array_diff breaks Exception catching when passing two arrays containing an item that can't be cast to string  lolphp

2 years ago | 8 comments | 3v4l.org | Score: 31 Reddit

Latest Comment

The handling of Exceptions and Errors (Throwables) with internal functions is a bit of a tricky issue, because basically we can't just unwind the C stack to handle them, so they only get handled if we include some kind of check for them. Thus this kind of issue.

There's no easy solution, unfortunately. If PHP was written in C++, maybe it could use its exception handling, but that'd be its own kettle of fish.


2 years ago


Good Tutorials  lolphp

2 years ago | 1 comment | self.lolphp | Score: 1 Reddit

Latest Comment

Wrong place to ask. We just make fun of PHP.


2 years ago


All months have 31 days.  lolphp

2 years ago | 18 comments | self.lolphp | Score: 88 Reddit

Latest Comment

What's also interesting is that the difference between the sixth and eight month is calculated correctly.

(2 months) https://3v4l.org/GQB4O

Also it says that the difference is 30 days and not something like 29 days and 23 hours.

That's why I don't think that daylight savings or timezone differences are to blame for this.


2 years ago


A Comic About PHP Good Parts  lolphp

2 years ago | 4 comments | turnoff.us | Score: 10 Reddit

Latest Comment

From physics comes chemistry.

From chemistry life.

And all from the mind of god.

But PHP is his cruel absence.


2 years ago


<CLASSNAME>::class, is valid for any identifier  lolphp

2 years ago | 31 comments | self.lolphp | Score: 46 Reddit

Latest Comment

No.


2 years ago


Upcoming changes to phpunit's command line syntax  lolphp

3 years ago | 13 comments | github.com | Score: 16 Reddit

Latest Comment

Not exactly a lolphp, but a good one nonetheless! :D


2 years ago


Major update  lolphp

3 years ago | 3 comments | reddit.com | Score: Reddit

Latest Comment

The real lolphp is that you're not even qualified to post to /r/lolphp.


3 years ago


get_current_user() doesn't return the current user but the owner of the current PHP script  lolphp

3 years ago | 20 comments | secure.php.net | Score: 99 Reddit

Latest Comment

Using PHP 5.1.1 running as CGI with IIS 5.0 on Windows NT, get_current_user() returns the owner of the process running the script, not the owner of the script itself.

But wait, there's more!


3 years ago


Why is this allowed? (Inverse inheritance)  lolphp

3 years ago | 29 comments | 3v4l.org | Score: 24 Reddit

Latest Comment

The reason for this is that if you have

abstract class A {
  protected abstract protected function bar();

  public function foo() {
    echo $this->bar();
  }
}

class B extends A {
  protected function bar() { return 'Hello'; }
}

(new B())->foo();

it should work. A can require or allow subclasses to override methods without exposing them outside the class hierarchy by marking them as protected, but a consequence of that is that A must be able to call protected methods in subclasses.

In reality protected visibility doesn't guarantee much if anything, since anybody can call your protected method by making their class extend yours (or routing the call through a static method in a dummy class that extends yours). It's somewhat of a broken feature, and it can't work properly without a concept of package visibility which doesn't exist, so I wouldn't worry too much about it.


3 years ago


"My PHP code is not secure and I need help" [...] "Which one of you guys committed an SQL injection on my site?"  lolphp

3 years ago | 2 comments | reddit.com | Score: 4 Reddit

Latest Comment

Kinda sad that some people are so dedicated to hating php. Get a life.


3 years ago


[Contest] Win up to $250 for your PHP Apps/Scripts  lolphp

3 years ago | 1 comment | alkanyx.com | Score: Reddit

Latest Comment

@Kelketek, @duskwuff

Our platform is still quite young so there won't be that much submissions === pretty big chances to win.

Also, you don't need to "write" a "high quality" for us, but if you do that, I can guarantee that you will be paid ;)

The main idea behind this, is that you should post already written apps and scripts.


3 years ago


DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities  lolphp

3 years ago | 2 comments | seclists.org | Score: 4 Reddit

Latest Comment

Kinda lolphp in demonstrating for the eleventy-hojillionth time why the built-in variables in PHP like $_SERVER are never ever EVER to be trusted without fixing them up first, because surprise surprise, interpolation does no XSS escaping. That's why modern PHP code typically uses some kind of real template system or other page generator, not just raw .php files.

We could point and laugh at the half-assed server interface in the PHP core language with its woeful design from the 90's, but what's really baffling is why Google of all outfits would be publishing such slapdash code in the first place.


3 years ago


Pooh Separeted Value  lolphp

3 years ago | 7 comments | self.lolphp | Score: 30 Reddit

Latest Comment

If you drastically change the meaning of an existing argument overnight then, yes, why wouldn't that be a bug?


2 years ago


PHP Best Practices  lolphp

3 years ago | comments | imgur.com | Score: 6 Reddit


numeric keys can be confusing  lolphp

3 years ago | 2 comments | 3v4l.org | Score: 26 Reddit


be careful where you put implementing classes  lolphp

3 years ago | 18 comments | 3v4l.org | Score: 44 Reddit

Latest Comment

I'm not seeing this, as written, as a LOL. You're using a class before defining it, by rights that should be an error.

