Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:127059 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by qa.php.net (Postfix) with ESMTPS id 295201A00BC for ; Sun, 6 Apr 2025 06:52:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1743922209; bh=EictWhsWYpx88DA7sg1CiWZfdFq24GOlY2sBfe7Egu4=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=OsV+oywPhVxQRP86cliR9dGDpgkLyDJaXzkzXtuWeBgmIZ3acbktWg1HupDxltlEK b0jnWbeIRLeOZrzblVBi+QB0a4ffslEBvoLKx1KjLOipcaAUBlJyuRotYUJlUIsTXP jCNQZ9b3oShVugkUu+0M/nFGnURJcUsFPiMFXWmv9twOQvPlMrgxlj+O+AovPVI0rg MRG4urDI36/7fLZjyINGOfwlH3miLvv2vn5k9Fou+CUEnd0vP3Zx/uajwGpPPysjZr KHIQdK3NQ2mCeNzA1o91tEQWF5Zi22o9sWMUINsPK6jvcNvlF5cdsvfLl6U7bM0VjJ 19q8lUbWoIAEw== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 88060180056 for ; Sun, 6 Apr 2025 06:50:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS, FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,FREEMAIL_REPLY,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=4.0.0 X-Spam-Virus: No X-Envelope-From: Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sun, 6 Apr 2025 06:50:08 +0000 (UTC) Received: by mail-pj1-f43.google.com with SMTP id 98e67ed59e1d1-301918a4e1bso2339224a91.1 for ; Sat, 05 Apr 2025 23:52:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1743922352; x=1744527152; darn=lists.php.net; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=51DTaJdjOFmDLI5LCdmZ0GYjpiRSUMQxHgZnx1dnHj4=; b=dQQ2jC1tnWYnMaM+RNIw0eZg2Jyb9/0HN+NzU0uiHfF3FZU9ggJceX4ib2kOCtWvPd M/64tuC+N3DlyipNmPdp4GjJTZkmw88XEnCpA4pWviDONZOD/AcSMzzK2YSP6CdyGzeW R+NBZ0mb/BRIB7ya1J58109FL7zG4XWRaC4OMZB9oN4AhqD0vnRn9EPPUp0AjWhfGwgn Zud3HEuDdw9lvVYFOJxH0z2AY0tYRnZleZD9b3dRrWe62rpecGK06E3aL8qzfdOMVMBm g3MNP8mF3RhTvRUtQ8gEzeG2yLZVd2JO6uSOrQTv7hl5b+4nQvE1LYJjEEQrsgwCuq4d t8aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743922352; x=1744527152; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=51DTaJdjOFmDLI5LCdmZ0GYjpiRSUMQxHgZnx1dnHj4=; b=tyunlYt8sE44arbYcfU/tfI3kRPa+ZaLNlKnTz7B8VFoF+9vCN2HvGKLy6EwZpR+UO pTsDaaB0gxStjtU8CQNgIEBmTeOp9CQVFIK69hDAjoCNeYXxbRmTUt1PsIJg6ZFwadBl AXZtTcuNsTIgOp9KHRmZGSZJ9EfYoApaRxAiPksT5v90ld5Oe+maM/pDjoaMouXYQIAm ZL+5JpYfKuXr6+N3ipd39tImGbwx45559cEnnGfz+QNk4RCchZyNdwlHXSDTBukfaGnh MqWsTR4Jxi5h9q14F1rnpFZgdoAvBSxlXEb+TK2cqjFUtnxb7nRGnL9F9OUSfqQ/rIM4 fIOw== X-Forwarded-Encrypted: i=1; AJvYcCUnmyLdE3lcfjKPDB3rAdTw1WFJwD4MTdIxOI8VamG1KWrD+bOw7Q8Aj5docB5OSJoZvczVQ2UtJKg=@lists.php.net X-Gm-Message-State: AOJu0YyygndIEuK1mEioizuE5LDs0zTngP2JhNLvA8l0K/80S/f0fhz4 0KI1g6dQD+XTBDE6v0lyU3mjXiNGTcsKb/RhbUo2gWiU8saXsINcKOVWl3YK3QnbdQQFRjifAJb BxBSI8vmTryUiGRINW9XCZ+e+DV8= X-Gm-Gg: ASbGncsEIRywiol6ievpSFjgaMkyifD/aSIJjo3tDC//F37cPZzboZiaA+C94E946xb DT1tEyKaowmq8a0W3dWxtu1JcwmcLr1YiaRSt3sD0EEzGHwxrJ3xsPkH5QSBpFIUceYiNM7jV0w x577l6ZmQpeld44LhJhne+GtftwA== X-Google-Smtp-Source: AGHT+IFNZaXoq73kVW1fzB6f+wL4ruDG2k1E00UbJK88ARWVX7ubTw0nBJSLdgU7kqTBJb0UtmTrgqHTufK8fBpiGlU= X-Received: by 2002:a17:90b:5188:b0:2ea:5dea:eb0a with SMTP id 98e67ed59e1d1-306a60e4ac0mr10000062a91.4.1743922352425; Sat, 05 Apr 2025 23:52:32 -0700 (PDT) Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net x-ms-reactions: disallow MIME-Version: 1.0 References: <17aa0250-ee1f-477a-a255-303281d7a833@app.fastmail.com> In-Reply-To: Date: Sun, 6 Apr 2025 08:52:20 +0200 X-Gm-Features: ATxdqUFl8zy38uGYJ2oUKll6zsW0qEs3V7ywYYFFe3gzV9yTo9gviuVpDRODOD0 Message-ID: Subject: Re: [PHP-DEV] RFC: blank() Function as a Complement to empty() To: Iliya Miroslavov Iliev Cc: Rob Landers , internals@lists.php.net Content-Type: multipart/alternative; boundary="0000000000005515b90632169017" From: divinity76@gmail.com (Hans Henrik Bergan) --0000000000005515b90632169017 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Maybe