Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:117559
Return-Path: <rowan.collins@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 43778 invoked from network); 21 Apr 2022 12:35:35 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 21 Apr 2022 12:35:35 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 68F541804C6
	for <internals@lists.php.net>; Thu, 21 Apr 2022 07:09:35 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <rowan.collins@gmail.com>
Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu, 21 Apr 2022 07:09:34 -0700 (PDT)
Received: by mail-pl1-f175.google.com with SMTP id n8so4996669plh.1
        for <internals@lists.php.net>; Thu, 21 Apr 2022 07:09:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=Gya2bTvuIhcYAxNBZDddNzNB7LDH0xBdJw4DRd9WXYc=;
        b=F0iG83zepq+nlQNRnNe1/CzlRNg8/rjyJf8vVtgl0AiRPtDPYfA2OXmcTsT1eLNWpj
         TsCCfwHrJmZXT/xqvgyz9DWc4XpTgnJM3SE/gPbIkBR5dS/IEr9XQhVVOFOPkLnZeSYX
         X+1hQ2tEJQljxx6+T7z5jiWDudivgSY1/i5RDrJlsChKIAyAmgEW+nDKZv0Uf/9KCigo
         O/ukJru8+nSfsBlSqLdZpdOPp4PVNkyxZqow0o7p639Dk2WCtAOB6vX8niDRCMTpWPwb
         NVXUZRVB79Jx8sEOCM2sXV1IGXprn4BnUR7CDb1YiAwO6UjOjv80Ps86fGLLQFWofzfS
         Y7TA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=Gya2bTvuIhcYAxNBZDddNzNB7LDH0xBdJw4DRd9WXYc=;
        b=nQ/jb0LykiJ8Nkb6A4mkRC8kY705/oyybDz3lp3uzW3rw/8UXvbvyGQlKqW8NqtAVx
         1MPqHyMtFrlXA2pbf+kVDY5pu0VesZj9cKsjM1GZLtoWX/xMsD5zQgTiasR1dvYje7wK
         6MbCh37jq42gOTk1Agp+Mwq34oSF8TbyZMCBKDzeZWuf3UZNAHhsY/K9c3uFhnlPYuYA
         kj2Xr+n2laYKYeJpGssG4b5WfWYBJ7sY4ap8vY4cbWjZIUpKlFe78DeSbrK4AMceJERE
         D38NbtZ7JX3s7gNA9g6z0LWSCHK5KDFox241OukH10v07aZEdBusUsQZfpJH1ItnD1IY
         cl1Q==
X-Gm-Message-State: AOAM531pCBkCjSYOzY5L6/hpLKm4KCUJ/XI1I778VEywyrsP1zIChY2D
	mwiDMRKK08dWP8um8CsZsuKHdR55KPEnJ7P4FhYhgkjCaWw=
X-Google-Smtp-Source: ABdhPJyToLJiCuSrrXKkeldosGrGarVt3SFlQpo1tJd4bpyNhS9fAKxzyuFV401YOAaL52Fw9pl1ydkIuJTRJvQuCQs=
X-Received: by 2002:a17:903:248:b0:155:e8c6:8770 with SMTP id
 j8-20020a170903024800b00155e8c68770mr25004702plh.129.1650550173873; Thu, 21
 Apr 2022 07:09:33 -0700 (PDT)
MIME-Version: 1.0
References: <CAFv4g+Ej4JbM9SzQ0iU-d8C4T+2XNo=8jnJ1uwfQ=skZZXx9Tg@mail.gmail.com>
 <42D0A480-F262-4F72-9C4D-887762A8D800@gmail.com> <CAFv4g+ELZ5ZA6zyDFHCJCM6vSy3MFTvEGS9=zo5ZM1izHQWuFw@mail.gmail.com>
 <0b061f28-a087-efd3-8602-424ee03458e0@gmail.com> <CAFv4g+HROPPx4hT226ypbKZwM_7nq31jJ6+X+RNq_THZDVrJPA@mail.gmail.com>
In-Reply-To: <CAFv4g+HROPPx4hT226ypbKZwM_7nq31jJ6+X+RNq_THZDVrJPA@mail.gmail.com>
Date: Thu, 21 Apr 2022 15:09:21 +0100
Message-ID: <CALKiJKpPri6A35_g4XqWOG4Zm3XMdz4Z3gRFyMTh9V2TxrbYmg@mail.gmail.com>
To: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000cc39bc05dd2aa86e"
Subject: Re: [PHP-DEV] NULL Coercion Consistency
From: rowan.collins@gmail.com (Rowan Tommins)

