Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:21232 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 18672 invoked by uid 1010); 15 Dec 2005 14:54:01 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 18657 invoked from network); 15 Dec 2005 14:54:01 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Dec 2005 14:54:01 -0000 X-Host-Fingerprint: 80.74.107.235 mail.zend.com Linux 2.5 (sometimes 2.4) (4) Received: from ([80.74.107.235:25049] helo=mail.zend.com) by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP id 20/2F-23096-78381A34 for ; Thu, 15 Dec 2005 09:54:00 -0500 Received: (qmail 25784 invoked from network); 15 Dec 2005 14:53:56 -0000 Received: from localhost (HELO zeev-notebook.zend.com) (127.0.0.1) by localhost with SMTP; 15 Dec 2005 14:53:56 -0000 Message-ID: <7.0.0.16.2.20051215165003.087226a0@zend.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.0.16 Date: Thu, 15 Dec 2005 16:53:56 +0200 To: Greg Beaver Cc: Stefan Walk ,php-dev In-Reply-To: <43A17EC3.6080606@php.net> References: <43A0F0BB.6080009@chiaraquartet.net> <4858f9d90512150059x71eec489t@mail.gmail.com> <43A17EC3.6080606@php.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: [PHP-DEV] why is '01' == '1.'? From: zeev@zend.com (Zeev Suraski) At 16:33 15/12/2005, Greg Beaver wrote: >Stefan Walk wrote: > > See http://bugs.php.net/bug.php?id=23110 > > > > It's definitely a gotcha, especially if you use switch(){}, as there > > is no way to do strict type checking there. > >Please reconsider the decision to leave this bug open in PHP, any >unexpected behavior in an operator as fundamental as == is VERY >dangerous, and if used improperly could lead to security holes (i.e. >unexpectedly, input that does not match could match a strict filter >based on ==) > >I understand the rationale behind loosely typed comparison, and use it >myself, but this is beyond loosely typed, it is explicitly changing type >in an irrational way, as it only applies in certain cases. Greg, A lot of thought has been put into the current behavior, which was decided upon probably around 8+ years ago. While I'm not positive we made the right decision back then (even though I think we did) - changing this behavior is completely out of the question. It's not a bug, it's a well-documented feature ("strings that look like numbers behave like numbers"), and changing it would effect an enormous amount of applications. In order to change such a fundamental behavior there have to be clear-cut compelling reasons, and no compelling reasons against - which is clearly not the case. Zeev