rfc:deprecate-bareword-strings
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
rfc:deprecate-bareword-strings [2017/01/28 19:48] – created imsop | rfc:deprecate-bareword-strings [2018/03/01 23:25] (current) – RFC was implemented in PHP 7.2 carusogabriel | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP RFC: Deprecate and Remove Bareword (Unquoted) Strings ====== | ====== PHP RFC: Deprecate and Remove Bareword (Unquoted) Strings ====== | ||
- | * Version: | + | * Version: |
- | * Date: 2017-01-28 | + | * Date: 2017-03-05 |
* Author: Rowan Collins rowan.collins@gmail.com | * Author: Rowan Collins rowan.collins@gmail.com | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | When PHP encounters an unquoted token such as '' | + | When PHP encounters an unquoted token such as '' |
The current behaviour appears to have been added as an attempt to guess the user's intention, and continue gracefully. This is inconsistent with other behaviour in current versions of PHP, which include many features designed to assert the correctness of a program. Most relevantly, referencing an undefined class constant (e.g. '' | The current behaviour appears to have been added as an attempt to guess the user's intention, and continue gracefully. This is inconsistent with other behaviour in current versions of PHP, which include many features designed to assert the correctness of a program. Most relevantly, referencing an undefined class constant (e.g. '' | ||
- | This alone would not be sufficient argument to change the behaviour; there are many inconsistencies in PHP, as with any language which has evolved over a period of decades, and we must weigh the cost of changing them with the cost of keeping them. | + | This alone would not be sufficient argument to change the behaviour; there are many inconsistencies in PHP, as with any language which has evolved over a period of decades, and we must weigh the cost of changing them with the cost of keeping them. However, I believe the value of this feature is sufficiently low, and the problems it causes sufficiently high, that it should be deprecated and removed. |
===== The Problem ===== | ===== The Problem ===== | ||
- | The argument for keeping the current behaviour | + | The value of keeping the current behaviour |
* As far as I can see, this has never been documented behaviour, or appeared in any official examples. | * As far as I can see, this has never been documented behaviour, or appeared in any official examples. | ||
Line 28: | Line 28: | ||
* using a built-in constant which is not defined in the current version of PHP, e.g. a '' | * using a built-in constant which is not defined in the current version of PHP, e.g. a '' | ||
* mis-typing a keyword usable as a value, such as '' | * mis-typing a keyword usable as a value, such as '' | ||
- | * mis-typing a keyword | + | * mis-typing a keyword |
Here are just a few examples of how allowing the program to continue with a substituted value in each of these cases can lead to serious unintended logic. | Here are just a few examples of how allowing the program to continue with a substituted value in each of these cases can lead to serious unintended logic. | ||
Line 42: | Line 42: | ||
</ | </ | ||
- | A string on a line of its own is a valid statement, which does nothing. Consequently, | + | A string on a line of its own is a valid statement, which does nothing. Consequently, |
- | + | ||
- | <code php> | + | |
- | $found = false; | + | |
- | foreach ( $list as $item ) { | + | |
- | | + | |
- | if ( $found ) { | + | |
- | | + | |
- | } | + | |
- | } | + | |
- | </ | + | |
- | + | ||
- | Similar problems can arise with '' | + | |
<code php> | <code php> | ||
Line 65: | Line 53: | ||
} | } | ||
</ | </ | ||
+ | |||
+ | Similar problems can arise with '' | ||
===== Proposal ===== | ===== Proposal ===== | ||
Line 71: | Line 61: | ||
- In PHP 7.2, raise the severity of the message "Use of undefined constant" | - In PHP 7.2, raise the severity of the message "Use of undefined constant" | ||
- | - Immediately document the fallback from bareword to string as deprecated in the manul | + | - Immediately document the fallback from bareword to string as deprecated in the manual |
- | - In PHP 7.2, change the text of the message from '' | + | - In PHP 7.2, change the text of the message from '' |
