Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:60469 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 56705 invoked from network); 5 May 2012 16:17:35 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 May 2012 16:17:35 -0000 Authentication-Results: pb1.pair.com smtp.mail=ceo@l-i-e.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=ceo@l-i-e.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain l-i-e.com designates 67.139.134.202 as permitted sender) X-PHP-List-Original-Sender: ceo@l-i-e.com X-Host-Fingerprint: 67.139.134.202 o2.hostbaby.com FreeBSD 4.7-5.2 (or MacOS X 10.2-10.3) (2) Received: from [67.139.134.202] ([67.139.134.202:3897] helo=o2.hostbaby.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 84/A4-30075-E9255AF4 for ; Sat, 05 May 2012 12:17:34 -0400 Received: (qmail 5032 invoked by uid 98); 5 May 2012 16:17:34 -0000 Received: from localhost by o2.hostbaby.com (envelope-from , uid 1013) with qmail-scanner-2.05 ( Clear:RC:1(127.0.0.1):. Processed in 0.037427 secs); 05 May 2012 16:17:34 -0000 Received: from localhost (HELO www.l-i-e.com) (127.0.0.1) by localhost with SMTP; 5 May 2012 16:17:34 -0000 Received: from webmail (SquirrelMail authenticated user ceo@l-i-e.com) by www.l-i-e.com with HTTP; Sat, 5 May 2012 11:17:34 -0500 Message-ID: <733bc8ea59cf6737563a62886e92fcb6.squirrel@www.l-i-e.com> In-Reply-To: <4F847B8A.9010007@sugarcrm.com> References: <4F847B8A.9010007@sugarcrm.com> Date: Sat, 5 May 2012 11:17:34 -0500 To: "PHP Internals" User-Agent: SquirrelMail/1.4.21 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: Re: [PHP-DEV] [off] PHP: a fractal of bad design From: ceo@l-i-e.com ("Richard Lynch") On Tue, April 10, 2012 1:27 pm, Stas Malyshev wrote: > Hi! > >> Scroll down a bit; he gets into valid points about the == operator, >> for instance. It's not a useless post. He does cite too many things >> that he has to follow up himself by saying "this was fixed in PHP >> 5.x.y." If it was fixed, why is it on your laundry list still? > > What exactly valid points? == is a converting operator, === is a > strict > operator. OK, in his favorite language it is not. Where exactly the > valid point is? Author goes at great lengths to refuse to make even a > slight mental effort to understand how it works (really, it's not that > hard) and then complains it's "useless". Well, a lot of things would > be > useless if you don't want to know how to use them. He has a few valid points in the part I read before I got bored... $a = "123ABF453..."; //a password $b = "123DFEABC..."; //another one if ($a == $b){ //you're in. } Yes, one should have validated the input... But you don't have to be THAT naive to think that the hashed value of an SQL injection attack just isn't going to work, so it's "safe"... I'll bet I have some of these in my (recent) code, for that matter. On the other hand, if you accept type juggling, you have to expect the other cases he has for == being a bit strange. -- brain cancer update: http://richardlynch.blogspot.com/search/label/brain%20tumor Donate: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=FS9NLTNEEKWBE