Since long the default PHP charset is UTF-8, however the Windows part is
out of step with this important point. The current implementation in PHP
doesn't technically permit to handle UTF-8 filepath and several other
things. Till now, only the ANSI compatible APIs are being used. Here is more
about it
dd317752%28v=vs.85%29.aspx
The patch fixes not only issues with multibyte filenames under
incompatible codepages, but indirectly also issues with some other multibyte
encodings like BIG5, Shift-JIS, etc. by providing a clean way to access
filenames in UTF-8. Below is a small list of issues from the bug tracker,
that are getting fixed:
https://bugs.php.net/63401https://bugs.php.net/41199https://bugs.php.net/50203https://bugs.php.net/71509https://bugs.php.net/64699https://bugs.php.net/64506https://bugs.php.net/30195https://bugs.php.net/65358https://bugs.php.net/61315https://bugs.php.net/70943https://bugs.php.net/70903https://bugs.php.net/63593https://bugs.php.net/54977https://bugs.php.net/54028https://bugs.php.net/43148https://bugs.php.net/30730https://bugs.php.net/33350https://bugs.php.net/35300https://bugs.php.net/46990https://bugs.php.net/61309https://bugs.php.net/69333https://bugs.php.net/45517https://bugs.php.net/70551https://bugs.php.net/50197https://bugs.php.net/72200https://bugs.php.net/37672
Yet more related tickets can for sure be found - on bugs.php.net, Stackoverflow
and Github. Some of the bugs are pretty recent, some descend to early
2000th, but the user comments in there last even till today. Just for example,
bug #30195 was opened in 2004, the latest comment in there was made in 2014. It
is certain, that these bugs descend not only to pure PHP use cases, but get also
redirected from the popular PHP based projects. Given the modern systems (and
those supported by PHP) are always based on NTFS, there is no excuse to keep
these issues unresolved.
The internalization approach on Windows is in many ways different from
UNIX and Linux, while it supports and is based on Unicode. It depends on the
current system code page, APIs used and exact kind how the binary was compiled
The locale doesn't affect the way Unicode or ANSI API work. PHP in particular
is being compiled without _UNICODE defined and this is conditioned by the
way we handle strings. Here is more about it
https://msdn.microsoft.com/en-us/library/tsbaswba.aspx
However, with any system code page ANSI functions automatically convert
paths to UTF-16. Paths in some encodings incompatible with the
current system code page, won't work correctly with ANSI APIs. PHP
till now only uses the ANSI Windows APIs.
For example, on a system with the current code page 1252, the paths
in cp1252 are supported and transparently converted to UTF-16 by the
ANSI functions. Once one wants to handle a filepath encoded with cp932 on
that particular system, an ANSI or a POSIX compatible function used in
PHP will produce an erroneous result. When trying to convert that cp932 path
to UTF-8 and passing to the ANSI functions, an ANSI function would
likely interpret the UTF-8 string as some string in the current code page and
create a filepath that represents every single byte of the UTF-8 string.
These behaviors are not only broken but also disregard the documented
INI settings.
This patch solves the issies with the multibyte paths on Windows by
intelligently enforcing the usage of the Unicode aware APIs. For
functions expect Unicode (fe CreateFileW, FindFirstFileW, etc.), arguments
will be converted to UTF-16 wide chars. For functions returning Unicode
aware data (fe GetCurrentDirectoryW, etc.), resulting wide string is
converted back to char's depending on the current PHP charset settings,
either to the current ANSI codepage (this is the behavior prior to this patch)
or to UTF-8 (the default behavior).
In a particular case, users might have to explicitly set
internal_encoding or default_charset, if filenames in ANSI codepage are
necessary. Current tests show no regressions and witness that this will be an
exotic case, the current default UTF-8 encoding is compatible with any
supported system. The dependency libraries are long switching to Unicode APIs,
so some tests were also added for extensions not directly related to streams.
At large, the patch brings over 150 related tests into the core. Those target
and was run on various environments with European, Asian, etc. codepages.
General PHP frameworks was tested and showed no regressions.
The impact on the current C code base is low, the most places affected
are the Windows only places in the three files tsrm_win32.c, zend_virtual_cwd.c
and plain_wrapper.c. The actual implementation of the most of the wide
char supporting functionality is in win32/ioutil.* and win32/codepage.*,
several low level functionsare extended in place to avoid reimplementation for
now. No performance impact was sighted. As previously mentioned, the ANSI APIs
used prior the patch perform Unicode conversions internally. Using the
Unicode APIs directly while doing custom conversions just retains the status
quo. The ways to optimize it are open (fe. by implementing caching for the
strings converted to wide variants).
