Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:115634
Return-Path: <nyamsprod@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 46345 invoked from network); 6 Aug 2021 06:48:36 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 6 Aug 2021 06:48:36 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 6C52B1804CF
	for <internals@lists.php.net>; Fri,  6 Aug 2021 00:18:01 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_20,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <nyamsprod@gmail.com>
Received: from mail-lj1-f175.google.com (mail-lj1-f175.google.com [209.85.208.175])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Fri,  6 Aug 2021 00:17:58 -0700 (PDT)
Received: by mail-lj1-f175.google.com with SMTP id m9so10591074ljp.7
        for <internals@lists.php.net>; Fri, 06 Aug 2021 00:17:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:from:date:message-id:subject:to;
        bh=Js8+uQAEeyWA8GeILDw5C25a/00jXBpN3awB3DE6G5s=;
        b=r4znY6kHyCDvjc3cnZnD27Z9RQv9agWiynDnyVcPyDG87l1KV14xYdFn6ntKc1+6W4
         8oZafU5826ru2hJeadWrBd1EqFtXI4wwR1lNX4S5JUqSthPgsTEj6fb4xclr5bpcsNyw
         RvSj7nLehgBqd4mhI9flo9uwgO7RuNZmjPS8UBsclitj2JnLt8TUfjtMJV+SAooOipd/
         7iukMAgGBMtPB/OSbXOTHymPJEMEbv/ZpJJCkwQ7OiuzwHAUPzeHoo6gGaGTDFPCIbcX
         f2r7j18q5EVngCbg4Sp7X0xX5RyOzS3gY/dpjDieAQwGbtTaNXW/fm26k+QpNh2tWVkF
         ptTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=Js8+uQAEeyWA8GeILDw5C25a/00jXBpN3awB3DE6G5s=;
        b=JEggQTVUL9TvG/ZKd3k8Cq/MXi7aNM8btqatqQmVhi6a/XEqgbeAJy7gRmRxsVwlRn
         5PAdNkyhHri846s8J5s/XnCaufkWmG4luFVxJm6fWaf4LtaI/55R+0INg27rlTjAi0+s
         Y62g7pEiEYoWU5nKc/YCOnyEGHJXAs0+eusVPOpBQJDD/ofE8BGS6J01IeWL+25X1bqb
         F6mYyqYT/teyRq4/uZ0/fc1Z2AKbIeAM75a0+qefBezEEkP8ysyNlhVe1+qNewB6DzbB
         1VuOV2bT6n+IeKd4/qver5WNdwo/CTXkgbx9K8f52BEiAFsxb+sR5GAwSeyqHeEC9QeQ
         KUjQ==
X-Gm-Message-State: AOAM530cqXPDaJs47LtY6WwH061nos0+Z94Pk/EGb6Utdg5wzuXqLGbh
	5PTlEgbNTQBEaQ6/YorR6iG0NkdxZfhtRFYr60nR91EoZG0=
X-Google-Smtp-Source: ABdhPJwMzKE/cSB0B9INlOoifA2nw4raaPP+FvcAjWskuCga/2cyyB/lnTd2Is+s56dKdL6F69bx4xIOdaxbI1lPSwo=
X-Received: by 2002:a2e:a90e:: with SMTP id j14mr5836881ljq.250.1628234275410;
 Fri, 06 Aug 2021 00:17:55 -0700 (PDT)
MIME-Version: 1.0
Date: Fri, 6 Aug 2021 09:17:44 +0200
Message-ID: <CAOV5rgZSeSS89kV8jgt+Deyu9vHF-n5JQ+X9ab+ZVjjUCWeRPQ@mail.gmail.com>
To: internals@lists.php.net
Content-Type: multipart/alternative; boundary="00000000000098d60e05c8ded523"
Subject: [RFC] Add parse_query_string as an alternative to parse_str
From: nyamsprod@gmail.com (ignace nyamagana butera)

--00000000000098d60e05c8ded523
Content-Type: text/plain; charset="UTF-8"

Hi Kamil Tekiela,

I read your RFC and I understand the intent in improving the current
parse_str function behaviour by introducing a new function to
avoid possible breakage,
However I feel that we are missing a chance to also improve how parse_str
algorithm is currently used, we could or should (?) use this opportunity
to fix some long shortcomings around parse_str.

In no particular order:

parse_str mangled data while it was acceptable before when it could
directly inject PHP variables into the current scope, this
feature is no longer needed and prevents interoperability with other query
parsing algorithms used in other languages. Also since this mangled data
is not well known it comes as a surprise to average PHP developer as the
behaviour feels unexpected see https://3v4l.org/KIJ9V

parse_str assumes that the query separator is always a "&" which reduces
its usage to only parsing query using that particular character. Again this
might be seen as an edge case but no RFC prevents using any other
character. If you where to use another character you are bound to use some
userland code workaround to then feed the "normalized" string to parse_str

parse_str parse the query string using PHP algorithm while there are now
some established parsing algorithm that are languages independant like
https://url.spec.whatwg.org/#interface-urlsearchparams that defines how a
query string should be parsed.

If we were to introduce your function as is, I feel that we will have to
submit yet another RFC and have a language with at least two ways to parse
a string. So maybe instead of a new function what we need is an object with
a better public API ?  thoughts

--00000000000098d60e05c8ded523--