Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:113103 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 82683 invoked from network); 6 Feb 2021 19:47:54 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 6 Feb 2021 19:47:54 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id DC53D1804DC for ; Sat, 6 Feb 2021 11:32:11 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_00,BODY_8BITS, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sat, 6 Feb 2021 11:32:10 -0800 (PST) Received: by mail-wr1-f47.google.com with SMTP id p15so11934638wrq.8 for ; Sat, 06 Feb 2021 11:32:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=kaGreYbrQ6HsFqFWLNvJ5jUQUrEDUV64UPnRVo3CgT4=; b=oT3txaiLgJGJ/NfebN0l7lTuLwRX5MIMA2SAg7KCr4Z2ffwL+UcaHV6GFcSGTh6ggz 4FNOfgGSel6S/xSXQhpWUEamjThJ4bM0ngl9kQMwxQt0wC4UP94c31hafL0yvF/sSQmn zWjHNKsdBKvwqa/3gE99evoF7u6CCXz238LOBzPfrAgtcEff3XIEkhoWLoRYhvdZpKch m1dCcpaPKJH3f0zWoHRR9PvuNZzkvhuXqhBaEfklbLtvjll2oXQVwsVhZiBC41RFiJBm 8lwmI2/awKx/YjwUHaLX2uf7tlhZrQvC6Cs8eRsXuHI7ua5kMW2V4LdozV4H4Q5J9Nvt 9IVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=kaGreYbrQ6HsFqFWLNvJ5jUQUrEDUV64UPnRVo3CgT4=; b=Vo6nreDprMgY+xJO/Rk4cNk41cq4kuRde7AdAq9HKe1w5qqzTQctWm1wbUzFfJLY3I UaadGa/KKqKIuhwL8Arg/fXKPo43AwV1TPWc2K3oDvJJrLTA1bnA889tszLYE4bqVERL v+8gSYbyHb49gPmzTl6chsGmBHL4swrnNn1OeyQDpEIawGOqfHYyDCJbso7gqs0MVFkG 1wJbnt95aNViQJGnV3G4DddlFWC3WwikBPISpHs4k64CHkGWN5RwXwS0ayDZ9dYBUMym 8DNuVwLGFvxlNQvajnhlVETA9FtOvTjpWQ5GR/r9hMENK6SEJ9XZf/M4aB8JapVBLqXR YBpg== X-Gm-Message-State: AOAM533XBNkjRcvurrvGj1fjEqBxmjDzWutxBkWlLcH6zanuAs2R/Q5Q c2UtL7uQ10ko157Q3pGyDC/ct8o5FMg= X-Google-Smtp-Source: ABdhPJxKFXvherO/dsw738Lz7asjhvd0AsEQX+d+K4+fSxw58lHpB/dugGETUw9IOw6MLFxWsC6a8A== X-Received: by 2002:a5d:5544:: with SMTP id g4mr11324422wrw.59.1612639927415; Sat, 06 Feb 2021 11:32:07 -0800 (PST) Received: from [192.168.0.22] (cpc104104-brig22-2-0-cust548.3-3.cable.virginm.net. [82.10.58.37]) by smtp.googlemail.com with ESMTPSA id m18sm22560622wmq.1.2021.02.06.11.32.06 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 06 Feb 2021 11:32:06 -0800 (PST) To: internals@lists.php.net References: <248543D8-4266-4495-9FC4-762A63625A93@cschneid.com> Message-ID: <0d04114d-d90a-913d-627e-16006ec655ef@gmail.com> Date: Sat, 6 Feb 2021 19:32:04 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 In-Reply-To: <248543D8-4266-4495-9FC4-762A63625A93@cschneid.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB Subject: Re: [PHP-DEV] [RFC] Warning for implicit float to int conversions From: rowan.collins@gmail.com (Rowan Tommins) On 06/02/2021 14:47, Christian Schneider wrote: > I'm sure there is a lot of code which takes user input and uses (int) casts to ensure they are dealing with integers. > There is also intval() as an alternative but my guess would be that real world code uses 50% (int) and 50% intval() to do this. My thoughts exactly. Code along these lines is common and, in my opinion, perfectly reasonable: $id = (int)$_GET['id']; if ( $id !== 0 ) {      // throw an exception, return false, look up a default, etc, as the application's design requires } // proceed knowing that $id is a non-zero integer I would however welcome a new function or syntax that either performs a "strict cast" (producing an error if the cast is lossy in any way) or checks in advance if a cast *would be* lossy. Regards, -- Rowan Tommins [IMSoP]