On 05/10/2022 22:35, David Gebler wrote:
There are multiple RFC standards for email address format but AFAIK PHP's FILTER_SANITIZE_EMAIL doesn't conform to any of them.
FILTER_SANITIZE_EMAIL is a very short list of characters which claims to be based on RFC 822 section 6: https://heap.space/xref/php-src/ext/filter/sanitizing_filters.c?r=4df3dd76#295
FILTER_VALIDATE_EMAIL doesn't say exactly which standard it's attempting to adhere to; it's one of many long unreadable regexes I've seen online claiming to cover all possible addresses. (Actually, there are now two regexes there, because there's a different version to support FILTER_FLAG_EMAIL_UNICODE). https://heap.space/xref/php-src/ext/filter/logical_filters.c?r=d8fc05c0#651
The idea behind my suggestion for something like is_valid_email (whatever it might be named) is as a step towards deprecating and removing the entire existing filter API, which I think many of us agree is a mess.
You described FILTER_VALIDATE_EMAIL as "notorious for being next to useless"; that gives us two possibilities:
a) A new function will be just as useless, because it will be based on the same implementation b) There is a better implementation out there, which we should start using in ext/filter right now
My gut feel is that (a) is true, and there is no point considering what a new function would be called, because we don't know how to implement it.
Regards, -- Rowan Tommins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
