Hi Nikita, > On 5 Jul 2019, at 12:37, Nikita Popov <nikita....@gmail.com> wrote: > >> On Tue, Jul 2, 2019 at 8:22 PM Matteo Beccati <p...@beccati.com> wrote: >> Hi Nikita, >> >> On 02/07/2019 15:07, Nikita Popov wrote: >> > Friendly reminder that this RFC needs to go into voting until Monday >> > (preferably earlier) to make it into 7.4. >> >> Thanks! Without the reminder, I would probably have missed it. >> >> > Here's my feedback: >> > >> > * I would prefer to make escaping not driver-sensitive, as the current >> > implementation is. Whether ?? is interpreted as a single ? or ?? should not >> > depend on the driver. >> >> Most of the feedback I had was quite the opposite (fear of desruption in >> the other drivers). In fact in the latest iteration, I went for PDO API >> setting, that lets the driver decide whether or not to enable the >> feature, which means only pdo_pgsql would be affected: >> >> https://github.com/mbeccati/php-src/commit/b8a9703b805e0dffd618823656c8610777efdc3e > > This sounds nice now -- but what if another database adds an operator using ? > in the future? We'd have to enable support for ? escaping at that point. This > would leave us with a mess where ? escaping is available or not available > depending on the specific combination of database driver + PHP version you > are using. As the BC concern here seems to be purely theoretical (as far as I > can see), it seems better to do this for all drivers at the same time.
Makes sense and it’s a very good point. >> > * I would prefer to use \? instead of ?? for escaping. The former is much >> > more easily understood by a PHP developer and has less chance of clashing >> > with operators (PHP itself has a ?? operator, it's not so absurd to think >> > that it also exists elsewhere). The RFC argues against this because it >> > makes writing a literal \? harder (which would be \\\\?), but I think that >> > a) the need for a literal \? seems rather rare and b) double-escaping is >> > already a well-understood problem for anyone who ever used regular >> > expressions. >> >> Fair enough. Tbh, I have no strong preference... Would "\?" require also >> implementing escape of the escape? Would that require some re2c magic? > > Yeah, we'd probably need to support escape of the escape for consistency, > even if nobody needs it. Overall I'm okay either way here. I think \? will be > more obvious for PHP programmers, but seeing the JDBC document you linked > (https://jdbc.postgresql.org/documentation/head/statement.html) there is > existing precedent for using ?? and it may be worthwhile to follow it. Would it be possible or even recommended to add a second vote to decide which one to use? Cheers
