Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:106242
Return-Path: <ajf@ajf.me>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 67159 invoked from network); 20 Jul 2019 01:22:08 -0000
Received: from unknown (HELO localhost.localdomain) (76.75.200.58)
  by pb1.pair.com with SMTP; 20 Jul 2019 01:22:08 -0000
To: internals@lists.php.net
References: <c-17aa9-jy55foba-cru125=b8ivs7@2.gethop.com>
 <CAF+90c9ZRT92UVK5ig_wkkgEzXAWG+fgYdNR6KGj8zKcuKRJ+A@mail.gmail.com>
 <CAEYWF=7+orYkB+K3Rp+tzhPk9bF9e99A8DHVcw++YYFLS6B5sA@mail.gmail.com>
 <CADqTB_haS0xVkkQjkKunri_xKX+ixXE7eueZ5-x+ZUG=kzVdEg@mail.gmail.com>
Date: Sat, 20 Jul 2019 00:44:22 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:52.0)
 Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.2
MIME-Version: 1.0
In-Reply-To: <CADqTB_haS0xVkkQjkKunri_xKX+ixXE7eueZ5-x+ZUG=kzVdEg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Posted-By: 46.195.91.193
Subject: Re: [PHP-DEV] Stop replacing dots with underscores in query, post
 andcookie parameters for PHP 8?
From: ajf@ajf.me (Andrea Faulds)
Message-ID: <php.internals-106242@news.php.net>

Hi all,

Rasmus Schultz wrote:
> 
> What about libraries that need to support both PHP 7 and 8? Many libraries
> will likely need to, potentially for a long time.
> 
> How will these libraries be able to detect whether the names have been
> mangled or not? Libraries that "unmangle" run the risk of "unmangling"
> names that aren't actually mangled, and could end up mangling them instead.
> 
> This is a particular concern with the proposed polyfill - if there's a
> polyfill that mangles the names, you can't just use something like
> php_version() to check if it's version 8, since the polyfill could have
> been applied.
> 
> Maybe consider adding something like $_SERVER["REAL_HEADER_NAMES"] which,
> if set, will indicate the names have not been mangled? The polyfill could
> then unset() this value - it could even check first if the names are
> already non-mangled, whether this is because it's running under PHP 8,
> because the polyfill gets bootstrapped twice (which it'll probably need to
> check somehow anyway) or because somebody else polyfilled the same change
> in some other way.
> 
Years ago I also wanted to remove the name mangling, but for 
backwards-compatibility reasons I think we should make it as easy as 
possible to migrate.

My preferred solution would be to add a new built-in function that 
re-does the mangling exactly as it used to be done. It would be no great 
maintenance burden on us to maintain such a function for the future, 
but it would avoids userland having to reimplement it multiple times and 
less performantly or perhaps with bugs.

Imagine:

   array php_bc_mangle_request_vars(array $input);

Then an app relying on the legacy behaviour could do this in its 
index.php and breathe easy:

   $_GET = php_bc_mangle_request_vars($_GET);
   $_POST = php_bc_mangle_request_vars($_POST);
   // etc

Or for example, something using some form of Request object that didn't 
do de-mangling could use this function on its $post array.

What does everyone think?

Andrea