SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Zealot
    Join Date
    May 2001
    Location
    UK
    Posts
    184
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP.ini / allow_call_time_pass_reference

    Hi all,

    Could anyone give me a description of allow_call_time_pass_reference ?

    I know there has been quite a few people discussing global variables but as I offer hosting didn't think it wise to change. However, the use of functions has the same effect.

    I belive "allow_call_time_pass_reference" means you don't have to declare variables in functions?

    The comment is
    <quote>
    Its not possible to decide to force a variable to be passed by reference when calling a function. The PHP 4 style to do this is by making the function require the relevant argument by reference.
    </quote>

    Could anyone explain that. By having it on, would that course the security issues on global varibles to be extended to functions?

    Thanks,
    Please take a minute to do The Ecommerce Survey
    You get a free information security report as a thank you!
    [ More info on report | The Ecommerce Survey ]

  2. #2
    ********* Callithumpian silver trophy freakysid's Avatar
    Join Date
    Jun 2000
    Location
    Sydney, Australia
    Posts
    3,798
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What does pass by reference mean?

    PHP Code:
    function squarePassByValue($a) {
       
    $a *= $a;
       echo 
    "<br>$a";
    }

    function 
    squarePassByReference(&$a) {
       
    $a *= $a;
       echo 
    "<br>$a";
    }
       
    $myNumber 4;
    echo 
    "<br>$myNumber";
    squarePassByValue($myNumber);
    echo 
    "<br>$myNumber";
    squarePassByReference($myNumber);
    echo 
    "<br>$myNumber"
    expected output:
    4
    16
    4
    16
    16 <- woah! squarePassByReference() actually changed $myNumber!?!

    So from the above example, we can see that when passing by value, as in squarPassByValue, (the usual default behaviour in php), a copy of the value being passed is made ($a) and that is acted upon inside the function. The original value held in $myNumber is not changed by the call to squarPassByValue. However, in squarePassByReference, the & signifies that the function is to be passed a reference to the variable. So when we pass $myVariable as the arguement, we are passing a reference (a handle) to the variable to act upon. Its like we gave the function global scope to $myVariable but by a different name - $a. So when we change $a we are actually changing $myVariable. Thus after the function call $myVariable now holds a value of 16.

    BTW - pass by reference is the way variables are passed in Java. But in PHP, the default is pass by value (copy). You have to explicitly use the & in the function's parameter list to pass by reference.

    I cannot think of how this would effect general security one way or another to be honest.

    As a bit of an aside - I remember reading over at Zend.com that the zend engine - in actual fact, passes by reference to conserve memory/resources and only at the last moment when it can see that the value of one of the references is being changed does it make the decision to create a seperate copy to hold the changed value. But this is all hidden to the programmer. Its a timing/memory management optimisiation thingy.
    Last edited by freakysid; Aug 29, 2001 at 07:42.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •