Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:78561 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 57565 invoked from network); 2 Nov 2014 15:11:52 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Nov 2014 15:11:52 -0000 Authentication-Results: pb1.pair.com smtp.mail=rowan.collins@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=rowan.collins@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.43 as permitted sender) X-PHP-List-Original-Sender: rowan.collins@gmail.com X-Host-Fingerprint: 74.125.82.43 mail-wg0-f43.google.com Received: from [74.125.82.43] ([74.125.82.43:58039] helo=mail-wg0-f43.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 43/74-13276-7B946545 for ; Sun, 02 Nov 2014 10:11:52 -0500 Received: by mail-wg0-f43.google.com with SMTP id y10so6537618wgg.2 for ; Sun, 02 Nov 2014 07:11:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=user-agent:in-reply-to:references:mime-version :content-transfer-encoding:content-type:subject:from:date:to :message-id; bh=0qpgE0OYtoyBvfOa1nhs5b/URVQpq3m5YZSjq7lObNM=; b=zvuLcpRPYoGHzLHKVu3exYaG+y6eo7W4w/bBaW7MQK9USaVUHFMjuZdlmfXfM1FqNi ip+4SSC13cVhjnnMeXUXHXHQ1RBtEsSJApObLW8FHPX2VP6fI4UPkH2qYzNdyIUgjvfS FeYVEIhdsXKxbXKZsKdCP8KB1mceSFtlcY4O1r5JsxCb81aHOcYtt+OZcZS8XwTf5it2 sD4fwSwP9KuSwOpvUeLd+3rlJvAfPoDFtLKefPhOiJra/zLqJpxqLJuQ4X9lfAddyH+l p7EvzDhLObO5rYLcNujPj51FZ96njS5t5jUZwbV4hCkunWeBq8Zta2vz0MIpGDhlSzye JdSA== X-Received: by 10.180.211.70 with SMTP id na6mr10055750wic.3.1414941108468; Sun, 02 Nov 2014 07:11:48 -0800 (PST) Received: from [192.168.0.3] (cpc68956-brig15-2-0-cust215.3-3.cable.virginm.net. [82.6.24.216]) by mx.google.com with ESMTPSA id p3sm18899882wjf.49.2014.11.02.07.11.47 for (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 02 Nov 2014 07:11:47 -0800 (PST) User-Agent: K-9 Mail for Android In-Reply-To: References: <545554F7.70906@gmail.com> <581CB00C-59B7-4263-8533-D7DCB54C806E@ajf.me> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Date: Sun, 02 Nov 2014 15:10:44 +0000 To: "internals@lists.php.net" Message-ID: Subject: Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736 From: rowan.collins@gmail.com (Rowan Collins) On 2 November 2014 13:49:15 GMT, Dan Ackroyd wrote: >Andrea wrote: >>Perhaps it would be worth ditching any attempts to change setcookie() >(just keep it around for backwards-compatibility), and to instead add a >new function, function family, or indeed class for cookie handling. >> >>Thoughts? Any idea what such an API might look like? > > >I think this API could and should exist totally in userland. > >Although it's nice that PHP ships with basic session support with it, >the exact details of session handling actually involve non-trivial >business logic Wait, what does session handling have to do with any of this? We're talking about setting, manipulating, and clearing cookies here, not trying to second guess what people are using them for. Cookie-handling APIs are pretty much universally awful, from the HTTP headers themselves to JS's document.cookie voodoo. setcookie() is part of that trend, with its long list of positional parameters which need specifying every time. If a new flexible high-level API for HTTP response logic, along the lines of pecl/http or PSR-7, were introduced, it might be nice to attempt something less ugly as part of that effort. I'd tend to agree, though, that the bug as raised should be treated as user error, or ill-advised user intention, by the existing low-level API. -- Rowan Collins [IMSoP]