Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:108433
Return-Path: <mike@newclarity.net>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 37121 invoked from network); 10 Feb 2020 05:56:33 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 10 Feb 2020 05:56:33 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 847E31804F4
	for <internals@lists.php.net>; Sun,  9 Feb 2020 20:10:06 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
	SPF_HELO_NONE,SPF_NONE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <mike@newclarity.net>
Received: from mail-yw1-f43.google.com (mail-yw1-f43.google.com [209.85.161.43])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun,  9 Feb 2020 20:10:05 -0800 (PST)
Received: by mail-yw1-f43.google.com with SMTP id i190so2902581ywc.2
        for <internals@lists.php.net>; Sun, 09 Feb 2020 20:10:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=newclarity-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=2+SnCGMQU4D+hKDLSBWxVlNPrkqMmN1QpBV4jqXniX4=;
        b=h6lIoEvqd+a7uqY20RnRCccqiZxufngNASqRhz51COZG36+NR8UDMDy7S/odOALF5x
         aIbo3OehK4tgjL5Lkc5iC2RxL2dOkXWljf7BZBgHXket/+INOfEqtx8LRbu/LiDJrU8k
         Y5M+ulBWxV+/qbE3wG1QtexoN18649/JNhNWT/SEeMwIUCk/TGI16UqByKUcda2RgSZS
         UnabD4cA34DhLKVyKLQSN9araYJbY1RUI3QjPTShMSCkTnW4o44HTsGLEp70i2ag6k+l
         UV4Mzg3FHv+7zmDPzCtaUTtM6/lBwfOkPVinjTS6ZM3QJmTGNUIRLWWSso7Mu3TBADO1
         M4wA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=2+SnCGMQU4D+hKDLSBWxVlNPrkqMmN1QpBV4jqXniX4=;
        b=X3Et5bgRFyBEERvLxugjNmspt2bq5nZXprfX1M0QVRP/EsSkhMF29nLIYEzGYHIuxt
         t9ixiXtWq/5+kuGSRsF+QiFijdrguFuuy3GQd4RgLocNSY+6Dw3G7nlgGQep8I4V2YbC
         IMqoSvBq0dNKUqUL0U8fDoDI1FU8T9F88O3lnsxa4QrdiJWFHsx5iXSnbI+7fUReN7YT
         VPBb02r/hPpODDFGLErJwmAsPgGgKJY3OvM2MUI7opboS34erc44+45TWPoDq1uMmC8U
         lXIA2i4AJ538SSV/IGIdWR9Hy+2LDNj9vgcGoCB/nRNGI1gus+wTOSXmZB9zAbW/1t+X
         BcSg==
X-Gm-Message-State: APjAAAXHhrcSta1E+mgUQAgFOy7Ktp3/zKgrA7iwxkoDZ6K1USFY8bAk
	o/RSIKGPXjawxoJKCwkTCJuWgA==
X-Google-Smtp-Source: APXvYqwDD6xlZOP9noARLaC3D07NMXl0rgxsh5AcCqaJ5/8wveXNuFl0zeM+MowVmXO89D8o5miU8A==
X-Received: by 2002:a81:7a52:: with SMTP id v79mr9906944ywc.474.1581307802102;
        Sun, 09 Feb 2020 20:10:02 -0800 (PST)
Received: from ?IPv6:2601:c0:c680:5cc0:3433:f236:94ed:3c12? ([2601:c0:c680:5cc0:3433:f236:94ed:3c12])
        by smtp.gmail.com with ESMTPSA id l202sm2673065ywb.89.2020.02.09.20.10.01
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 09 Feb 2020 20:10:01 -0800 (PST)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
In-Reply-To: <DM5PR07MB3067CC4C8C4C803367091325F91E0@DM5PR07MB3067.namprd07.prod.outlook.com>
Date: Sun, 9 Feb 2020 23:10:00 -0500
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Transfer-Encoding: quoted-printable
Message-ID: <091D966F-13B4-4E49-B882-80D852AD795A@newclarity.net>
References: <DM5PR07MB30676BB61C723F999C6C4B40F91E0@DM5PR07MB3067.namprd07.prod.outlook.com>
 <9C0A5E79-6925-43B4-84C6-A2DA007A9F1A@newclarity.net>
 <DM5PR07MB3067CC4C8C4C803367091325F91E0@DM5PR07MB3067.namprd07.prod.outlook.com>
To: tyson andre <tysonandre775@hotmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Subject: Re: [PHP-DEV] [RFC] Allow calls to global functions in constant
 expressions
From: mike@newclarity.net (Mike Schinkel)

> On Feb 9, 2020, at 8:34 PM, tyson andre <tysonandre775@hotmail.com> =
wrote:
>=20
>> 1. Why again are MyClass::methodName() not considered for the =
non-whitelist vote?=20
>>=20
>> Seems to me a developer would be more inclined to implement the =
expressions that define the class constant's value in a method of the =
class than in an external function.
>=20
> My reasons for doing this were to keep the scope small and easy to =
implement,
> and work on an RFC for methods immediately after if the vote for =
allowing arbitrary functions passed.
>=20
> The other concern was the edge case `static::method_name()` in class =
constants,
> but `call_user_func(['static', 'method_name'])` or =
`array_map('static::method_name', VALS)`
> causes the same issues.
>=20
> This leads me to a blocker I've discovered with this implementation =
calling without a whitelist:
> The way PHP resolves the scope is to look for the closest closure or =
user-defined function,
> then to extract the class of that function. (in =
zend_get_executed_scope).
> I thought the scope would work because `const X =3D self::Y` works,
> but it turns out ZEND_AST_CLASS_CONST is special cased in AST =
evaluation.
> My current ideas for fixing this (for class constants and property =
defaults):
> (Parameter defaults, static variables, and global constants should =
already have reasonable scopes)
>=20
> 1. Wrap all of the calls the engine is making in a byte copy of =
call_user_func, but with the property `zend_class_entry *scope` set, so =
that zend_get_executed_scope will see that frame's scope and use it =
instead of the caller's scope.
> 2. Add a fake stack frame that acts as if an extra closure (bound to =
the declaring class's scope) was being evaluated.
> 3. Add a brand new function.
>=20
> If I don't do that, then constant/property evaluation uses the scope =
of the caller, not the class
>=20
> ```
> class MyClass {
>    public static function example() {}
>    const X =3D call_user_func('self::example');
> }
> // this throws in the current implementation
> // due to no active class scope, and that's a bug
> echo MyClass::X;=20
> ```
>=20
> If I (or anyone else) can't figure out how to implement the fix, or =
the fix has issues,
> I might remove the secondary vote from the RFC and just vote on the =
whitelist,
> which excluded functions accepting callables.
> If anyone comes up with a working implementation for a fix (including =
exception handling),
> I'd like to know.
>=20

Thanks for the reply.

>> 2. Do we really want to add a standard library function 53 characters =
long?=20
>>=20
>> Can we not come up with a more concise name than =
get_defined_functions_allowed_in_constant_expressions(), like maybe =
get_const_expr_funcs() or get_const_expressions()?
>=20
> I was planning to change it if I thought of a better name.
> For get_const_expr_funcs(), I'd think it would be important to be =
consistent about
> naming in the standard library.
> `get_const_expr_functions()` would work, though.

Oh, okay.  But don't you think the 'consistent naming in PHP' ship =
sailed eons ago?!?

(Sorry, I just could not resist!  :-)

-Mike