a #[\SuppressUndefinedWarning] Parameter attribute could work, then everyone could implement their own blank() function with their own preferred logic Not sure if it's technically feasible tho, now the php engine would need to inspect the parameter attributes before deciding on generating a warning or not, idk how hard that would be. On Sat, Apr 5, 2025, 22:27 Iliya Miroslavov Iliev wrote: > > > On Sat, Apr 5, 2025 at 11:04=E2=80=AFPM Rob Landers w= rote: > >> On Sat, Apr 5, 2025, at 14:15, Kayck Matias wrote: >> >> *INTRODUCTION* >> This RFC proposes the addition of a new global function blank() to PHP= =E2=80=99s >> core, intended to provide a more intuitive and context-sensitive way of >> checking for "blank" values. This function is *not a replacement* for >> empty(), but a *complementary tool *to help developers more accurately >> evaluate user input, query parameters, and form values =E2=80=94 particu= larly in >> situations where empty() may behave in unintuitive ways. >> >> >> >> *MOTIVATION*The motivation for this RFC arose from a real-world issue I >> encountered at work involving query string filtering =E2=80=94 specifica= lly when >> using the string "0" as a filter value. Because empty("0") evaluates to >> true, the logic skipped this valid input, causing incorrect behavior in >> the application. This highlighted a gap in PHP=E2=80=99s current toolset= for >> handling =E2=80=9Cblank=E2=80=9D values in a more semantic and intention= -aligned way. >> >> >> I would personally advocate that empty() NEVER be used on strings. There >> are too many edge cases. As I said in an earlier message on the thread, = if >> you want to know if a string is empty, just do $string =3D=3D "" -- note= the >> double equals, not triple equals. This matches null, an actual empty >> string, and false, but won't match anything else. >> >> *PROPOSAL* >> The proposed blank() function will behave similarly to empty(), but with >> semantics better suited for filtering, validation, and user input. Its >> primary goals are: >> >> - >> >> To treat whitespace-only strings as blank (e.g., " "). >> - >> >> To treat "0" (string zero) and 0 (int zero) as *not blank*, unlike >> empty(). >> - >> >> To support clearer, intention-driven logic when working with dynamic >> input, especially in query strings and HTTP forms. >> >> Function Signature >> >> function blank(mixed $value): bool; >> >> Logic (PHP version) >> >> function blank(mixed $value): bool >> { >> if ( >> false =3D=3D=3D $value || >> (empty($value) && '0' !=3D $value) || >> (\is_string($value) && '' =3D=3D=3D \trim($value)) >> ) { >> return true; >> } >> >> return false; >> } >> >> Examples >> echo blank(null); // true >> echo blank(false); // true >> echo blank(""); // true >> echo blank(" "); // true >> echo blank([]); // true >> >> echo blank(0); // false >> echo blank("0"); // false >> echo blank("test"); // false >> echo blank([0]); // false >> >> >> I agree with most of these. I do not agree that " " (a space) is blank >> though. For people without last names, this is often their last name to >> pass validation on forms. As I said earlier, a simple loose check with a= n >> empty string is usually all you need, not empty(). >> >> Best Regards, >> Kayck Matias =E2=98=95 >> >> >> =E2=80=94 Rob >> > > Just something that came into my mind. A "normal space" character is 32, > "non-breaking space" is 160 and a "zero width space" is 8203. These are a= ll > characters so they are not blank and cannot be ignored > -- > Iliya Miroslavov Iliev > i.miroslavov@gmail.com > --0000000000005515b90632169017 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Maybe a
#[\SuppressUndefinedWarning]

