On Tue, Jul 2, 2019 at 8:22 PM Matteo Beccati <p...@beccati.com> wrote:
> Hi Nikita, > > On 02/07/2019 15:07, Nikita Popov wrote: > > Friendly reminder that this RFC needs to go into voting until Monday > > (preferably earlier) to make it into 7.4. > > Thanks! Without the reminder, I would probably have missed it. > > > Here's my feedback: > > > > * I would prefer to make escaping not driver-sensitive, as the current > > implementation is. Whether ?? is interpreted as a single ? or ?? should > not > > depend on the driver. > > Most of the feedback I had was quite the opposite (fear of desruption in > the other drivers). In fact in the latest iteration, I went for PDO API > setting, that lets the driver decide whether or not to enable the > feature, which means only pdo_pgsql would be affected: > > > https://github.com/mbeccati/php-src/commit/b8a9703b805e0dffd618823656c8610777efdc3e This sounds nice now -- but what if another database adds an operator using ? in the future? We'd have to enable support for ? escaping at that point. This would leave us with a mess where ? escaping is available or not available depending on the specific combination of database driver + PHP version you are using. As the BC concern here seems to be purely theoretical (as far as I can see), it seems better to do this for all drivers at the same time. > * I would prefer to use \? instead of ?? for escaping. The former is much > > more easily understood by a PHP developer and has less chance of clashing > > with operators (PHP itself has a ?? operator, it's not so absurd to think > > that it also exists elsewhere). The RFC argues against this because it > > makes writing a literal \? harder (which would be \\\\?), but I think > that > > a) the need for a literal \? seems rather rare and b) double-escaping is > > already a well-understood problem for anyone who ever used regular > > expressions. > > Fair enough. Tbh, I have no strong preference... Would "\?" require also > implementing escape of the escape? Would that require some re2c magic? > Yeah, we'd probably need to support escape of the escape for consistency, even if nobody needs it. Overall I'm okay either way here. I think \? will be more obvious for PHP programmers, but seeing the JDBC document you linked (https://jdbc.postgresql.org/documentation/head/statement.html) there is existing precedent for using ?? and it may be worthwhile to follow it. Nikita
