Zend Weekly Summaries Issue #218

      Comments Off on Zend Weekly Summaries Issue #218

TLK: Bit of an odd bug
TLK: php_sprintf
TLK: constant names
FIX: $host_alias check
PAT: A noisy week

TLK: Bit of an odd bug

Gareth Ardron kicked off the week with a request for a sanity check over PHP
5.0.3 behaviour:

Nicolas Bérard Nault replied, saying that this appeared to be a Zend engine
limitation to him. In ‘step two’, Gareth was literally calling a function named
clamav::scanBuffer() rather than a member function of the class

Adam Maccabee Trachtenberg referred to it as ‘a known limitation‘ and
suggested using the Reflection classes to work around it:

class foo {
    static function
bar() {
"static method!

$class = 'foo';
= 'bar';

$x = new
ReflectionMethod($class, $method);

Someone named Chris agreed that it was expected behaviour, and suggested


Jason Sweat offered another option:

eval("$result =

Gareth thanked everyone for their replies and threatened to have ‘a bit of a prod
at the internals’, explaining that he couldn’t use sophisticated options such as the
Reflection API because his code would need to be maintained by people who hadn’t yet
encountered it.

Wez Furlong asked:

$foo = new

As Jochem Mass noted, ‘hihi, that why Wez get the ‘King’ prefix and everyone doesn’t :-)

Short version: Real coders do it with PHP.

TLK: php_sprintf

Kamesh Jayachandran took the php_sprintf() declaration apart and
wrote an open letter to Derick Rethans asking him to alter the return type to
int. Derick replied fairly brusquely that it was already an
int, and Kamesh should update his source trees.

Kamesh acknowledged that he’d seen this in the 5.0.3 release rather than in CVS,
but added that the line

if (!ret)
    return -1;

is still wrong, and should be replaced by

if (ret < 0)
    return -1;

pointing out that the wrapped function, vsprintf(), returns a
negative value when an output error is encountered.

Short version: The smallest file in PHP source is due for another

TLK: constant names

Jochem Mass noticed an anomaly with constant names. He reported that
define("404_SKIP", 1); does not give an error, and you can successfully
get the value of the constant with constant("404_SKIP");, whereas
echo 404_SKIP; will throw an error. According to the PHP manual, valid
starting characters for the name of a constant should be the same as for variables;
he’d therefore expect to see the initial call to define() throw an
error, rather than allowing an illegal name.

Johannes Schlüter replied that, as it was possible to both define an illegal
constant and use constant() to get that illegal constant’s value,
altering the behaviour would be at the very least a BC break. He added, rather
mischievously, that it was possible to define reserved words too: for example,
define('echo', 42); is valid code, although echo echo;
doesn’t work.

Andi Gutmans agreed with Johannes that it was likely there was existing code
‘abusing’ the situation. He also felt that it wasn’t a big enough issue to warrant
adding unnecessary checks for validity, as this would slow down

Short version: A manual exists to show you how to do things, not
necessarily why.

FIX: $host_alias check

Brad House wrote to the internals list to report an issue with
PHP_SHLIB_SUFFIX on MacOSX. The check on $host_alias
defaulted to use the .so extension when $host_alias was empty,
which it was in his case. He sent in a patch against PHP 4.3.10 forcing
phpize to use $host_os instead, which fixed his

Jani Taskinen asked for details of Brad’s setup, pointing out that – on his
machine at least – it was impossible for $host_alias to be empty unless
it was specifically defined that way.

Brad reported back: autoconf 2.59, automake 1.9.3, libtool 1.5.10. He’d built a
clean distro on a Linux box and then sent it to his MacOSX box as a tarball, where
./configure messed up OpenSSL detection through seeking .so rather
than .dylib files. His config.log clearly showed that
$host_alias was blank.

Andrei Zmievski pulled a reality check: PHP_SHLIB_SUFFIX
should be set to .so on MacOSX. This led to a long and complicated
exchange of email, as Brad hadn’t realized that the constant was later exposed in
userland PHP. MacOSX needed SHLIB_SUFFIX to be .so for the
purpose of loading standalone extensions. Andrei, who was responsible for switching
the constant from .dylib to .so in the first place, suggested that
there should be a different constant for PHP_SETUP_OPENSSL(), which
seeks a shared library with a .dylib extension for linking.

However, Brad still felt that his patch should be applied, as
$host_alias would never be defined in the first place as things were,
meaning that the build system wouldn’t even know it was being run on MacOSX.