Parameter attribute could work, then everyone could implemen= t their own blank() function with their own preferred logic

Not sure if it's technically feasible tho, now the php e= ngine would need to inspect the parameter attributes before deciding on gen= erating a warning or not, idk how hard that would be.


On Sat, Apr 5, 2025, 22:27 Iliya Miroslavov Iliev <i.miroslavov@gmail.com> wrote:<= br>
<= br>

On Sat, Apr 5, 2025 at 11:04=E2=80=AFPM Rob Landers <rob@bottled.code= s> wrote:
On Sat, Apr 5, 2025, at 14:15, Kayck Matias wrote:
INTRODUCTION
This RFC proposes the addition of a new global function=C2=A0bl= ank()=C2=A0to PHP=E2=80=99s core, intended to provide a more intuiti= ve and context-sensitive way of checking for "blank" values. This= function is=C2=A0not a replacement=C2=A0for=C2=A0empty(), but a=C2=A0complementary tool=C2=A0to help developers more accur= ately evaluate user input, query parameters, and form values =E2=80=94 part= icularly in situations where=C2=A0empty()=C2=A0may behave in u= nintuitive ways.


MOTIVATION<= br>The motivation for this RFC arose from a real-world issue I encounte= red at work involving query string filtering =E2=80=94 specifically when us= ing the string=C2=A0"0"=C2=A0as a filter value. Beca= use=C2=A0empty("0")=C2=A0evaluates to=C2=A0tru= e, the logic skipped this valid input, causing incorrect behavior in= the application. This highlighted a gap in PHP=E2=80=99s current toolset f= or handling =E2=80=9Cblank=E2=80=9D values in a more semantic and intention= -aligned way.

I would per= sonally advocate that empty() NEVER be used on strings. There are too many = edge cases. As I said in an earlier message on the thread, if you want to k= now if a string is empty, just do $string =3D=3D "" -- note the d= ouble equals, not triple equals. This matches null, an actual empty string,= and false, but won't match anything else.

=
PROPOSAL
The pr= oposed=C2=A0blank()=C2=A0function will behave similarly to=C2= =A0empty(), but with semantics better suited for filtering, va= lidation, and user input. Its primary goals are:
  • To treat whitespace-only strings as blank (e.g.,= =C2=A0" ").

  • To treat=C2=A0"0"=C2=A0(string zero) and=C2=A0= 0=C2=A0(int zero) as=C2=A0not blank, unlike=C2=A0= empty().

  • To support cl= earer, intention-driven logic when working with dynamic input, especially i= n query strings and HTTP forms.

Function Signature

function blank(mixed $value): = bool;

Logic (PHP version)
=
function blank(= mixed $value): bool
{
if = (
false =3D=3D=3D $value ||
(empty($value) && '= 0' !=3D<= /span> $value) ||
<= /div>
(\is_string($value) && '' =3D=3D=3D \trim($value))
) {
return true;
}

return false;
}
Examples
echo=C2=A0blank(null);=C2=A0// true
echo=C2=A0blank(false);= =C2=A0// true
echo=C2=A0blank("= ");=C2=A0// true
echo=C2=A0blank("=C2=A0<= span style=3D"color:rgb(233,242,132)">");=C2=A0// true
echo=C2=A0blank= ([]);=C2=A0// true
<= /div>

echo= =C2=A0blank(0);=C2=A0= // false
echo=C2=A0blank("0");=C2=A0// false
echo=C2=A0blank("= test");=C2=A0//= false
echo=C2=A0blank([0]);=C2=A0// false

I agree with most of these. I do not agree that &qu= ot; " (a space) is blank though. For people without last names, this i= s often their last name to pass validation on forms. As I said earlier, a s= imple loose check with an empty string is usually all you need, not empty()= .

Best Regards,
Kayck Matias=C2= =A0=E2=98=95

<= /div>
= =E2=80=94 Rob

Just something that came into my mind. A "normal space&qu= ot;=C2=A0character is 32, "non-breaking space" is 160 and a "= ;zero width space" is=C2=A08203. These are all characters so they are = not blank and cannot be ignored
--
= Iliya Miroslavov Iliev
--0000000000005515b90632169017--