Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:117634
Return-Path: <guilliam.xavier@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 49796 invoked from network); 27 Apr 2022 09:55:12 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 27 Apr 2022 09:55:12 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id D723C1804A8
	for <internals@lists.php.net>; Wed, 27 Apr 2022 04:30:41 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <guilliam.xavier@gmail.com>
Received: from mail-yb1-f169.google.com (mail-yb1-f169.google.com [209.85.219.169])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 27 Apr 2022 04:30:41 -0700 (PDT)
Received: by mail-yb1-f169.google.com with SMTP id f38so2817208ybi.3
        for <internals@lists.php.net>; Wed, 27 Apr 2022 04:30:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=XI7Nl8ukiF87dm5oCLlwuq+ioZxUa947KH1gDi46gDA=;
        b=Q9P/jU2iMlpNqwwfbtAP5DLYQRcMxucUkuBODfPe0GHo7Tt73T7j08sXghoqjv+tJS
         zQlNlFyZEIzciJErcgLzsbvLnBUY+/OueV1F/ScvV6IDOw8qtjZldNiZOUfOIw7iGDmG
         WzXoJy4tIW5RQCEupxM/FTFo4ntdvzreoyYkjCCSUlZgPsYcU8lyDNZpNpCBJFq53Km/
         a1LdPMM/NJbdjQkd7umLlMuRucGBz5U8pAgCivwPSBiO1ndeMVGVS57OmxKR36f0BpFO
         93ZpmR98OlT1BoEX+qicpsXC7yzNapYsrhw6luky0mJia687kKdcy7209IAs2Xql62vs
         kKQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=XI7Nl8ukiF87dm5oCLlwuq+ioZxUa947KH1gDi46gDA=;
        b=rp/G4IzYLni1XmAvq9wrx7AxYIzECCmUbkm8tVNBX+cq0pHS+xmtBKWaP7NgbGZx5J
         tUi9+gMNMnPoFGQGDZoqWIq51FcUkGdjr52/dhcieK4yg9YnCRyI8RA5DcDLWJ3XtJeS
         ZiqBl9l93w1g8irpM3mP67P+h3tfRUfGEetgOFbLPh1MjbV76MRrHKSHZC/HKzQ/FEPb
         EX4gV11K501vsJUEyuoAV49iic0rG+jOxxBQ4+r9M44PPfAh5AIqUlHAbp1rndeh4Iw2
         J5xGHcCKWX+ydRBaW5LoBemWTW7jqZMlGDpUtg8Fq+TAe91U9DaLV0Mj8DDzysiyWNBY
         xUHg==
X-Gm-Message-State: AOAM531xaVO+z1oa5kgji0Gr7m0Wd6ltOfT4HrTDVxPqwpvPS1dJ4bAF
	fk8hmBIayxEYbiop6bxf3LehbpM6tm4+PX5T0q3U7otB3Q==
X-Google-Smtp-Source: ABdhPJwxusiyfD6+Ptj1X864eVYsGwiXy1kb1Vz7FveHj6CL/tBilgvQWoaPfZM3k6/1+Et37rTS61X1U7cubyf3cEQ=
X-Received: by 2002:a25:a148:0:b0:641:d14b:ddd3 with SMTP id
 z66-20020a25a148000000b00641d14bddd3mr26113684ybh.402.1651059040758; Wed, 27
 Apr 2022 04:30:40 -0700 (PDT)
MIME-Version: 1.0
References: <3fcdfa2c-7a9c-d634-ea56-8b1e5bf1a911@gmx.net> <C7ADCE20-81E1-4F7C-B0B7-1D32173A3E5B@cschneid.com>
 <bcec65a6-8c71-a66b-f834-81cbf12794f9@gmail.com> <5ceeb3f0-0f01-8b93-00ca-9947c9c69e4c@gmx.net>
 <73775976-c23d-0ee1-3ea2-ffb39431fc50@gmail.com>
In-Reply-To: <73775976-c23d-0ee1-3ea2-ffb39431fc50@gmail.com>
Date: Wed, 27 Apr 2022 13:30:31 +0200
Message-ID: <CAC5V6gjyRKCbyaBo+oqaBb78TF25Gu1XLYtSSMVubaqd0V62Pw@mail.gmail.com>
To: internals@lists.php.net
Content-Type: multipart/alternative; boundary="000000000000a0afee05dda1234c"
Subject: Re: [PHP-DEV] Stricter implicit boolean coercions
From: guilliam.xavier@gmail.com (Guilliam Xavier)

--000000000000a0afee05dda1234c
Content-Type: text/plain; charset="UTF-8"

> > 'on' is only true by "accident" though, because it is a non-empty
> > string, not because of its meaning, and then it is likely that the value
> > 'off' could also be added at some point - which also would be true.
>
> The reason I gave that particular example is that it's the default
> submission value for an HTML checkbox when checked; if it's not checked,
> it has no value at all (not even an empty string), so in that particular
> context there is no corresponding "off".
>

That's why you must test it with isset($_POST['checkbox_name']), *not* with
(bool)$_POST['checkbox_name'] or an implicit conversion.

if ( $nullable_float = type_coerce_or_return_default('?float', $var,
> false) === false ) { throw new TypeError; }
>

Missing parentheses around the assignment (VS the comparison)!


Only allowing the following values would make sense
> from my perspective:
>
> '1' => true
> 1 => true
> 1.0 => true
> '' => false
> '0' => false
> 0 => false
> 0.0 => false
>

Seems a reasonable compromise (between BC and bugs-protection).

Regards,

-- 
Guilliam Xavier

--000000000000a0afee05dda1234c--