This is an old revision of the document!
This RFC proposes that use default_charset as default character encoding.
Current PHP does not have default encoding setting. This makes adoption of PHP 5.4 difficult, since PHP 5.4's htmlentities/htmlspecialchars is now default to UTF-8. Some applications are required to set proper encoding for htmlentities/htmlspecialchars for proper character processing. If users mixed ISO-8859-1 and UTF-8 (AND many other multibyte character encodings), it could cause security problem.
There are many encoding setting in php.ini and functions that users simply ignore and leave it alone. However, it is required to handle character encoding properly for secure programs.
Set default_charset=“UTF-8” as PHP default for both compiled and php.ini-* option.
Add php.input_encoding, php.internal_encoding and php.output_encoding for encoding related module/functions.
Use default_charset as default for encoding related php.ini settings and module/functions.
PHP 5.5 and master, introduce new php.ini settting. Old iconv.*/mbstring.* php.ini parameters will be removed for master.
default_charset < php.* < mbstring.*/iconv.* < encoding specified by functions
mbstring and iconv have different level of support.