- In PHP 8.0, remove the fallback, and replace the '' | - In PHP 8.0, remove the fallback, and replace the '' | ||
- | It might seem surprising to raise an '' | + | ===== E_WARNING vs E_DEPRECATED ===== |
+ | |||
+ | It might seem surprising to raise an '' | ||
* If a user is relying on the fallback to string, we should communicate that this feature is officially deprecated and slated for removal. | * If a user is relying on the fallback to string, we should communicate that this feature is officially deprecated and slated for removal. | ||
- | * If a user was actually intending to reference a constant or keyword, we should increase the chance they will see the message. | + | * If a user was actually intending to reference a constant or keyword, we should increase the chance they will see the message. |
+ | |||
+ | To make the message visible, we want to use an error level likely to be enabled both in development and production configurations. Since '' | ||
+ | |||
+ | This RFC takes the position that it is more likely that people will trigger this behaviour by mistake, so the priority is to make such a mistake obvious; thus '' | ||
+ | |||
+ | The proposed wording is also an attempt to balance these two possibilities. The use of parentheses is to avoid the awkward phrasing "in a future version of PHP in..." which would otherwise appear in the full output: | ||
- | In my opinion, the latter is more likely, and more configurations will have logging or display | + | < |
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
Line 86: | Line 84: | ||
This change is quite deliberately a change to current behaviour. | This change is quite deliberately a change to current behaviour. | ||
- | Browsing [[https:// | + | Browsing [[https:// |
- | However, the old source code also includes the documentation with which it shipped, | + | The old source code also includes the documentation with which PHP 3 shipped, which seem to have no mention of this behaviour, and no examples which take advantage of it. |
As mentioned earlier, it has been // | As mentioned earlier, it has been // | ||
Line 101: | Line 99: | ||
===== RFC Impact ===== | ===== RFC Impact ===== | ||
- | This change should have no effect on SAPIs, extensions, or OpCache. | + | This change should have no particular |
+ | By increasing the robustness of PHP programs, this change would have a minor but positive impact on security. | ||
- | ===== Open Issues ===== | ||
- | The exact text of the message to be used could be refined. | + | ===== Open Issues ===== |
+ | * Appropriate locations in the manual to document the deprecation, | ||
===== Unaffected PHP Functionality ===== | ===== Unaffected PHP Functionality ===== | ||
- | * Unquoted array keys within a double-quoted string will remain valid, e.g. ''" | + | * Unquoted array keys within a double-quoted string will remain valid, e.g. ''" |
+ | * Defining arrays in query strings will continue to be unquoted, e.g. '' | ||
* Undefined class constants, namespaced constants, and explicit constant references prefixed by '' | * Undefined class constants, namespaced constants, and explicit constant references prefixed by '' | ||
Line 119: | Line 119: | ||
- | ===== Proposed | + | ===== Voting ===== |
- | A single yes/no vote requiring a 2/3 majority. | + | Voting opened on 2017-03-08, and will close on 2017-03-22 at 22:00 UTC |
- | In PHP 7.2, replace | + | The vote requires a 2/3 majority to accept |
+ | Voting is on the following proposal: | ||
- | ===== Patches | + | - In PHP 7.2, raise the severity of the message "Use of undefined constant" |
+ | - In PHP 8.0, remove the fallback, and replace the '' | ||
- | None yet. | + | <doodle title=" |
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
- | ===== Implementation ===== | ||
- | None yet. | + | ===== Implementation |
- | + | ||
- | ===== References | + | |
- | TODO | + | * Pull Request implementing the change itself: https:// |
+ | * Merged into master: https:// | ||
+ | * Pull Request to the Language Spec documenting the new behaviour: https:// | ||
===== Rejected Features ===== | ===== Rejected Features ===== | ||
None yet. | None yet. |
rfc/deprecate-bareword-strings.1485632890.txt.gz · Last modified: 2017/09/22 13:28 (external edit)