Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:60509
Return-Path: <hartmut.holzgraefe@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 98146 invoked from network); 7 May 2012 12:38:00 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 May 2012 12:38:00 -0000
Authentication-Results: pb1.pair.com smtp.mail=hartmut.holzgraefe@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=hartmut.holzgraefe@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.42 as permitted sender)
X-PHP-List-Original-Sender: hartmut.holzgraefe@gmail.com
X-Host-Fingerprint: 209.85.214.42 mail-bk0-f42.google.com  
Received: from [209.85.214.42] ([209.85.214.42:47759] helo=mail-bk0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 3D/80-29115-822C7AF4 for <internals@lists.php.net>; Mon, 07 May 2012 08:38:00 -0400
Received: by bkcik5 with SMTP id ik5so3925380bkc.29
        for <internals@lists.php.net>; Mon, 07 May 2012 05:37:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:subject:references
         :in-reply-to:x-enigmail-version:content-type
         :content-transfer-encoding;
        bh=0feSydHlZXtA/Abo7JTgUkEluhqmpgMVPNS9fcY6CWo=;
        b=K+RSmpMtfjSn8yqXuqgiNEk1QroBdgQvfRZyILtuEcw4e2fkPlN6FSFCEsRafc3o+p
         7jsXkYewR1qZilB/nBYDSAhLPcfqBUvUCXIcaxXYfqYf8vdQWrb14nVvpWCghmO9kQXu
         f1VRnFOQb4Dwb/rblxJu1/F/4lJsalD373xgfiM2Bmn2AjCivEdFRsshXprskcOfIXFJ
         hG/PvP4j9Z4il6m8QmIAu/Cblylhy4hNj2NmsWDWq98POD28axlBjeksf8inAZ9UCkqI
         Smw9yVFzvpC+4+5rBURcV91/HkiK7C8cpNv88qIlNSR8/E+FO6A5jmo8Ndbz/U2/EJcU
         jy8A==
Received: by 10.204.155.154 with SMTP id s26mr5223519bkw.129.1336394276900;
        Mon, 07 May 2012 05:37:56 -0700 (PDT)
Received: from [192.168.23.15] (212.100.42.202.fixip.bitel.net. [212.100.42.202])
        by mx.google.com with ESMTPS id n19sm32189355bkv.14.2012.05.07.05.37.55
        (version=SSLv3 cipher=OTHER);
        Mon, 07 May 2012 05:37:56 -0700 (PDT)
Message-ID: <4FA7C229.9080901@gmail.com>
Date: Mon, 07 May 2012 14:38:01 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1
MIME-Version: 1.0
To: internals@lists.php.net
References: <CAPmfwEnMypV6DFRnRsnCvj+KQk1JG54TX3r1DNHQO3QQ0f+hjA@mail.gmail.com> <CAEZPtU4B0HpVrD4nzN6Cm+ogpza=qeyyfA1qSoRiyFF-dh6iFQ@mail.gmail.com> <CAORXhGLkKPY=GpfESDqiCVUhG4vZG7PmqK-v7780fGmvnQyeNw@mail.gmail.com> <4F847B8A.9010007@sugarcrm.com> <733bc8ea59cf6737563a62886e92fcb6.squirrel@www.l-i-e.com> <CAHMUw2Ft49f32di4nyOVWhzi-6Qn7u6yP4La2x_Wn2tZK-CHPA@mail.gmail.com>
In-Reply-To: <CAHMUw2Ft49f32di4nyOVWhzi-6Qn7u6yP4La2x_Wn2tZK-CHPA@mail.gmail.com>
X-Enigmail-Version: 1.4.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [off] PHP: a fractal of bad design
From: hartmut.holzgraefe@gmail.com (Hartmut Holzgraefe)

On 05/07/2012 05:32 AM, Tjerk Anne Meesters wrote:

> Validated or not, why would type juggling even come into the picture
> if both variables are of the same type?

For the simple reason that web forms return all input as strings, even
if the input is actually meant to be numeric

Many PHP database backend functions also return all result fields
as strings regardless of the actual result type, e.g. mysql_fetch_*(),
mysqli_fetch_*() and pg_fetch_*()  (although that's more debatable)

So if both operands look numeric (even though they are actually of
type string) type juggling kicks, and in your MD5 example it
unfortunately kicks in with a conversion to float for both sides
and you're running into the "never compare floats for equality"
trap ... (which is being worked on for the string comparison case
though, i just don't have the bug number at hand right now)

-- 
hartmut