On Saturday, 29 June 2024 at 22:23, mickmackusa <[email protected]> wrote:
>> If one can easily use a function incorrectly in a way that is not
>> *immediately* apparent, then I consider the function to be badly
>> designed.
>
> Does that philosophy also cover preg_quote()? I've lost count of the number
> of times that I've seen it used in Stack Overflow answers without a second
> parameter (including array_map('preg_quote', $array)) and its returned value
> used in a regex that has foward slashes as delimiters.
>
> Additionally, it is an unintuitively named function; it doesn't actually
> "quote" anything -- it \e\s\c\a\p\e\s characters. This makes life
> unnecessarily harder for devs who are new to PHP who need to find the regex
> escaping function.
>
> Would it be reasonable to create `preg_escape()` which also (sometimes
> unnecessrily) includes the (de facto default delimiter) forward slash in its
> default list of escaped characters so that preg_quote() could eventually be
> deprecated? As far as I know this would do no harm, will prevent holes in
> code, and make PHP more intuitive.
It would possibly be reasonable, but this is a seperate discussion to this.
Arguably a lot of functions/methods named "quote" do escaping, so this feels
like a more general problem than just ext/pcre.
Moreover, I really don't think people use a forward slash as a defacto default
delimiter, I have always use # as this is what the first tutorial about regexes
that I read used.
Best regards,
Gina P. Banyard
>
