On Friday 04 July 2025 14:40:23 (+02:00), Tim Düsterhus wrote:
> Hi
>
> On 7/3/25 18:04, Derick Rethans wrote:
> > The intention behind the filter extension was that admins can set a
> > default filter for *all* data coming in through this `filter.default`
> > setting as a "safe" fallback. That could/should probably even be a
>
> Genuine question: Is that *intention* documented anywhere?
> https://www.php.net/manual/en/function.filter-input.php only makes factual
> statements about the behavior, but not how one is supposed to use them.
> Similarly https://www.php.net/manual/en/filter.configuration.php also says
> that a default filter can be configured, but not why one would want to do so.
If we look into php-src docs, nowadays under the docs-old entry IIRC, we may
find how to write a filter.
That it is on the level of extending PHP, and I'd interpret that it strongly
points towards system administration or at least that it is about making
systematic use of the PHP filter extension.
Have not yet made research based on age or reviewed specifically after your
message, e.g. correlations towards the date since ext.filter is part of the
solution, but my nose tells me the documentation is likely related to what
you'd like learn more about.
This may be totally misleading, but when I combine that with Derricks expertise
in php-src and his earlier comment, I'm somehow under the impression this has
the potential to answer even genuine questions that require to reason about
documented intend.
So please let me know if it is still of help @Tim
-- hakre
