@dseguy I assume this https://3v4l.org/3E7BL snippet captures your complaint? (3v4l is the preferred way to share #PHP code snippets over screen shots.) specifically that the fourth print should be 4 not 6
If I had to guess, it’s something about operator precedence between the cast and the exponent. But that’s downright weird given the multiplication gets it right. Probes out by adding more parentheses: https://3v4l.org/gXvRL
ok #php folks, you were right Rector is pretty cool. The learning curve is steep AF, and the docs are, well, let's just say they're written by engineers for engineers. But given the target audience for this tool, that's OK. I've not yet done the changes I was originally asking about with it, because the config for it is going to be a PITA to build. I've been starting small. But what I've done so far has been pretty cool! I've done some wild things with RenameClassConstFetchRector for example. 🧵
BUT... this brings me to two questions that don't seem obvious from the docs and sources. 1. as a result of moving some consts from one class to another, I now have a lot of files that went from 1 long use SomePackage\Name\Space\Here\To\AClass; and a ton of AClass::SomeConst to a lot of files with an unused import and a ton of very long fully qualified consts sprinkled through the code. Has anyone seen a rector to collapse frequently used namespaces into a use statement?
@shudder no… 2000+ files that it touched to change “class Yada implements \NameSpace\Foo\Bar\SoupInterface” to “use \NameSpace\Foo\Bar\SoupInterface;
class Yada implements SoupInterface”
The vast majority of our codebase only imports the class if it’s used more than once in the file… this just undid that globally for two big classes of use cases: implementing interfaces and trait usage.
The actual changes I had been making in rector.php only impacted a couple dozen files.
@alessandrolai@shudder yeah, played with them to not much improvement. Currently thinking I’ll do a two pass approach. First use the renaming rectors I’ve configured against the whole codebase, then got diff to get the list of changes files and run a separate rector on just those files with this option. Will experiment with that in the morning.
Anyone know how long it usually is between a release going GA and do-release-upgrade seeing it? #ubuntu Seems odd that I could download and burn the iso and do an upgrade with that, but can't do it from within the system yet.
Shout out to league/csv for continuing to be an awesome library. It's intuitive, a breath of fresh air after a long week of fighting every single tool. This one doesn't fight you. It just helps you without getting in the way.
@afilina oooh! I didn't know this package existed. I think pretty much every package from The League I've used has fit this description though, so that's a good sign. Sadly, after looking at it's docs, it doesn't even attempt to solve the biggest problem I think @kboyd and I see with writing csv files... managing the column positions when you have variable data. :(
@afilina@kboyd say you have 50 columns... say 40 of them are populated in every row, but the other 10 you get some random subset (depending on what the other values maybe, you may have 10 of them or you may have 3 of them or somewhere between.) Then say you have another 6 or so columns that get added for certain customers but not for others.
It would be awesome if you could give it a header array and then pass in a hash for the row and have it populate just the ones that are set.
@afilina@kboyd ahh... I must have misunderstood what formatters could do... I thought they were processed cell by cell. If they get the whole record then yeah, that would probably work.
But assumed worst case: there is some magic string that if they can get your web server to spit it out, in that encoding, can be used to dump anything php has access to… or run any arbitrary assembly… as your php user.
There are probably a dozen lesser degrees too.
Disclaimer: I’m not a security researcher either… it’s been 20+ years since I sat down and crawled through any code looking for malicious ways to abuse it.