Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:127847 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by lists.php.net (Postfix) with ESMTPS id 2B6371A00BC for ; Wed, 2 Jul 2025 19:25:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1751484205; bh=KOP/BKoTIvr/Ecr7pwZLZsVXqgwpVTnQzJO/eRVzRQI=; h=References:In-Reply-To:From:Date:Subject:To:From; b=T8v2q2piNRtzryMFroBJNw0/4ZNKayZqSBSZ590XCDkqBsyxld56lfSftjzbrWWDz 2vwze1pSXH4LIiMT0poFjHi5MGLBtTtn/RVFYCE95rfJTskWbUmFWvW4n4wkhfYetQ lwtY+ndHNt//u9+KbrOAT3Icwg4DZHQylHlQrOmLllB88Dbz4G3/zk7pYupHFCTT65 pyCmSU+Gdfy/Yct9GZVla6ZB2KqrbW1bLrjqEr2oXUmWkB4AJ82aKZ5WHXFXIcGD3T jw0yzYGvNsG0CxZpBWgtC+u677Q33QlhjnwEYsdivrMw6abIoSnahBc4XLk8q8DpU+ DgAi/424qy1Sg== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 8EFFA1801E0 for ; Wed, 2 Jul 2025 19:23:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,FREEMAIL_FROM, HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=4.0.1 X-Spam-Virus: Error (Cannot connect to unix socket '/var/run/clamav/clamd.ctl': connect: Connection refused) X-Envelope-From: Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 2 Jul 2025 19:23:24 +0000 (UTC) Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-b31d592bbe8so5501659a12.2 for ; Wed, 02 Jul 2025 12:25:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1751484316; x=1752089116; darn=lists.php.net; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=ZyTX11ldaPMLbEpnMOaQzAZ2Oum/u6UnQ7nr+J/JV+g=; b=afvXdzLvC+2ZM6PlsOlpiW12iVwOkHjQAlicHDB/xmUnIBGgW5fn+TJZ5ubcJtpLkT AHmPdF8sByoVFFlyabhPRZA9IOXtSxKNYKHGRC3zZkJ8pIYMtIhVfqhU/ygKUULLCQ5D aMkbHEtYwjgdU6MIlHF4BkY6NRcpxELm66qa+UZ5FHVdHXvG+eRx2+5lx6fbx+TN5Npx 9UAgKWWhUCuVNdFgExfHtw2EYIQcNL9XS5GrQODVuAXa8iPtD0NM7WZEgpnADrJfshLN tPfinr5EcsHKcJWXuqnqpxxcsJTSSs5qOKTptSnLpQBTKeHAfRXarOsxLbS4MP0Rr9gR SjnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751484316; x=1752089116; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZyTX11ldaPMLbEpnMOaQzAZ2Oum/u6UnQ7nr+J/JV+g=; b=j2AUEjfqQDPHZzCUFh6m8mILVogx6de/PlcaX+VQp/aWsFugpdahdwTVFq+LB9KAH9 NsfuCaQKLL6StTEJYi+QBo4cr5/ABYYCfLP4pAVY3JAbCRVvDJ6j9DLVINQKBl1mvyf6 gfkpJ3UkbF9KBZYYplF2au6skkHa3I6jLKuMjcqGiGHu8qeif8VdgzX5owOfcrv+GnJl ug59+D2qrFsZOJeRwbfOV1YtUdgsD7Oe2UpfIa3ACAnGzpEx63hyVcVRhv4IcUSQWp7C M918au/+8A3pL3sdHLYhDof7UlVADblD7NBfFJUElnUGPC4f6s/kqyAx2s5z84nczua1 V0iQ== X-Forwarded-Encrypted: i=1; AJvYcCVN3FQ6rmOp6Dy2KNgbrhHQAdfYHahpPLG7/D335wf4YelGxW4Pv7pdVCrNQL8o8NC/qdy/B9cUaPI=@lists.php.net X-Gm-Message-State: AOJu0YwGIq9MAT4vzI0H78yn13F+q74fmHWZXalpnujFOBwchgXM2gar OGMTlic3Tl4wiIJKUcf8bAk3v4GFSz/OCTxZINocMds/tRlnY8o8FsaumAHV+vwmX2vRKrt5nQb 1jAtQY7DysUcAdi8SEU8CokEh79ROBnVh+sUe X-Gm-Gg: ASbGnctO7VctYHj7Vgj9qQFjlNwYBnbelj6Hlxe7hJhPtbcHp6yhwzjyt6YhmTpCmPc yrRvXgGbG7evHUaZCjNLHIPA8H0XuemaFxiNt2ajK7cUu1ac/IaH0k/H18bQpnH1EnfeicUe2Tr EitSRERNt+risCkExUTdOLrys8ouziQE1xdj7J2ftYtLw2M8yjY8lbpiYZYAqIW9s3pf4WNQzdO CngjA== X-Google-Smtp-Source: AGHT+IHrn9EBQ0B2xixCcHbcGPVQHrD4NaqWTHPD1FjkES3/1L3xMkKOLUbegSENjr23zEXs2ASOm1CHUW0GZ9Gr1cA= X-Received: by 2002:a05:6a20:158a:b0:21a:d503:f47c with SMTP id adf61e73a8af0-2240c6a18a5mr1078007637.28.1751484315660; Wed, 02 Jul 2025 12:25:15 -0700 (PDT) Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net x-ms-reactions: disallow MIME-Version: 1.0 References: <348856E5-6A4E-455A-81AE-882832170168@rwec.co.uk> <38e57171-fc2e-4d79-8614-0b1c5a2efc72@app.fastmail.com> In-Reply-To: <38e57171-fc2e-4d79-8614-0b1c5a2efc72@app.fastmail.com> Date: Wed, 2 Jul 2025 21:25:03 +0200 X-Gm-Features: Ac12FXzDTihBrSBToWTPL9g0A0CW2IUvl_jqNHxhT7ksnAWrwXrUeGgv5U215MU Message-ID: Subject: Re: [PHP-DEV] [RFC][DISCUSSION] Add RFC 4648 compliant data encoding API To: Larry Garfield , PHP Internals List Content-Type: multipart/alternative; boundary="00000000000076f5e70638f738ee" From: nyamsprod@gmail.com (ignace nyamagana butera) --00000000000076f5e70638f738ee Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable > > > I don't think it needs to be added to the enum, necessarily. Just make i= t > a nullable argument to base64_decode. > > function base64_decode(string $string, bool $strict =3D false, ?DecodingM= ode > =3D null): string|false > > That would leave the default behavior of the function intact, but also > allows switching it over to either of the new modes (which would then jus= t > defer to the new implementations). And we wouldn't need to deal with > "disallowed" modes on the new functions. > > Hi Larry, The goal is not to change the signature of the existing `base64_encode` function, but rather to preserve its current non-strict behavior within the new API. This is intended to ensure a smoother transition from the existing API to the proposed one. Therefore, we shouldn=E2=80=99t alter or retrofit = the existing function. Instead, the focus should be on providing a clear migration path for users, which is why the addition of a `DecodingMode::Unsafe` case is being proposed. If I were to follow your suggestion, I would have proposed an alternative signature like this: ``` base64_encode(string $string, bool|DecodingMode $strict =3D false); ``` Where: - `Encoding\DecodingMode::Strict` is identical to `$strict =3D true` - `Encoding\DecodingMode::Unsafe` would be identical to `$strict =3D false= ` and the current function would then become an alias of ``` Encoding\base64_decode(string $encoded, decodingMode: Encoding\DecodingMode::Unsafe); // or Encoding\base64_decode(string $encoded, decodingMode: Encoding\DecodingMode::Strict); ``` The caveat is that, in the new API, errors will throw exceptions instead of emitting an `E_WARNING` and returning `false`. Once the current API is eventually removed, the `Encoding\DecodingMode::Unsafe` mode would also be deprecated and removed accordingly. And documentation would rightly highlight the danger of using such settings. Keep in mind that this is in response to Rowan comment and depending on feedback I may not add the `Encoding\DecodingMode::Unsafe` to the proposal. I know I do not represent the majority but I tend to always use strict mode when decoding base64 encoded data and when I forget PHPStan reminds me to do so. Best regards, Ignace --00000000000076f5e70638f738ee Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

