PHP userland backwards compatibility layer that emulates PHP 5.5+ core functions.

βŒˆβŒ‹ βŽ‡ branch:  upgrade.php


Check-in [ab91327edb]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
SHA1 Hash:ab91327edb670b12707b00828b1c36535634ee7f
Date: 2014-04-24 02:23:32
User: mario
Comment:Add ellipse … paramized call support and ->is handler.
Tags And Properties
  • branch=trunk inherited from [1e0f19e437]
  • sym-trunk inherited from [1e0f19e437]
Context
2014-04-24
02:43
[d861d4e56d] add more defined() checks for undefined constants, fixed bug 7412bf040f in json_encode "0" string/utf8 check. (user: mario, tags: trunk)
02:23
[ab91327edb] Add ellipse … paramized call support and ->is handler. (user: mario, tags: trunk)
02:22
[1bd07841f1] (no comment) (user: mario, tags: trunk)
Changes

Changes to doc/README.

3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
..
81
82
83
84
85
86
87



88
89
90
91
92
93
94
...
444
445
446
447
448
449
450


451
452
453
454
455
456
457
-------------------------------------
The "upgrade.php" package implements features and functions from
newer PHP versions. It defines them as pure PHP code. Functions
get defined dynamically, at runtime. All emulated functions use
names identical to the original implementation. But won't perturb
if the native functions exist.

So this is really a drop-in replacement. It allows you to use all
PHP features regardless of the current PHP interpreter. You just
have to include() this single script to remove any backward
compatibility woes.
This allows relying on the newer, more powerful PHP functions. The
use and retyping of workarounds gets superfluous. Your application
remains "PHP 4.1+ COMPATIBLE" while actually using PHP5.4 features.


this is useful:

- for open source distributions
- if your own providers PHP version is immemorial
- you want to test new functions, but not install a new PHP ver
................................................................................
interpreter release:

  <?example
     if (PHP_VERSION < "5.4.0") { include(".../upgrade.php"); }
  ?>

Currently following functions can be emulated:



· json_encode
· json_decode
· strptime
· gzdecode
· htmlspecialchars_decode
· fputcsv
· ob_get_headers
................................................................................

v19
  - Adds new PHP5.5 functions: array_column(), json_last_error_msg(),
    boolval()
  - Ships with password_compat[MITL] from Anthony Ferrara, which add
    password_hash() and password_verify() from PHP5.5
  - Minor additions to json_encode and json_decode



v18
  - Anthon Pang contributed mysqli_set_charset() and E_DEPRECATED const
  - Also contrib/safe_serialize and unserialize() implementations by Anthon
  - TMPDIR support for sys_get_temp_dir()
  - gzdecode is now an official PHP 5.4 function.
  - hex2bin







|



|
|
<







 







>
>
>







 







>
>







3
4
5
6
7
8
9
10
11
12
13
14
15

16
17
18
19
20
21
22
..
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
...
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
-------------------------------------
The "upgrade.php" package implements features and functions from
newer PHP versions. It defines them as pure PHP code. Functions
get defined dynamically, at runtime. All emulated functions use
names identical to the original implementation. But won't perturb
if the native functions exist.

So this is really a drop-in replacement. It allows you to use most
PHP features regardless of the current PHP interpreter. You just
have to include() this single script to remove any backward
compatibility woes.
This allows relying on the newer, more powerful PHP functions. Use
and retyping of workarounds gets superfluous.



this is useful:

- for open source distributions
- if your own providers PHP version is immemorial
- you want to test new functions, but not install a new PHP ver
................................................................................
interpreter release:

  <?example
     if (PHP_VERSION < "5.4.0") { include(".../upgrade.php"); }
  ?>

Currently following functions can be emulated:
· array_column
· json_last_error_msg
· boolval
· json_encode
· json_decode
· strptime
· gzdecode
· htmlspecialchars_decode
· fputcsv
· ob_get_headers
................................................................................

v19
  - Adds new PHP5.5 functions: array_column(), json_last_error_msg(),
    boolval()
  - Ships with password_compat[MITL] from Anthony Ferrara, which add
    password_hash() and password_verify() from PHP5.5
  - Minor additions to json_encode and json_decode
  - Introduces ext/contrib/pdo_mysql.php, wrapper functions for PDO,
    that mimick the signature of mysql_* functions with a pdo_* prefix.

v18
  - Anthon Pang contributed mysqli_set_charset() and E_DEPRECATED const
  - Also contrib/safe_serialize and unserialize() implementations by Anthon
  - TMPDIR support for sys_get_temp_dir()
  - gzdecode is now an official PHP 5.4 function.
  - hex2bin

Changes to ext/contrib/input.php.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
..
67
68
69
70
71
72
73