The long path implementation is user transparent. If a path exceeds the
length of _MAX_PATH, it'll be automatically prefixed with \\?\. The MAXPATHLEN
is set to 2048 bytes.
Appreciation to Pierre Joye, Matt Ficken, @algo13 and others for tips, ideas
and testing.
Thanks.
* origin/master: (398 commits)
NEWS
add test for bug #68381
Fixed bug #68381 Set FPM log level earlier during init
proper dllexport
move to size_t where zend_string is used internally
fix some datatype mismatches
return after the warning, to fix uninitialized salt usage
fix datatype mismatches
add missing type specifier
fix datatype mismatches
fix unsigned check
"extern" shouldn't be used for definitions
joined identical conditional blocks
simplify fpm tests
SEND_VAR_NO_REF optimization
Add test for bug #68442
Add various tests for FPM - covering recent bugs (68420, 68421, 68423, 68428) - for UDS - for ping and status URI - for multi pool and multi mode
Include small MIT FastCGI client library from https://github.com/adoy/PHP-FastCGI-Client
Get rid of zend_free_op structure (use zval* instead). Get rid of useless TSRMLS arguments.
Add new FPM test for IPv4/IPv6
...
Conflicts:
win32/build/config.w32
* PHP-5.6:
fix output globals importing
export output globals
use portable strndup implementation
unix sockets aren't available on windows
dll export APIs needed by phpdbg
fix sapi/phpdbg/config.w32
Don't treat warnings as failures in the junit output
* origin/master: (214 commits)
fix datatype mismatch warnings
fix datatype mismatches
fix datatype mismatches
fix datatype mismatches
fix datatype mismatch warnings
fix datatype mismatch warnings
fix datatype mismatch warnings
fix datatype mismatch warning
fix datatype mismatches
fix datatype mismatch warnings
Re-add phpdbg to travis
Added some NEWS
Make xml valid (missing space between attrs)
Fix info classes file name in xml
Add note about <eval> tag for errors in xml.md
Name the tag <eval> if the error id during ev cmd
Do not print out xml as PHP print...
Fix output to wrong function
Fixed parameter order on %.*s
Too much copypaste...
...
TLS is already used in TSRM, the way exporting the tsrm cache through
a thread local variable is not portable. Additionally, the current
patch suffers from bugs which are hard to find, but prevent it to
be worky with apache. What is done here is mainly uses the idea
from the RFC patch, but
- __thread variable is removed
- offset math and declarations are removed
- extra macros and definitions are removed
What is done merely is
- use an inline function to access the tsrm cache. The function uses
the portable tsrm_tls_get macro which is cheap
- all the TSRM_* macros are set to placebo. Thus this opens the way
remove them later
Except that, the logic is old. TSRMLS_FETCH will have to be done once
per thread, then tsrm_get_ls_cache() can be used. Things seeming to be
worky are cli, cli server and apache. I also tried to enable bz2
shared and it has worked out of the box. The change is yet minimal
diffing to the current master bus is a worky start, IMHO. Though will
have to recheck the other previously done SAPIs - embed and cgi.
The offsets can be added to the tsrm_resource_type struct, then
it'll not be needed to declare them in the userspace. Even the
"done" member type can be changed to int16 or smaller, then adding
the offset as int16 will not change the struct size. As well on the
todo might be removing the hashed storage, thread_id != thread_id and
linked list logic in favour of the explicit TLS operations.
* origin/master:
Fix tests/serialize/bug64146.phpt
Remove zend_dynamic_array
Remove static allocator
Fixed typo
Fix list() destructuring to special variables
Remove php_varname_check
Avoid useless reference counting
Specialization (only IS_VAR ad IS_CV operands may be references)
Optimized unset()
Make error paths to be UNEXPECTED
Replace IS_OP?_TMP_FREE() with more clear (OP?_TYPE == IS_TMP_VAR)
The var hash now retains a reference to its elements, to ensure
that addresses are not reused.
Furthermore the var hash now only stores objects and references
and directly uses their pointer as key, thus making serialization
about two times faster.
directive is set in activation time). This commit fixes this by adding a per
request parsing of the browscap file that's when get_browser is called the
first time and the directive is set on activation time.w
to be called as all the headers are being sent and after all
of the default headers have been merged.
headers_list(), header_remove() and header() can all be used
inside the callback.
<?php
header('Content-Type: text/plain');
header('X-Test: foo');
function foo() {
foreach (headers_list() as $header) {
if (strpos($header, 'X-Powered') !== false) {
header_remove('X-Powered-By');
}
header_remove('X-Test');
}
}
$result = header_register_callback('foo');
echo "a";
- Added mechanism to force outer streams to be closed before their inner ones.