It's arguable that the "new C1()" line should also fail - having an unknown class default to being an empty one seems pointless, but that's apparently not what's vexing the submitter (or I'm misunderstanding, in which case I apologize.)

If you tried to do something similar in C, say, used a function before defining it, then there's a good chance the compiler would complain too, especially if the function returns something other than int.

Defaults are not bad per-se, especially if they'll never break anything. The behavior "If someone uses a class that's not defined, go along with it unless we later find out the structure of the class actually matters" is, well, fine, it's not going to cause unexpected behavior.


3 years ago


Write a Reusable Update Query in PHP  lolphp

3 years ago | 6 comments | stackoverflow.com | Score: Reddit

Latest Comment

More /r/badcode than lolphp


3 years ago


ob_clean resets some headers when the output is buffered  lolphp

3 years ago | 3 comments | stackoverflow.com | Score: 20 Reddit

Latest Comment

gzipping the output in PHP alone is pretty lolphpusers too considering every web server out there will do it transparently. Using ob for whole page stuff is asking for trouble.


3 years ago


Date conversion fails on certain dates  lolphp

3 years ago | 12 comments | stackoverflow.com | Score: 30 Reddit

Latest Comment

But it's documented behavior!1!


3 years ago


1...1 is 10.1  lolphp

3 years ago | 8 comments | 3v4l.org | Score: 130 Reddit

Latest Comment

best /r/lolphp in a while


3 years ago


Prototype says it returns an int, doc says it returns nothing, code returns a bool.  lolphp

3 years ago | 11 comments | self.lolphp | Score: 77 Reddit

Latest Comment

Is there a PR to the docs? Probably spent more time writing this post than it would be to make a PR to fix it.


3 years ago


is this a bug or expected behaviour for substr  lolphp

3 years ago | 2 comments | 3v4l.org | Score: 18 Reddit

Latest Comment

Although it remains strange, this is documented behavior:


3 years ago


Checking whether files exist outside open_basedir  lolphp

3 years ago | 2 comments | sjoerdlangkemper.nl | Score: 15 Reddit

Latest Comment

The real lolphp here is that the code in PHP that attempts to make it be 'secure' within a shared environment hasn't been removed yet.

Although shared hosting was kind of a reasonable thing to do, up until the early 2000's. However VPS servers are so cheap these days, or isolation can be performed at the OS level, that anyone who is still using shared hosting needs their head examining.


3 years ago


Having bare URLs in code doesn't give a compile error  lolphp

3 years ago | 10 comments | 3v4l.org | Score: Reddit


Setting CURLOPT_SSL_VERIFYHOST to true actually disables validation  lolphp

3 years ago | 3 comments | self.lolphp | Score: 41 Reddit


Substituting variables in error messages...  lolphp

3 years ago | 20 comments | self.lolphp | Score: 25 Reddit

Latest Comment

why the frawk can't your host provider run both 7.x and 5.6 at the same time? that's what i do... 5.6 is security supported until 31 December 2018 (a month after 7.0 is EOL), and its no problem to have both 5.6-fpm and 7.x-fpm running on the same machine on 2 different sockets, or 2 different ports, side-by-side (there are annoyances tho, for example, 5.6 needs some patching to compile on bison 3x, i opted to compile it on bison 2.7, while compiling 7.0 on bison 3.0.4.. there was more too)


3 years ago


Do you understand what's the purpose of this?  lolphp

3 years ago | 21 comments | php.net | Score: Reddit

Latest Comment

Returns the function result, or FALSE on error.

But what if function can return FALSE? Is there any method to distinguish FALSE return value from error?


3 years ago


Trying to override a standard class? Good luck with default parameters.  lolphp

3 years ago | 3 comments | self.lolphp | Score: 14 Reddit

Latest Comment

This works fine:

class Database extends \PDO {
  public function prepare($statement, $driver_options = array()) {
    foreach ($this->tablePrefixes as $prefix => $replacement) {
      $statement = str_replace($prefix, $replacement, $statement);
    }
    return parent::prepare($statement, $driver_options);
  }
}

The error was about the type hint. PDO::prepare() isn't declared with type hints, so they effectively take mixed, so you have to be prepared to accept mixed as well. The method signatures in the docs are unrelated to the method signatures used in class hierarchy checks.


3 years ago


PHP is finally getting closures!  lolphp

3 years ago | 36 comments | self.lolphp | Score: 18 Reddit

Latest Comment

will not be possible with PHP

$a=array(0, 1, 2, 3, 4, 5, 6, 7);$removed=0;$limit=7;$a=array_filter($a,function($v)use(&$removed,$limit){ return ($removed+=$v)>$limit;});var_dump($a,$removed);

seems to work fine since 5.3


3 years ago


The greatest PHP mystery ever existed  lolphp

3 years ago | 6 comments | self.lolphp | Score: 43 Reddit

Latest Comment

told you, nobody knows. reminds me of js' void, which has a purpose, but it is stupid.

void function named(v){ console.log(v); if(v < 5) named(++v); }(0);

(function named(v){ console.log(v); if(v < 5) named(++v); })(0);

i.e. basically an alternative to parentheses


3 years ago


Lol  lolphp

3 years ago | comments | self.lolphp | Score: Reddit


mustard and...  lolphp

3 years ago | 4 comments | twitter.com | Score: 56 Reddit

Latest Comment

Aserejeeeee.

