Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:59843 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 68315 invoked from network); 13 Apr 2012 01:55:06 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 13 Apr 2012 01:55:06 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.170 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.160.170 mail-gy0-f170.google.com Received: from [209.85.160.170] ([209.85.160.170:50604] helo=mail-gy0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id AD/63-00290-977878F4 for ; Thu, 12 Apr 2012 21:55:05 -0400 Received: by ghbg2 with SMTP id g2so1630603ghb.29 for ; Thu, 12 Apr 2012 18:55:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=PQG8Zh3HoaPWgZsLPIsWhZQdfRGNAW/XwvczIuHBVB8=; b=ZtmSMfu7XYZOQTYUJHquFblap555uM6a35G1w8H8tamYB8QLdSMtB5Nkued1azPH2L bjwek1tW8uCY19xIizGHh0T9nppX6zzKr6Nb0vb1MYz1BZF4gME7jUiK/fTC1yXumTVB Ci1HuAE1wm8EH3Tmn2h6K+NWwp+SuCVjVn3JbuwXI75L66I7nYmbeqZv/RAjjBZN8/BT AJ8yrs3pXKC7q/uDcewJr3aQ6XXE1BU1EU0to/h5CeXnHaPP+Xop678QcnIOwJP5mFlP 6o7uah5cU0U4o3sbeKl8+JDmc7rjV2EB+bIymZ7sGYSWYVKU7HfBBt91zeu3s2FEe8wq SMQw== Received: by 10.236.170.198 with SMTP id p46mr141615yhl.63.1334282102961; Thu, 12 Apr 2012 18:55:02 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.146.86.14 with HTTP; Thu, 12 Apr 2012 18:54:22 -0700 (PDT) In-Reply-To: <4F87799D.4060601@sugarcrm.com> References: <4F8539E0.1090701@sugarcrm.com> <4F859063.1010401@lerdorf.com> <4F862AAC.90003@lerdorf.com> <4F86761A.9010801@lsces.co.uk> <4F876E36.1020400@gmail.com> <4F87799D.4060601@sugarcrm.com> Date: Fri, 13 Apr 2012 10:54:22 +0900 X-Google-Sender-Auth: TDVBP2bgMDkx3KCD7-xuYsomuEc Message-ID: To: Stas Malyshev Cc: PHP internals Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] Re: Disabling PHP tags by php.ini and CLI options From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi, 2012/4/13 Stas Malyshev : > Hi! > >> If I exclude current code, then introducing script only include will be >> preferred one. I preferred dedicated statement for it though. >> >> include >> include_once >> require >> require_once >> script >> script_once > > I have a thought here. To implement script/script_once you don't need it > to be a language construct. A function would do just as fine. Why not > make an extension having these two functions, put it on PECL and see if > people will be using it? > For extreme adopters, you could even make php.ini switch that overrides > include/require and redirects them to your script functions. Shouldn't > be impossible to do, I think. Good idea. I think it's possible as a Zend engine module. It may be possible as normal module if compiler hook can be used. I guess it is now. It provides optional security by accident. (Someone called LFI syntax error an accident and I like it) I wish the other RFC author implement this. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net