Opened 17 months ago
Last modified 16 months ago
#48935 new enhancement
Remove strtotime() usage from core
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Date/Time | Keywords: | needs-unit-tests needs-patch |
| Focuses: | Cc: |
Description
strtotime() is routinely used in core for processing timezone-ambiguous input. Since it is affected by default PHP time zone setting (set by core to UTC on boot) it is also vulnerable to this setting being changed by third party code.
Related change of date() to gmdate() in 5.3 release caused some new issues, because in some places while changing default time zone broke things combination of strtotime() and date() meant things got broken by the same amount and outputs were "correct" (ignoring the fact they would be implied in absolutely different time zone from intended).
Dropping use of strtotime() in favor of date parsing with explicit time zone handling (such as DateTimeImmutable objects) is logical next step to make core insensitive to PHP time zone context.
#49120 was marked as a duplicate.