Skip to content

Instantly share code, notes, and snippets.

View nikic's full-sized avatar

Nikita Popov nikic

View GitHub Profile
nikic /
Created September 12, 2012 15:04
The new Secure Password Hashing API in PHP 5.5

The new Secure Password Hashing API in PHP 5.5

The [RFC for a new simple to use password hashing API][rfc] has just been accepted for PHP 5.5. As the RFC itself is rather technical and most of the sample codes are something you should not use, I want to give a very quick overview of the new API:

Why do we need a new API?

Everybody knows that you should be hashing their passwords using bcrypt, but still a surprising number of developers uses insecure md5 or sha1 hashes (just look at the recent password leaks). One of the reasons for this is that the crypt() API is ridiculously hard to use and very prone to programming mistakes.

nikic / microbench.php
Created June 22, 2012 23:42
Microbenchmark of generator implementation
function xrange($start, $end, $step = 1) {
for ($i = $start; $i < $end; $i += $step) {
yield $i;
nikic /
Last active April 12, 2024 17:05
Post explaining why objects often use less memory than arrays (in PHP)

Why objects (usually) use less memory than arrays in PHP

This is just a small post in response to [this tweet][tweet] by Julien Pauli (who by the way is the release manager for PHP 5.5). In the tweet he claims that objects use more memory than arrays in PHP. Even though it can be like that, it's not true in most cases. (Note: This only applies to PHP 5.4 or newer.)

The reason why it's easy to assume that objects are larger than arrays is because objects can be seen as an array of properties and a bit of additional information (like the class it belongs to). And as array + additional info > array it obviously follows that objects are larger. The thing is that in most cases PHP can optimize the array part of it away. So how does that work?

The key here is that objects usually have a predefined set of keys, whereas arrays don't:

nikic / bench.php
Last active November 2, 2023 22:49
Benchmark of call_user_func_array vs switch optimization vs argument unpacking syntax
<?php error_reporting(E_ALL);
function test() {}
$nIter = 1000000;
$argNums = [0, 1, 2, 3, 4, 5, 100];
$func = 'test';
foreach ($argNums as $argNum) {
nikic / portAlternativeTags.php
Created September 12, 2014 17:41
Tool for porting alternative PHP tags to <?php, <?= and ?>
* Note: This script will directly modify the .php files in the given directory.
* It is assumed that the code is under version control, so you can easily review
* the changes using `git diff` or similar.
function usageError() {
die("Usage: php -d asp_tags=1 portAlternativeTags.php dir/\n");
nikic / coroutine.php
Created July 14, 2012 13:25
A coroutine example: Streaming XML parsing using xml_parser
/* Data can be send to coroutines using `$coroutine->send($data)`. The sent data will then
* be the result of the `yield` expression. Thus it can be received using a code like
* `$data = yield;`.
/* What we're building in this script is a coroutine-based streaming XML parser. The PHP
nikic / benchCompiler.php
Last active October 28, 2021 07:57
Scripts for measuring compile time
<?php ini_set('memory_limit', -1);
if ($argc != 3) die("error\n");
$file = $argv[1];
$num = $argv[2];
$startTime = microtime(true);
for ($i = 0; $i < $num; ++$i) {
require $file;
nikic /
Last active October 19, 2021 05:47
Analysis of some weird evaluation order in PHP

Order of evaluation in PHP

Yesterday I found some people on my [favorite reddit][lolphp] wonder about the output of the following code:


$a = 1;
$c = $a + $a++;
nikic / varVar.php
Created June 9, 2014 14:11
Script for finding variable-variable usages potentially affected by uniform variable syntax
use PhpParser\Node;
use PhpParser\Node\Expr;
ini_set('memory_limit', -1);
//$dir = __DIR__ . '/../../Symfony_2.3';
nikic /
Last active August 31, 2020 10:39
List of new features in PHP 5.5