Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

> On 03 Nov 2014, at 02:21, Dan Ackroyd wrote: > > On 2 November 2014 15:10, Rowan Collins wrote: >> Wait, what does session handling have to do with any of this? > > Sorry, I completely failed to write what I was trying to say there. > > I meant that like the session handling functions and s

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 2 November 2014 15:10, Rowan Collins wrote: > Wait, what does session handling have to do with any of this? Sorry, I completely failed to write what I was trying to say there. I meant that like the session handling functions and setcookie are similar in that: * They don't feel that nice to u

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Hi! > The behaviour of PHP is ABSOLUTELY in compliance with the RFC 6265. > Setting two headers may not follow best practice but it is conformant, > and it is only doing what the users PHP script told it to do. I think I agree here - we're providing a low level API, and if somebody uses this API

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 2 November 2014 13:49:15 GMT, Dan Ackroyd wrote: >Andrea wrote: >>Perhaps it would be worth ditching any attempts to change setcookie() >(just keep it around for backwards-compatibility), and to instead add a >new function, function family, or indeed class for cookie handling. >> >>Thoughts? An

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Andrea wrote: >Perhaps it would be worth ditching any attempts to change setcookie() (just >keep it around for backwards-compatibility), and to instead add a new >function, function family, or indeed class for cookie handling. > >Thoughts? Any idea what such an API might look like? I think this

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Florian wrote: > On the PR of the setcookie patch > to become compliant with the HTTP RFC, >There are some facts: > >- the current way does not follow the HTTP RFC. Please stop saying this, it isn't true. >From rfc6265: > Servers SHOULD NOT include more

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

> On 02 11 2014, at 01:33, Rowan Collins wrote: > > On 01/11/2014 22:24, Andrea Faulds wrote: >> Perhaps it would be worth ditching any attempts to change setcookie() (just >> keep it around for backwards-compatibility), and to instead add a new >> function, function family, or indeed class fo

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 01/11/2014 22:24, Andrea Faulds wrote: Perhaps it would be worth ditching any attempts to change setcookie() (just keep it around for backwards-compatibility), and to instead add a new function, function family, or indeed class for cookie handling. Some sort of sane API which would allow yo

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

> On 1 Nov 2014, at 21:47, Rowan Collins wrote: > > On 01/11/2014 21:10, Alexander Kurilo wrote: >>> What should be done? Trying to keep BC at a minimum by adding an >>> unsetcookie() method and add warnings? Try to detect the deletion of >>> cookies (empty value) and add warnings to keep even m

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 01/11/2014 21:10, Alexander Kurilo wrote: What should be done? Trying to keep BC at a minimum by adding an unsetcookie() method and add warnings? Try to detect the deletion of cookies (empty value) and add warnings to keep even more BC? Just in case: I believe cookies are removed not by settin

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 01/11/14 13:09, Florian Margaine wrote: Hi list, On the PR of the setcookie patch to become compliant with the HTTP RFC, a valid use case for not throwing a warning when running setcookie() twice with the same name: deleting cookies (setcookie('name'

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Hi list, On the PR of the setcookie patch to become compliant with the HTTP RFC, a valid use case for not throwing a warning when running setcookie() twice with the same name: deleting cookies (setcookie('name', '', ...);). It's thus been proposed to add

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 8 September 2014 09:09, Ferenc Kovacs wrote: > On Mon, Sep 8, 2014 at 9:15 AM, Sherif Ramadan > wrote: > >> Actually, we shouldn't be doing that all. We should simply just overwrite >> the header. It wouldn't make much sense to set two headers with the same >> cookie name when we can just over

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

> How about delaying that warning until the headers are sent? I don't think there would be any benefit to that. The only possible scenarios are: i) People sending duplicate headers by accident. When they see the error, they should fix their code, so the error goes away. ii) People who are delibe

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On Mon, Sep 8, 2014 at 9:15 AM, Sherif Ramadan wrote: > Actually, we shouldn't be doing that all. We should simply just overwrite > the header. It wouldn't make much sense to set two headers with the same > cookie name when we can just overwrite it. > > > that would be a bigger BC break, and with

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

On 08/09/14 09:15, Sherif Ramadan wrote: > Actually, we shouldn't be doing that all. We should simply just overwrite > the header. It wouldn't make much sense to set two headers with the same > cookie name when we can just overwrite it. Maybe, but the SAPI_HEADER_* only look for the header name, n

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Actually, we shouldn't be doing that all. We should simply just overwrite the header. It wouldn't make much sense to set two headers with the same cookie name when we can just overwrite it. On Mon, Sep 8, 2014 at 2:50 AM, Tjerk Meesters wrote: > Hi! > > > On Sat, Sep 6, 2014 at 5:38 AM, Florian

Re: [PHP-DEV] setcookie() minor BC break - fixes issue #67736

Hi! On Sat, Sep 6, 2014 at 5:38 AM, Florian Margaine wrote: > Hi, > > This is a minor BC break, but still a BC break, so worth discussing on this > ML. > > When a second setcookie() is done with the same name, a warning is emitted, > because the ietf rfc 6265 says it *should* only send one Set-