74
75
76
77
78
79
80
...
639
640
641
642
643
644
645














646
647
648
649
650
651
652
...
916
917
918
919
920
921
922











923

924

925
926
927
928
929
930
931
<?php
 /**
  * api: php
  * title: Input $_REQUEST wrappers
  * type: interface
  * description: provides sanitization by encapsulating request superglobals against raw access
  * version: 2.5
  * revision: $Id$
  * license: Public Domain
  * depends: php:filter, php >5.0, html_purifier
  * config: <const name="INPUT_DIRECT" type="multi" value="disallow" multi="disallow|raw|log" description="filter method for direct $_REQUEST[var] access" />
  *         <const name="INPUT_QUIET" type="bool" value="0" multi="0=report all|1=no notices|2=no warnings" description="suppress access and behaviour notices" />
  * throws: E_USER_NOTICE, E_USER_WARNING, OutOfBoundsException
  *
................................................................................
  *   ->log
  *   ->raw
  *
  * You can also pre-define a standard filter-chain for all following calls:
  *   $_GET->nocontrol->iconv->utf7->xss->always();
  *
  * Using $__rules[] a set of filter rules can be preset per variable name.




  *
  * Some filters are a mixture of sanitizing and validation. Basically
  * all can also be used independently of the superglobals with their
  * underscore name, $str = input::_text($str);
  *
  * For the superglobals it's also possible to count($_GET); or check with
  * just $_POST() if there are contents. (Use this in lieu of empty() test.)
................................................................................
     * [b]
     * Abort with fatal error. (Used as fallback for INPUT_DIRECT access.)
     *
     */
    function _disallow($data) {
        throw OutOfBoundsException("Direct \$_REQUEST[\"$this->__varname\"] is not allowed, add ->filter method, or change INPUT_DIRECT if needed.");
    }

















   

    ######  implementation  ################################################

................................................................................
     */
    function __get($filtername) {
        //
        // we could do some heuristic chaining here,
        // if the last entry in the ->attrib->attrib list is not a valid method name,
        // but a valid varname, we should execute the filter chain rather than add.
        //











        $this->__filter[] = array($filtername, array());  // add filter to list

        return $this;  // fluent interface

    }
    


    /**
     * @hide ArrayAccess
     *






|







 







>
>
>
>







 







>
>
>
>
>
>
>
>
>
>
>
>
>
>







 







>
>
>
>
>
>
>
>
>
>
>
|
>
|
>







1
2
3
4
5
6
7
8
9
10
11
12
13
14
..
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
...
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
...
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
<?php
 /**
  * api: php
  * title: Input $_REQUEST wrappers
  * type: interface
  * description: provides sanitization by encapsulating request superglobals against raw access
  * version: 2.6
  * revision: $Id$
  * license: Public Domain
  * depends: php:filter, php >5.0, html_purifier
  * config: <const name="INPUT_DIRECT" type="multi" value="disallow" multi="disallow|raw|log" description="filter method for direct $_REQUEST[var] access" />
  *         <const name="INPUT_QUIET" type="bool" value="0" multi="0=report all|1=no notices|2=no warnings" description="suppress access and behaviour notices" />
  * throws: E_USER_NOTICE, E_USER_WARNING, OutOfBoundsException
  *
................................................................................
  *   ->log
  *   ->raw
  *
  * You can also pre-define a standard filter-chain for all following calls:
  *   $_GET->nocontrol->iconv->utf7->xss->always();
  *
  * Using $__rules[] a set of filter rules can be preset per variable name.
  *
  * Parameterized filters can alternatively use the ellipsis … symbol (AltGr+:)
  * instead of the terminating method access syntax.
  *   $_GET->int->range…0…59["minutes"]
  *
  * Some filters are a mixture of sanitizing and validation. Basically
  * all can also be used independently of the superglobals with their
  * underscore name, $str = input::_text($str);
  *
  * For the superglobals it's also possible to count($_GET); or check with
  * just $_POST() if there are contents. (Use this in lieu of empty() test.)
................................................................................
     * [b]
     * Abort with fatal error. (Used as fallback for INPUT_DIRECT access.)
     *
     */
    function _disallow($data) {
        throw OutOfBoundsException("Direct \$_REQUEST[\"$this->__varname\"] is not allowed, add ->filter method, or change INPUT_DIRECT if needed.");
    }
    
    
    
    /**
     * Validate instead of sanitize.
     *
     */
    function _is($data) {
        $this->__filter[] = array("is_still", array());
        return $data;
    }
    function _is_still($data) {
        return $data === $this->__vars[$this->__varname];
    }



   

    ######  implementation  ################################################

................................................................................
     */
    function __get($filtername) {
        //
        // we could do some heuristic chaining here,
        // if the last entry in the ->attrib->attrib list is not a valid method name,
        // but a valid varname, we should execute the filter chain rather than add.
        //
        
        // Unpack parameterized filter attributes, use U+2022 ellipsis … as delimiter
        if (strpos($filtername, "…")) {
            $args = explode("…", $filtername);
            $filtername = array_shift($args);
        }
        else {
            $args=array();
        }

        // Add filter to list
        $this->__filter[] = array($filtername, $args);

        // fluent interface
        return $this;
    }
    


    /**
     * @hide ArrayAccess
     *