summaryrefslogtreecommitdiff
path: root/TODO-PHP5
blob: c21671faa4fb889c8164da00b8b0d2ca34dd55d7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
Component:      Zend Engine 2

                Important stuff to finish: PPP members/PPP methods, 
                support of overloaded extensions, possibly differentiate 
                between class and namespace as discussed with Stig in 
                Germany.
Responsibility: Zeev, Andi, Stas
Time frame:     Couple of months for first part and extensions will be
                ongoing while PHP is being fixed.
                Things to leave for later versions: Native aggregation
                support, accessing static members via object and not class.


Component:      Aggregation
Responsibility: Andi, Stig?
Time frame:     ?


Component:      Redesign of API Versioning
Responsibility: ?
Time frame:     1 month


Component:      Thread Safety
                Identify the extensions that are not thread safe by design 
                or due to dependant libraries and identify them as such. 
                If possible try to resolve thread safety issue via code 
                improvements (if php code or patches will be accepted by 
                library maintainers).   For situations where thread safety 
                cannot easily be acheived a flag in the extension API is 
                set so PHP can identify non-thread safe extensions.  These 
                extensions will not be loaded in a ZTS compiled binary 
                (unless it is cli/cgi).

Responsibility: ?
Time frame:     ?


Component:      SAPI
                Environment variables defined in the CGI spec need to be 
                verified in each SAPI module that they conform to the CGI 
                spec correctly.  If they do not, the SAPI module needs to 
                fix the variable prior to script execution.  Having this 
                conformity will aid in having PHP scripts run correctly 
                under different sapi modules.

Responsibility: Shane Caraveo & each sapi module owner
Timeframe:      ? (but shouldn't be much effort, most modules are probably ok)


Component:      Input Filtering
                - Implement a SAPI input filter hook that will get called
                  just before registering a variable in the 
                  treat_data/post_handler hooks.  (done)
                - Make sure this is also done in mbstring  (done)
                - Provide access functions, or perhaps a new 
                  $_RAW_GET/POST/Cookie set of superglobals to get at the
                  unfiltered data
                - Provide a .ini directive which allows people to set their
                  input filter to one of the built-in strip_tags,
                  htmlspecialchars or whatever other internal function might
                  be useful here.
                - (The main benefit of this is to make it easier for people
                   to solve the XSS problem once and for all without having
                   to go through every line of their code and adding input
                   validation/filtering everywhere)
Responsibility: Rasmus
Timeframe:      Yesterday


Component:      RPC Abstraction Layer
                Porting java, com, dotnet, xmlrpc, corba, soap and python, srm
                (are there more ?) to work with the new oo api and preferably
                by using ext/rpc.
Responsibility: Harald
Time frame:     2 months (but i have to wait for a few engine features first)


Component:      OO Extensions
                Each OO extension has to be revised and rewritten to fit into
                the new OO model. We should decide which extensions are a must
                to have for the release and which can be ported by the maintainer
                later as a separate pecl release.
                A list of extensions to be extended that have to be investigated:
                  * browscap
                  * aggregate
                  * all *sql extensions (*_fetch_object)
                  * domxml (seems like christian is rewriting it anyways)
                  * ming
Responsibility: Harald (, extension maintainers)


Component:      Abstract Data Types (ADT)
Responsibility: Sterling, Harald
Time frame:     ?


Component:      Test Suite
                Extending the test suite with atleast a test for every
                function in an extension that doesn't require external
                resources. Also developing an automated test thing which
                cvs ups's, compiles and tests the build on a daily base on
                as much platforms/extensions as possible.

                The test suite will also be extended to support threaded
                testing and testing for differing sapi modules (via http
                calls or other methods).
Reponsibility:  Derick (, extension maintainers)
Time frame:     3 months