[phplib-users] PHP 5.2 and PHPlib
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[phplib-users] PHP 5.2 and PHPlib
|
From: Lindsay H. <fmo...@fm...> - 2008-04-11 20:12:53
|
It looks as if PHP4 is history. Distributions such as Ubuntu Linux and Gentoo Linux are discontinuing support for it, primarily for security reasons, and pushing migration to PHP5. PHP6 is in the works. I've been using PHPlib since PHP3 was the standard version. I've been going over the PHPlib code base with a view to migrating all the websites I host to PHP5, and while the PHPlib code seems to work well enough, I note that a lot of code in PHPlib dates back to PHP3, and there are numerous shortcuts and other improvements in the code base and functionality in PHP5 that would clean up the code and very possibly improve it. Has anyone looked at the following issues? * The code should assume that register_globals is off. It's a major security risk, disabled by default in recent distributions of PHP, and will be dropped altogether in PHP6. Dropping tests and conditionals in PHPLib based on the value of register_globals and making register_globals = 0 a necessary precondition for running PHPlib (it should be a necessary precondition for running PHP!) would simplify the PHPlib code. The same caveats apply to session.use_trans_sid. * $_SERVER, $_POST, $_COOKIE superglobals could be substituted for $HTTP_SERVER_VARS, $HTTP_POST_VARS, etc. and the global declarations eliminated from the code. This would clean things up a bit. * The $classname class property is a holdover from PHP3, where it was required, I believe, in order to serialize classes. My understanding is that it's no longer needed. Does it serve any function at all? Could it be dropped altogether? * Some very nice coding efficiencies are available in PHP5 by using the __autoload() function. Reorganizing PHPlib's file naming system would provide at least a hook to implement this. * Is it still necessary to have the option of storing session data in a database rather than using PHP's native session management? * Other points, questions ..... I've been doing a bit of work on session4.inc to bring it in line with PHP5, plus I'm using a PEAR MDB2 based database class which I wrote which is a workalike for PHPlib's DB class, less a few of the very seldom used methods and properties. It's been 100% OK as a drop-in replacement for PHPlib's DB class wherever I've used it. I may totally out to lunch with this, but thought I'd write this list and see if anyone else is interested. -- Lindsay Haisley | "In an open world, | PGP public key FMP Computer Services | who needs Windows | available at 512-259-1190 | or Gates" | http://pubkeys.fmp.com http://www.fmp.com | | |