I don't think it needs to = be added to the enum, necessarily.=C2=A0 Just make it a nullable argument t= o base64_decode.

function base64_decode(string $string, bool $strict =3D false, ?DecodingMod= e =3D null): string|false

That would leave the default behavior of the function intact, but also allo= ws switching it over to either of the new modes (which would then just defe= r to the new implementations).=C2=A0 And we wouldn't need to deal with = "disallowed" modes on the new functions.

Hi Larry,

The goal is not to change the signature= of the existing `base64_encode` function, but rather to preserve its curre= nt non-strict behavior within the new API. This is intended to ensure a smo= other transition from the existing API to the proposed one. Therefore, we s= houldn=E2=80=99t alter or retrofit the existing function. Instead, the focu= s should be on providing a clear migration path for users, which is why the= addition of a `DecodingMode::Unsafe` case is being proposed.
If I were to follow your suggestion, I would have proposed an a= lternative signature like this:

```
base= 64_encode(string $string, bool|DecodingMode $strict =3D false);
`= ``

Where:

=C2=A0- `Encodi= ng\DecodingMode::Strict` is identical to `$strict =3D true`
=C2= =A0- `Encoding\DecodingMode::Unsafe` would=C2=A0be identical to `$strict = =3D false`

and the current function would then bec= ome an alias of=C2=A0

```
Encoding\base6= 4_decode(string $encoded, decodingMode: Encoding\DecodingMode::Unsafe);=C2= =A0
// or
Encoding\base64_decode(string $encoded, = decodingMode: Encoding\DecodingMode::Strict);
```

=
The caveat is that, in the new API, errors will throw exceptions inste= ad of emitting an `E_WARNING` and returning `false`. Once the current API i= s eventually removed, the `Encoding\DecodingMode::Unsafe` mode would also b= e deprecated and removed accordingly. And documentation would rightly highl= ight the danger of using such settings.

Keep in mi= nd that this is in response to Rowan comment and depending on feedback I ma= y not add the `Encoding\DecodingMode::Unsafe` to the proposal. I know I do = not represent the majority but I tend to always use strict mode when decodi= ng base64 encoded data and when I forget PHPStan reminds me to do so.
=

Best regards,
Ignace


--00000000000076f5e70638f738ee--