Saw it too, started doing the dance.


2 years ago


[not my discovery] Access a "private" property by casting an object into an array  lolphp

3 years ago | 10 comments | 3v4l.org | Score: 33 Reddit

Latest Comment

As a couple of others have said, nothing to do with security. Reflection can give you all the information you ever need about a class, not just casting to an array.


3 years ago


The docs for array_search tell you to use array_keys to return &gt;1 matching key. I never knew about search_value  lolphp

3 years ago | comments | php.net | Score: 9 Reddit


Beware of PHP7 left-to-right parsing  lolphp

3 years ago | 6 comments | self.lolphp | Score: Reddit

Latest Comment

https://wiki.php.net/rfc/uniform_variable_syntax

The fact that it took so long to fix this is the real lolphp.


3 years ago


Lol  lolphp

3 years ago | comments | self.lolphp | Score: 1 Reddit


Yeat  lolphp

3 years ago | comments | self.lolphp | Score: Reddit


site:php.net intext:historical reasons  lolphp

3 years ago | 43 comments | google.com | Score: 90 Reddit

Latest Comment

I suggest to change every occurrence to "prehistorical" /me prepares commit


3 years ago


Attention! Microtime accidentally supported. Please upgrade to Patience 4.3.1  lolphp

3 years ago | 3 comments | self.lolphp | Score: 19 Reddit

Latest Comment

So apparently support was dropped accidentally due to a bug in 7.1.3. Will come back in 7.1.4... hopefully! :P

If your code is crap like mine is, with microtime support you will have some comparisons broken, i.e. when you assumed that microtime would be always set to zero.


3 years ago


Strange return value of datefmt_parse. Can somebody explain why?  lolphp

3 years ago | 4 comments | self.lolphp | Score: 14 Reddit

Latest Comment

That is weird -- I would have expected the 0th of Nullary to be the 30th of November.


3 years ago


Obviously  lolphp

3 years ago | 5 comments | i.redd.it | Score: 84 Reddit

Latest Comment

So, what's the better approach? Only be able to compare objects that implement a compare interface?


3 years ago


Saw this in an old script today... lolphp #wtf  lolphp

3 years ago | 17 comments | self.lolphp | Score: 38 Reddit

Latest Comment

__halt_compiler();


3 years ago


Does [NAN] === [NAN]? Sometimes, maybe.  lolphp

3 years ago | 30 comments | 3v4l.org | Score: 51 Reddit

Latest Comment

But Nothing isn't really a failure state in a lot of cases, it's just the absence of a value. So saying an absence of value equals an absence of value makes some amount of sense. And while in generally I'm against making equals not an equivalence relation, but either way NaN comparison leads to weird things, as I stated above. It's essentially a damned if you do, damned if you don't


3 years ago


What the hell with iterator_apply ?  lolphp

3 years ago | 10 comments | self.lolphp | Score: 24 Reddit

Latest Comment

I think what's going on is that they chose the perfectly wrong moment to stop sniffing glue do proper design without any scary magic.

Like, the sane way to do this is to give the function the object the iterator returned as the first argument, then pass the rest of the arguments you gave to iterator_apply as an array, as extra arguments.

But whoever wrote that function had a misguided moment of clarity and decided that magically adding something as the first argument is bad, so if you give it [$iterator, 1, 2] then your callback should receive exactly that as arguments.

Lol, PHP.


3 years ago


Q. Does 'self::SOME_CONST' refer to the current class, or potentially a subclass? A: It depends.  lolphp

3 years ago | 10 comments | 3v4l.org | Score: 70 Reddit

Latest Comment

For people who don't want to look at bit flipping and stuff, here's a string version: https://3v4l.org/sXiiL


3 years ago


Wait, you can't call the return value of a function in one expression  lolphp

3 years ago | 13 comments | 3v4l.org | Score: 31 Reddit

Latest Comment

I suppose we should take it as a mark of pride that /r/lolphp is resorting to complaining about things we already fixed. :p


3 years ago


Look at these two idiots  lolphp

3 years ago | 11 comments | stackoverflow.com | Score: 29 Reddit

Latest Comment

So is this subreddit "bad programmers" now?


3 years ago


PHP syntax is version and context dependent  lolphp

3 years ago | 11 comments | blogs.perl.org | Score: 8 Reddit

Latest Comment

So you're saying that you don't like them fixing this fringe case?


3 years ago


Type hinting works very well...  lolphp

3 years ago | 12 comments | 3v4l.org | Score: 7 Reddit

Latest Comment

I think you're missing the strict types declaration.


3 years ago


Test of JSON parsers - PHP's is almost the only one completely correct one.  lolphp

3 years ago | 20 comments | seriot.ch | Score: 68 Reddit

Latest Comment

Here's the article. Worth the read.


3 years ago