Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:45378 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 97947 invoked from network); 25 Aug 2009 00:39:56 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 25 Aug 2009 00:39:56 -0000 Authentication-Results: pb1.pair.com smtp.mail=tjerk.meesters@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=tjerk.meesters@gmail.com; sender-id=pass; domainkeys=bad Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.92.25 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: tjerk.meesters@gmail.com X-Host-Fingerprint: 74.125.92.25 qw-out-2122.google.com Received: from [74.125.92.25] ([74.125.92.25:55008] helo=qw-out-2122.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id CB/C2-03363-CD2339A4 for ; Mon, 24 Aug 2009 20:39:56 -0400 Received: by qw-out-2122.google.com with SMTP id 5so1531144qwi.59 for ; Mon, 24 Aug 2009 17:39:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=SirZyOE86fe+D1Oi5wwYMdgRZiEj5IOJ2vsVxhilHwI=; b=EYxZ4nkHnD2x+scHBgYss+gesFAtfcyehD6RCzAEMW2bm7uz26hlM3Cu918swKPsCe JoL5lOR/OWvCRYmjgNWp4kErji3O79yZHrFuDTZicjIMZizWBX/OAllzahOAjuS3GqMN XQ5fvIrYxla9PmVvhBm1C5h3CpCNhXH1wXBow= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=mgqS+uWUlxgVMWXn6PLKj4DucX5lermA/iVMti5jdHyiPgAiSuhiFRvDIJit0I72Lk MqgM/kuznTIv4zOP5QTo8TCLlSp+A5YPAi2Z4gzNHLCN66ahDpXvjTKou2Ym2s/czkR0 FlGkvav6ibnVxE+sHJ7imrlqOGWB2D6asFefc= MIME-Version: 1.0 Sender: tjerk.meesters@gmail.com Received: by 10.224.121.129 with SMTP id h1mr3439977qar.55.1251160793754; Mon, 24 Aug 2009 17:39:53 -0700 (PDT) In-Reply-To: <4A932ABA.4090006@zend.com> References: <4A92D936.2010107@zend.com> <4A931A1C.804@chiaraquartet.net> <3EB779A6-0584-4368-B290-8026DEB960D3@pooteeweet.org> <4A932ABA.4090006@zend.com> Date: Tue, 25 Aug 2009 08:39:53 +0800 X-Google-Sender-Auth: 59468b2855b8ce30 Message-ID: To: Stanislav Malyshev , Lukas Kahwe Smith , Greg Beaver , PHP Internals Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] [patch] error masks From: datibbaw@php.net (Tjerk Anne Meesters) Hi, Expanding on this. In a typical project I always try to make my own code very clean by letting it run on a staging environment with all error reporting enabled for a while before living it; so keeping the error_reporting enabled on the live server (and sending a daily log of caught errors) would actually be helpful to me. However, when it comes to external libraries, I hate to do clean-up work there because it makes it harder to upgrade etc. With that in mind, I'd like to be able to muffle any errors from those. Likelihood is that those would cause errors in the main code anyway. Not sure how it would work, technically, but I was thinking it'd be nice to extend require*() and include*(). ;-) On 8/25/09, Stanislav Malyshev wrote: > Hi! > >> Stats "@fopen()" example is perfect here, so lets say we do add this >> feature and people simply turn of error's entirely so that they can >> instead write "fopen()", they feel all good about themselves, since they >> handle the error locally and get a magical speed boost (noticeable or >> not) .. all the while they are ignoring all sorts of E_NOTICES that >> would indicate them that they have some serious security issues. > > Actually, my point was that even if you write that code "right", only > thing you achieve is slow code. It would still not be robust, unless you > create if() and custom error handler for every imaginable error, it's > still not more secure (since all the security works on stream level and > applies to both is_readable and fopen anyway), summarily it's not better > in any way but by giving you this nice feeling you "invested into nicer > code". Which is totally imaginary since your code has virtually no > difference from the old one except being slower. And all this because of > @-phobia :) > >> Again, I am all for being able to totally ignore E_STRICT/E_DEPRECATED >> in production .. but there is a time for fixing E_NOTICES .. and that >> time is always! > > If you think it is (and note it's not the law of the universe - I could > think about dozens of use cases where E_NOTICE is useless and you *know* > you don't want it) - go ahead and set you error mask to include > E_NOTICE, there's nothing easier. It's not like anybody is advocating > there should be only one error mask. On the contrary, I advocate > flexible approach where everybody can choose the mask that fits his > particular use case. > -- > Stanislav Malyshev, Zend Software Architect > stas@zend.com http://www.zend.com/ > (408)253-8829 MSN: stas@zend.com > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > -- -- Tjerk