--000000000000cc39bc05dd2aa86e
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, 20 Apr 2022 at 18:02, Craig Francis <craig@craigfrancis.co.uk>
wrote:
> I'm just trying to focus on how PHP has worked

You keep repeating this mantra, but user-defined functions with declared
parameter types have never accepted nulls, in any mode, unless explicitly
marked with "?" or "=3D null". The fact that internal functions have
parameter parsing behaviour that is almost impossible to implement in
userland, and often not even consistent between functions, is a wart of
engine internals, not a design decision.

All of that, and the "consistency" in the title of your RFC, is a complete
distraction from the real questions:

1) given a null input, and a non-nullable parameter, what should the
run-time do?
2) what is the best way to help users update their code to be compatible
with that new behaviour?


> Agreed, the only thing I'd add... failing early with NULL might help
debug some problems (assuming there is a problem), but I believe static
analysis and unit tests are much better at doing this (e.g. static analysis
is able to see if a variable can be NULL, and apply those stricter checks,
as noted by George with Girgias RFC).


I think we should institute a "swear jar" - whenever someone says "static
analysis could do this better", they have to donate =E2=82=AC1 to the PHP
Foundation. :P

More seriously, 1) your own RFC claims that fewer than 33% of developers
use static analysis; and 2) if PHP had a compile step with mandatory static
analysis, we would still have to decide whether passing NULL to these
functions should be rejected as an error by the static analyser.



> In contrast, failing early at runtime, on something that is not actually =
a
> problem, like the examples in my RFC, creates 2 problems (primarily
> upgrading; but also adding unnecessary code to explicitly cast those
> possible NULL values to the correct type, which isn't needed for the othe=
r
> scalar types).
>


I've been trying not to nit-pick, because I think over-all you do have a
valid point, but several of your examples do not need any extra code to
handle nulls; and those that do need maybe a handful of characters. For
instance, $search =3D ($_GET['q'] ?? ''); is both shorter and clearer than
$search =3D ($_GET['q'] ?? NULL);




> Thank you... but I will add, while `htmlspecialchars()` rejecting NULL
> would get you to look at the code again, I wouldn't say it's directly
> picking up the problem, and it relies on there being a NULL value
> in $fields for this to be noticed (if that doesen't happen, you're now in=
 a
> position where random errors will start happening in production).
>



There are always going to be errors that depend on the value of input, and
unless you have god-like skill at writing tests, some of those will only
happen in production. Saying "this shouldn't happen" doesn't answer the
question of what to do when it does.




> Bit of a tangent, I'm uncomfortable that `$name` is not being HTML
> encoded, which takes us to context aware templating engines, and how you
> can identify these mistakes via the `is_literal` RFC or the
> `literal-string` type.
>


This isn't real code, it's an illustrative example; but if it makes you
feel more comfortable, imagine $name has some deliberate HTML markup in it,
so needs to be echo'd raw.




> That said, if you (or anyone) have any better ideas on how to address thi=
s
> problem, please let me know.
>


I honestly would be more interested in having some string functions return
null for null input than changing existing behaviour to accept null for
non-nullable parameters (interestingly, until PHP 8.0, htmlspecialchars()
could return null, e.g. if given an array). Unfortunately, that would be a
different kind of compatibility break, so I'm not sure it fully solves the
problem.


Regards,
--=20
Rowan Tommins
[IMSoP]

--000000000000cc39bc05dd2aa86e--