Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:78168 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 63009 invoked from network); 21 Oct 2014 01:08:27 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 Oct 2014 01:08:27 -0000 Authentication-Results: pb1.pair.com header.from=smalyshev@sugarcrm.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=smalyshev@sugarcrm.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain sugarcrm.com designates 108.166.43.75 as permitted sender) X-PHP-List-Original-Sender: smalyshev@sugarcrm.com X-Host-Fingerprint: 108.166.43.75 smtp75.ord1c.emailsrvr.com Linux 2.6 Received: from [108.166.43.75] ([108.166.43.75:51322] helo=smtp75.ord1c.emailsrvr.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 5B/A3-42514-A02B5445 for ; Mon, 20 Oct 2014 21:08:26 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp10.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 429FF3803EE; Mon, 20 Oct 2014 21:08:24 -0400 (EDT) X-Virus-Scanned: OK Received: by smtp10.relay.ord1c.emailsrvr.com (Authenticated sender: smalyshev-AT-sugarcrm.com) with ESMTPSA id BFFBA3803A4; Mon, 20 Oct 2014 21:08:23 -0400 (EDT) X-Sender-Id: smalyshev@sugarcrm.com Received: from Stass-MacBook-Pro.local (108-66-6-48.lightspeed.sntcca.sbcglobal.net [108.66.6.48]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA) by 0.0.0.0:465 (trex/5.2.13); Tue, 21 Oct 2014 01:08:24 GMT Message-ID: <5445B206.9010801@sugarcrm.com> Date: Mon, 20 Oct 2014 18:08:22 -0700 Organization: SugarCRM User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: Andrea Faulds CC: PHP Internals References: <66B7B28C-2651-4A71-AC2A-55D4C7BB3DDC@ajf.me> <5445A9AE.2060001@sugarcrm.com> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Subject: Re: [PHP-DEV] [RFC] Safe Casting Functions From: smalyshev@sugarcrm.com (Stas Malyshev) Hi! >> Wait, we actually already have FILTER_VALIDATE_INT and >> FILTER_VALIDATE_FLOAT, > > Actually, to_int is very close to FILTER_VALIDATE_INT, and I’m not > sure, but I think to_float may be close to FILTER_VALIDATE_FLOAT. The > main difference with integers is rejection of whitespace and > toString-able objects. So essentially we have a number of rules, which all are only slightly different. And when somebody wants to skip spaces, but not tabs, we'd have yet another set of functions? I don't think it's good for the language to have a set of functions doing exactly the same, but in slightly different way, because some people had different preferences. The language should not be just a bag of use-cases that somebody wanted to implement. We're getting a lot of criticism for parts of the language not always playing cohesively together, why make it worse? > The main point of the RFC is to add casting functions as an > alternative to the built-in explicit casts. Currently, the easiest > way to convert to an integer is (int), but this is quite dangerous as > it performs no validation whatsoever and cannot fail. to_int() and So, why not have filter_var($suspected_int, FILTER_VALIDATE_INT) and filter_var($suspected_int, FILTER_CONVERT_INT)? We already have infrastructure for that, why ignore it completely and build another solution that does exactly the same but treats whitespace differently and has couple of other tweaks? OK, you want to treat the whitespace differently, I get it - but why ignore whole filter infrastructure? > the like are intended to be just as convenient as an explicit cast, > so that doing the safer thing (failing on garbage input) is not any > more difficult. The hope is that the lazy developer will use is_int() > instead of (int) when they need to explicitly cast, and avoid the > problems of the latter. The lazy developer won't check the return value anyway and would get 0 as the result of false-to-int conversion, thus making the whole exercise pointless anyway :) -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/