (Walter Parker) --0000000000001c298c0594959593 Content-Type: text/plain; charset="UTF-8" On Thu, Oct 10, 2019 at 1:27 PM Mark Randall wrote: > On 10/10/2019 20:59, Walter Parker wrote: > > They will either be stuck on an old version of PHP or have to pay to > update the code. > > If you're getting stuck on a island after being given 4 or 5 years > warning that the bridge to it will be closed, after being pointed to the > ferry, given free tickets to that ferry, and being told it will continue > to run long after, that's your own fault. > > > Ok, that's something I had not realized, you and the other supports of this RFC are offering to fix other people's PHP code for free. Given that, I have far few objections to this RFC. That is what free tickets on the ferry means... > > This pushes the > > costs on them to solve a an existing issue that 20 years after it was > > created and is now an issue because a new generation of coders, unaware > of > > history, find the existing syntax not to there taste/a poor design. > > > History does not mean it was a good idea at the time, and even if it > was, that doesn't mean it's a good idea now. Times move on. Your > argument could easily be reversed... > > Personal opinion. > An old generation of coders, stuck in their ways, inflexible, preferring > what they know rather than changing with the times for the greater good. > > Personal opinion and maybe an insult. > > > Why are > > we giving priority to people that haven't taken the time to educate > > themselves over people that did and used programming style that used to > > common? > > > We're assuming that in a general purpose programming languages, most > programmers expect a function call to look like a function call, and not > a string. > > Still looks like another opinion, but I can see where people get confused. You don't know the number of times I say backslash and people type / instead of \. Personally I think using \ for namespaces in PHP was a horrible idea. Why did PHP use the character that almost all modern langues use for escape as a name separator. I know they used it because it was the best of the bad items available. > We're assuming that people don't just go from never having touched PHP, > to expert level, knowing all its quirks and secrets, within a few hours. > > We're assuming that there's a heck of a lot more to stewardship of the > language than backwards compatibility. > > > > So let's look at it from the perspective of what we can do... > > We can either a) Find a way to reach out to every PHP programmer in the > world and let them know that there's these special operators that look > like a string, but actually aren't, and they do something that can be > really dangerous, and they'll probably never see it but god help them if > it's there and they miss it. > > or > > b) We add one line of code and warn people that we're eventually going > to remove a rarely used and poorly understood syntax, and people should > at some point in the next 4 or 5 migrate to the much more obvious > shell_exec. > > Still mostly personal opinion here. You have still not bought any facts or research other than your personal opinion and research that I assume you did with your local working group. > By writing the RFC, it's pretty obvious which one I think is the best > and most realistic course of action. > > That much is clear. What is not clear is how much that opinion is shared with the average programmer with a few years of experience. Most coding syntax is poorly understood by the beginning programmer. For the beginning programmer, I think $username = `whoami` and $username = shell_exec("whoami") would be equally confusing because you would have explain what a shell was, what exec was, maybe even what a function was. For backtick, you would tell them if you want the output from a command you run on the command line, enclose the command in backticks (they look like this `) and it will give you that value. In the PHP documentation for shell_exec, it links to backtick. The backtick documentation linkes to shell_exec. If this truly is the problem that you say it is, there should be plenty of documentation online as to the issues that it has cause. Maybe you could post some of the better cases (as the the responsibility of the person suggesting the change to provide evidence that the change is a good idea). > Mark Randall > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis --0000000000001c298c0594959593--