On 03/26/2010 05:39 AM, Johannes Schlüter wrote: > On Tue, 2010-03-23 at 18:08 +0000, Rasmus Lerdorf wrote: >> rasmus Tue, 23 Mar 2010 18:08:06 +0000 >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=296685 >> >> Log: >> Switch default_charset, if not specified, from ISO-8859-1 to UTF-8 >> I have been wanting to make this change for years, but there is a small >> chance of BC issues, so it shouldn't go into a minor release. > > I in "my world" this isn't just a small chance of a break. Over here > every application has to deal with non-ASCII characters (äöüßÄÖÜ). Many > "average" applications don't set the encoding, most don't care. > > With the environments using more and more Utf-8 (operating system > environments, editor defaults, ...) the change is good but it is no > small thing but will cause "trouble" for many users having iso-8859-1 > texts in their database and getting broken pages after the upgrade and > we should advise users to mind their encodings! > > Fixing applications is easy, getting the knowledge to our users is hard.
Advertising
Well, they don't necessarily have to fix their application. They can just put: default_charset=iso-8859-1 in their php.ini. But, I also consider it a security fix. There are a lot of apps out there that assume utf-8, but don't explicitly set it in PHP. They will send an http-equiv meta header specifying utf-8, but since they haven't told PHP they are in utf-8, functions like htmlspecialchars and htmlentities will not strip out invalid utf-8 characters which causes XSS problems. -Rasmus -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
