rfc:deprecate-backtick-operator-v2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
rfc:deprecate-backtick-operator-v2 [2019/10/06 13:12] – Added note about french keyboards. marandallrfc:deprecate-backtick-operator-v2 [2019/10/31 17:45] – Reference to arguments against in double quotes. marandall
Line 3: Line 3:
   * Date: 2019-10-04   * Date: 2019-10-04
   * Author: Mark Randall, marandall@php.net   * Author: Mark Randall, marandall@php.net
-  * Status: Under Discussion+  * Status: Voting
   * First Published at:https://wiki.php.net/rfc/deprecate-backtick-operator-v2   * First Published at:https://wiki.php.net/rfc/deprecate-backtick-operator-v2
   * Target: 8.0   * Target: 8.0
Line 21: Line 21:
 * Alternative functions exist which are more descriptive, easily understood, and more readily searchable (for example, many common Google searches omit the "`" token entirely when searching).  * Alternative functions exist which are more descriptive, easily understood, and more readily searchable (for example, many common Google searches omit the "`" token entirely when searching). 
  
-* Backticks are visually easily confused with single quotes despite exhibiting radically different behaviour. +* Backticks are visually easily confused with double or single quotes despite exhibiting radically different behaviour.  
 + 
 +* This different behaviour is not subtle, in effect, one parses a string, a fairly simple operation, backticks on the other hand pause execution and takes the control flow completely outside of the PHP environment, executing any commands that it has access to with the full power of the shell. The author posits that this is too close for comfort. An clear example of where this is dangerous behaviour is that "$name" interpolates a string, whereas `$name` executes the contents of the $name variable in the shell, yet at a glance they look very similar. What would be obvious if "shell_exec" instead becomes an easy-to-hide, easy-to-miss statement of immense power.
  
 * It could be considered unintuitive that single quoted strings do not support variable substitution, but single backticks do. This is something that is only covered in the user contributed notes (EN). * It could be considered unintuitive that single quoted strings do not support variable substitution, but single backticks do. This is something that is only covered in the user contributed notes (EN).
Line 28: Line 30:
  
 * Certain language keyboards have no native key for backtick (An example provided by Girgias is the French AZERTY keyboard where you need to hold Alt GR + 7 + one or two Spacebar presses). * Certain language keyboards have no native key for backtick (An example provided by Girgias is the French AZERTY keyboard where you need to hold Alt GR + 7 + one or two Spacebar presses).
 +
 +===== Arguments Against =====
 +
 +* Backticks allow a combination of double-quotes and interpolation without needing to escape the double quotes. 
  
 ===== Backward Incompatible Changes ===== ===== Backward Incompatible Changes =====
Line 34: Line 40:
 Should the operator eventually be removed, there would be a BC break that would require code using it to be updated to reflect the alternative mechanisms documented in "Program Execution Functions", specifically shell_exec which is functionally identical.  Should the operator eventually be removed, there would be a BC break that would require code using it to be updated to reflect the alternative mechanisms documented in "Program Execution Functions", specifically shell_exec which is functionally identical. 
  
-For most cases, this should be an easy upgrade route as there is a 1-to-1 replacement between `expression` and shell_exec("expression"), and should complete removal eventually become viable, scripts are already available to migrate, such as CS-Fixer with the backtick_to_shell_exec flag, see https://github.com/FriendsOfPHP/PHP-CS-Fixer.+For most cases, this should be an easy upgrade route as there is a 1-to-1 replacement between `expression` and shell_exec("expression") (Note: As noted in arguments again, inline double quotes must be escaped), and should complete removal eventually become viable, scripts are already available to migrate, such as CS-Fixer with the backtick_to_shell_exec flag, see https://github.com/FriendsOfPHP/PHP-CS-Fixer.
  
 ===== Proposed PHP Version(s) ===== ===== Proposed PHP Version(s) =====
Line 47: Line 53:
  
  
-===== Proposed Voting Choices ===== +===== Vote ===== 
-Yes / No vote to deprecate the backtick operator requiring a 2/3rds majority.+Voting started 2019-10-31 and will end 2019-11-15. A 2/majority is required. 
 + 
 +<doodle title="Deprecate backtick operator in PHP 8.0?" auth="marandall" voteType="single" closed="false"> 
 +   * Yes 
 +   * No 
 +</doodle> 
  
 ===== References ===== ===== References =====
rfc/deprecate-backtick-operator-v2.txt · Last modified: 2019/11/15 12:20 by marandall