Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:121264 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 15694 invoked from network); 7 Oct 2023 15:42:11 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 7 Oct 2023 15:42:11 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 4E8D518005C for ; Sat, 7 Oct 2023 08:42:10 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS24940 176.9.0.0/16 X-Spam-Virus: No X-Envelope-From: Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sat, 7 Oct 2023 08:42:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be; s=mail20171119; t=1696693327; bh=UqNoEztvlD9Q0pYJj+SWQyiVKIb9q8wQ1WcEjU/0K3I=; h=Message-ID:Date:MIME-Version:Subject:To:References:From: In-Reply-To:Content-Type:from:to:cc:subject:message-id; b=c6Vqrw8qZ2WiGUg0pVSFbWrGDtLUOamrnwg/sO9qt/kLfYm9LtY/Uk/ZKBhSrWo0g VCeUYiNmxxx6azpqCgIlhd68fSjraLfF4runRUQWGDYHTsLXCjxYK/+k8vLXQC4pLW vbRdq4CCif+iHONyOjVKD7piaiYtOK/DnRqZOMU0ceGWtkLEdRH2Avv/2rb2S2z3Lf PxE6xmFRolhxKFVlw/1XJ5KBsJZOX+Fqo64VOffgK0xSVKjJYC4xczN2lbA7JvMbxZ RlqbiIkC5rHt8y2m3hG1olt2baCPbVyw42KAXOH5W761eIcW7yv/6du1B0kWneqauV yu4RSHep9jVww== Message-ID: <1a486099-eede-bb8e-5b9c-2d9b1bc6f7d1@bastelstu.be> Date: Sat, 7 Oct 2023 17:42:06 +0200 MIME-Version: 1.0 To: Ilija Tovilo , PHP internals References: <6fccfe47-21ac-fa5b-e52e-28064f26125b@bastelstu.be> Content-Language: en-US In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [PHP-DEV] [RFC][Under discussion] RFC1867 for non-POST HTTP verbs From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=) Hi On 10/7/23 14:06, Ilija Tovilo wrote: > file. The most common action after a file uploads is arguably to move > it to a permanent location using move_uploaded_file(). With a stream I'm not sure if this is actually the most common action, at least in modern applications. Generally there is some kind of processing pipeline. You might want to strip exif metadata from images, check the file contents with a virus scanner, recompress images to save disk usage and in the end upload it to some cloud storage service (e.g. S3). > the obvious way to achieve the same is stream_copy_to_stream(). > However, as the stream already has a file backing (if big enough, at > least) this copy is unnecessary. Please correct me if there's > something I have missed. Especially with the "upload to S3" part, folks will generally already work with a stream abstraction, e.g. PSR-7 together with a PSR-18 HTTP client. Flysystem is probably the most widely used file system abstraction, being included in Laravel, and it also has a "writeStream" functionality: https://flysystem.thephpleague.com/docs/usage/filesystem-api/ > I also would really like to avoid subtle differences between the > automatically and manually invoked files. Given that the overwhelming Yes, that's fair. However there's already some inconsistency, because to my understanding you would need to check for the HTTP method to determine if calling the function is safe or not, no? As an application developer, it would be great if I could safely call this new function also for POST requests. Best regards Tim Düsterhus