Need to Remove strtotime() usage from core

[Rarst]

strtotime() is routinely used in core for processing timezone-ambiguous input. Since it is affected by default PHP time zone setting (set by core to UTC on boot) it is also vulnerable to this setting being changed by third party code.

Related change of date() to gmdate() in 5.3 release caused some new issues, because in some places while changing default time zone broke things combination of strtotime() and date() meant things got broken by the same amount and outputs were "correct" (ignoring the fact they would be implied in absolutely different time zone from intended).

Dropping use of strtotime() in favor of date parsing with explicit time zone handling (such as DateTimeImmutable objects) is logical next step to make core insensitive to PHP time zone context.

[Rarst]

#49120 was marked as a duplicate.

Trac ticket: https://core.trac.wordpress.org/ticket/48935

[rajanpanchal2028]

Yes @Rarst ,
The function strtotime() is commonly utilized in the core of PHP for handling input that is ambiguous with regards to time zones. However, this function is susceptible to the default PHP time zone setting, which is initially set to UTC by the core upon boot. As a result, if third-party code modifies this setting, it can affect the behavior of strtotime().

In the 5.3 release, a switch from date() to gmdate() caused new issues because changing the default time zone caused problems with the combination of strtotime() and date(). Although the output appeared to be correct, it was actually in a completely different time zone than intended.

To mitigate this issue, it is recommended to replace the use of strtotime() with explicit time zone handling through date parsing, such as by using DateTimeImmutable objects. By doing so, the core of PHP can become less reliant on the PHP time zone context and therefore more resilient to changes in the default time zone setting.