Forgive me if I'm contacting the wrong list. If I am, someone please tell me who I should contact about this.
I have been telling noob programmers for years to use filter_var with FILTER_VALIDATE_URL to validate urls but recently ran into some pretty disappointing behavior with it. It would appear from this 10-year-old bug report and the source code that il...@php.net made some pretty drastic changes to "fix" a problem: https://bugs.php.net/bug.php?id=39898 A friend helping me look into it says there was apparently a change between 5.2.0 and 5.2.1 that removed some important-looking flag handling: > diff museum.php.net/php5/php-5.2.0/ext/filter/logical_filters.c museum.php.net/php5/php-5.2.1/ext/filter/logical_filters.c > diff.txt ... 488,491c457,460 < if ( < ((flags & FILTER_FLAG_SCHEME_REQUIRED) && url->scheme == NULL) || < ((flags & FILTER_FLAG_HOST_REQUIRED) && url->host == NULL) || < ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) || < ((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL) < ) { <bad_url: < php_url_free(url); < RETURN_VALIDATION_FAILED --- > if ( > url->scheme == NULL || > /* some schemas allow the host to be empty */ > (url->host == NULL && (strcmp(url->scheme, "mailto") && strcmp(url->scheme, "news") && strcmp(url->scheme, "file"))) || > ((flags & FILTER_FLAG_PATH_REQUIRED) && url->path == NULL) || ((flags & FILTER_FLAG_QUERY_REQUIRED) && url->query == NULL) > ) { >bad_url: > php_url_free(url); > RETURN_VALIDATION_FAILED The docs here also say that this function supports the nearly-20-year-old RFC 2396, which has been obsoleted by RFC 3986 (which, in turn, is updated by 6874 and 7320) http://php.net/manual/en/filter.filters.validate.php Contrary to what the docs say, FILTER_FLAG_SCHEME_REQUIRED and FILTER_FLAG_HOST_REQUIRED don't do anything. This is very disappointing and should probably be remedied -- at the very least the documentation should be updated to remove the ignored flags. There appear to be quite a few problems with the function: https://bugs.php.net/search.php?cmd=display&search_for=FILTER_VALIDATE_URL