- Fixed temp:// streams only handling correctly (through an ad hoc mechanism) reverse closing order
when the inner stream is of type memory.
remains.
- Fixed bug on determine_charset that was preventing correct detection in
combination with internal mbstring encoding "none", "pass" or "auto".
- Added profiles for entity encode/decode for HTMl 4.01, XHTML 1.0, XML 1.0
and HTML 5. Added the constants ENT_HTML401, ENT_XML1, ENT_XHTML and
ENT_HTML5.
- htmlentities()/htmlspecialchars(), when told not to double encode, verify
the correctness of the existenting entities more thoroughly.
It is checked whether the numerical entity represents a valid unicode code
point (number is between 0 and 0x10FFFF). If using the flag ENT_DISALLOWED,
it is also checked whether that numerical entity is valid in selected
document. In HTML 4.01, all the numerical entities that represent a Unicode
code point (< U+10FFFFFF) are valid, but that's not the case with other
document types. If the entity is not valid, & is encoded to &.
For named entities, the check is also more thorough. While before the only
check would be to determine if the entity was constituted by alphanumeric
characters, now it is checked whether that entity is necessarily defined for
the target document type. Otherwise, & is encoded to &.
- For html_entity_decode(), only valid numerical and named entities (as defined
above for htmlentities()/htmlspecialchars() + !double_encode) are decoded.
But there is in this case one additional check. Entities that represent
non-SGML or otherwise invalid characters are not decoded. Note that, in
HTML5, U+000D is a valid literal character, but the entity 
 is not
valid and is therefore not decoded.
- The hash tables lazily created for decoding in html_entity_decode() that were
added recently were substituted by static hash tables. Instead of 1 hash
table per encoding, there's only one hash table per document type defined in
terms of unicode code points. This means that for charsets other than UTF-8
and ISO-8859-1, a conversion to unicode code points is necessary before
decoding.
- On the encoding side, the ad hoc ranges of entities of the translation
tables, which mapped (in general) non-unicode code points to HTML entities
were replaced by three-stage tables for HTML 4 and HTML 5. This mapping
tables are defined only in terms of unicode code points, so a conversion
is necessary for charsets other than UTF-8 and ISO-8859-1. Even so, the
multi-stage table is much faster than the previous method, by a factor
of 5; the conversion to unicode is a small penalty because it's just a
simple table lookup.
XML 1.0/htmlspecialchars() uses a simple table instead of a three-stage
table.
- Added the flag ENT_SUBSTITUTE, which makes htmlentities()/htmlspecialchars()
replace the invalid multibyte sequences with U+FFFD (UTF-8) or &#FFFD;
(other encodings).
- Added the flag ENT_DISALLOWED. Implements FR #52860. Characters that cannot
appear literally are replaced by U+FFFD (UTF-8) or &#FFFD; (otherwise).
An alternative implementation would be to encode those characters into
numerical entities, but that would only work in HTML 4.01 due to limitations
on the values of numerical entities in other document types. See also the
effects on htmlentities()/htmlspecialchars() with !double_encode above.
- Dramatic improvements on the performance of html_entity_decode and htmlspecialchars_decode, as the
string is now traversed only once. Speedups of 20 to 25 times with Windows release builds and a
~250 characters string (for 2nd and subsequent calls).
- Consistent behavior on html_entity_decode. For instance, the entity in "&<" would be decoded,
but not "&é". Not anymore. The code path for "basic" and non-basic entities is now mostly
shared.
- Code of html_entity_decode and htmlspecialchars_decode is now shared.
- [DOC] More consistent behavior of htmlspecialchars_decode. Instead of translating only <, >,
&, ", ' and ', now e.g. ", ', ', ', etc. are also decoded.
- [DOC] Previous translation of unicode code points in numerical entities was seriously broken. When
the code points for some character were not the same in unicode and the target encoding, the
behavior could be an erroneous translation (e.g. 0x80-0xA0 in win-1252) or no translation at all.
Added unicode translation tables for all single-byte encodings. Entities are not translated for
multi-byte entities, except for ASCII characters whose code points are shared. We could add
the huge translation tables (several thousand elements) for those encodings in the future.
- Fixed numerical entities that after # had text accepted by strcol being accepted.
- Much more commented and well-structured code...
- Tests for get_html_translation_table()) are broken. I stared fixing the tests, but then I realized
it was completely helpless because get_html_translation_table() is broken by not handling
multi-byte characters correctly.
