On 2 November 2014 13:49:15 GMT, Dan Ackroyd <dan...@basereality.com> wrote: >Andrea wrote: >>Perhaps it would be worth ditching any attempts to change setcookie() >(just keep it around for backwards-compatibility), and to instead add a >new function, function family, or indeed class for cookie handling. >> >>Thoughts? Any idea what such an API might look like? > > >I think this API could and should exist totally in userland. > >Although it's nice that PHP ships with basic session support with it, >the exact details of session handling actually involve non-trivial >business logic
Wait, what does session handling have to do with any of this? We're talking about setting, manipulating, and clearing cookies here, not trying to second guess what people are using them for. Cookie-handling APIs are pretty much universally awful, from the HTTP headers themselves to JS's document.cookie voodoo. setcookie() is part of that trend, with its long list of positional parameters which need specifying every time. If a new flexible high-level API for HTTP response logic, along the lines of pecl/http or PSR-7, were introduced, it might be nice to attempt something less ugly as part of that effort. I'd tend to agree, though, that the bug as raised should be treated as user error, or ill-advised user intention, by the existing low-level API. -- Rowan Collins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