Jani meanwhile quietly committed a slightly better fix in CVS to ensure that
./configure couldn’t run with an empty $host_alias.

Short version: This commit quite possibly fixed
last week’s .so issue.


Coding the PHP Who’s Who [dead link]
for zend.com led to my querying Wez, as King of PECL, about the state of the EXTENSIONS
file, which I’m using as a primary data source.

We agreed that extensions that were not part of a given distribution should not
be listed there, and also that ‘the magic in-pecl-and-distro extensions (like
‘ should be listed by pointing readers to the PECL homepage for that
package, as it was more likely to be up to date. Having obtained Wez’s blessing, I
massacred the file across CVS HEAD in all branches, and also replaced everyone’s
email address with their php.net version, having found that many of those were out
of date. (We have a central databank where everyone remembers to update their
php.net alias, even though they generally forget to update their contact address in
PHP source.)

Wez applied my changes, but noted that he would like to see the EXTENSIONS and
CREDITS files auto-generated from the package.xml files, now that Hartmut
Holzgräfe has fleshed them all out. I pointed out that there was no way to know from
the package files whether an extension had been PECLized or not; Wez responded with:

I love that ‘you’.

Short version: Maintenance information will be automated at some point
soon. Honest.


Anantha Kesari, one of the Netware team, made a change to a file in ext/session,
saying in his commit message that FD_CLOEXEC would be a more standard
way to pass fcntl’s last argument than passing 1.

Derick promptly jumped on him, pointing out that not all operating systems
support FD_CLOEXEC – and also that Anantha had committed to the PHP 5_0
branch rather than HEAD.

Andi wrote suggesting that if FD_CLOEXEC was not supported, it
probably should be:

#ifndef FD_CLOEXEC
#define FD_CLOEXEC 1

Jani, coming into the conversation late, took one look at CVS commit history and
reverted Anantha’s change with the message:

Edin Kadribasic stopped laughing long enough to write in and explain to
Jani, who has after all been absent from PHP development for a while, that this had
in fact been discussed some time ago and that everyone – including the maintainer of
the session extension – had agreed that Anantha’s was the correct fix, as certain
platforms, including Netware, don’t use ‘magic’ (read: hard-coded) numbers.

Short version: Even PHP development has its funny moments.

PAT: A noisy week

Magnus Määttä sent in a patch to add Apache uptime to the phpinfo()
page for apache, apache2filter and apache2handler SAPIs, asking whether he should
commit it, throw it away, change something?‘ Jani wanted to know what its
uses were; Magnus suggested that it might be useful for checking whether a user had
restarted Apache after making changes to php.ini. Joe Orton, who does a lot
of work on those SAPIs, felt that there was no need to duplicate more of mod_status
in phpinfo(), and recommended the ‘throw it away’ option. Lester Caine
wrote in to say that he felt it would be useful when checking sites remotely, and
pointed out that mod_status doesn’t run on all systems. He’d also like to have that
check available ‘anyway’ from within PHP. No conclusion was reached.

Olivier Beyssac chased up his mail() patch from a couple of weeks ago, wondering had he done
something wrong with his submission? Paul G., who offered php.net a patch with
similar functionality some time ago, broke the bad news to Olivier, and they found
some consolation in their common ground, and the fact that a lot of shared servers
running CPanel use a similar patch to identify scripts generating unsolicited

Magnus, evidently having a spring cleaning session, repeat-mailed an elderly
patch to add posix_access() to the posix extension, now updated to
include both open_basedir and safe_mode checks. He listed
the new function’s benefits at some length, and added that it would fix bugs
#29615 and #14924. ‘Just commit it?
pleaded Jani. Magnus duly did so.

A company named August Software mailed in a very long email explaining everything
anyone could conceivably want to know about their ODBC Router, accompanied by a
patch to enable support for it within the ODBC extension. Of which, more next

Nicolas Bérard Nault sent in a modified version of his
inet_getaddrfam() patch from last
, now updated in the PAT
as it hadn’t been applied at the time of writing. He added that his
main use of it was to verify that an IP address provided by a user was genuine,
while the ‘address family’ was needed for socket functions.

Sebastian Bergmann wrote a short note and a shorter patch, redefining
zend_vspprintf() as a ZEND_API function: ‘The attached
patch is needed to compile ext/mysqli on Windows.
‘ Six hours later, he followed
this up with another short message: ‘No longer true. Thanks, Marcus.

Short version: A lot of traffic, but only updates for the PAT directory.