Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:60923
Return-Path: <danielc@analysisandsolutions.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 71629 invoked from network); 21 Jun 2012 14:12:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 21 Jun 2012 14:12:44 -0000
Authentication-Results: pb1.pair.com header.from=danielc@analysisandsolutions.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=danielc@analysisandsolutions.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain analysisandsolutions.com designates 50.116.58.177 as permitted sender)
X-PHP-List-Original-Sender: danielc@analysisandsolutions.com
X-Host-Fingerprint: 50.116.58.177 analysisandsolutions.com  
Received: from [50.116.58.177] ([50.116.58.177:37147] helo=analysisandsolutions.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 5E/25-42253-BDB23EF4 for <internals@lists.php.net>; Thu, 21 Jun 2012 10:12:44 -0400
Received: by analysisandsolutions.com (Postfix, from userid 1001)
	id 4E60118C58; Thu, 21 Jun 2012 10:12:41 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
	d=analysisandsolutions.com; s=default; t=1340287961;
	bh=5s2KGxb492dnldX2elXgXhfIT17pwSOStZz9UtvArng=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To;
	b=IYOX/3fVykH3VsMQpkkWzi0RLhcLs2cyWTKhoM7UzKkrG+R1xGRJYrDmqCOXUaYHk
	 5fG70MIi9qR9Qb394oun5Co6fxLI02vnmZ60PWfwWCYWYfNZ6DKHoBmmq8d1r69QvC
	 YEV+HWtUVsQVfESwQz+3naN+jwP/0289yqzXoYaA=
Date: Thu, 21 Jun 2012 10:12:41 -0400
To: Nikita Popov <nikita.ppv@googlemail.com>
Cc: PHP internals <internals@lists.php.net>
Message-ID: <20120621141241.GA25789@analysisandsolutions.com>
References: <CAF+90c-T9hPbuS3bUxnHw-+B+Y2VLu55wQJ8UrtzrcC7TiKyVw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAF+90c-T9hPbuS3bUxnHw-+B+Y2VLu55wQJ8UrtzrcC7TiKyVw@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [PHP-DEV] json_encode() behavior for incorrectly encoded strings
From: danielc@analysisandsolutions.com (Daniel Convissor)

Hi Nikita:

> PHP <= 5.3.13, PHP 5.4, master behave as follows when an invalid UTF-8
> string is encountered:
>  * A warning is thrown, but only if display_errors=off

So the warning is put into the error log?  But only if display_errors is
off?  And if display_errors is on, no warning is produced?

That's very counter-intuitive and un-PHP-like.  Someone mentioned it's for
security reasons.  By that logic, we should get rid of all error
messages because they all reveal some information that can be used by
attackers.

Thanks,

--Dan

-- 
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
            data intensive web and database programming
                http://www.AnalysisAndSolutions.com/
        4015 7th Ave #4, Brooklyn NY 11232  v: 718-854-0335