Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:83793
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: error (pb1.pair.com: domain lsces.co.uk from 217.147.176.214 cause and error)
Message-ID: <54EDE5EA.7070104@lsces.co.uk>
Date: Wed, 25 Feb 2015 15:10:34 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: internals@lists.php.net
References: <CAAyV7nGjdguX=4Nt0H=kYnwg8rZ1BkWf8duGZfzheOXXV61pqA@mail.gmail.com>	<CAAyV7nE+JJPr4iRiFfJg74UVZ_c6HieOmpPQWe6zwnY==m7Zhw@mail.gmail.com>	<CAAyV7nGOh7FgkbkPGwALmU4SDOs=LvkijAPJeNcG3qrMo7-z-Q@mail.gmail.com>	<CAAyV7nFfzaw=M0En4_3Lt5MYQ7H+ePCzFOuM4wndehxJER7NXQ@mail.gmail.com>	<CA+9eiLuuH7v4Vvf8iDzvh=vho9mdPUpvSVHwuP6+JdNVkqLS9A@mail.gmail.com>	<CA+9eiLup3jEPcQaNbEQXQ8js0t9-thVRG8fCXHScL3K=aU20Ow@mail.gmail.com>	<CAFr9ZqtR=P6izszCKHxT4qn3VCbLV00=s585=JhzOShFmdaAXw@mail.gmail.com> <CA+9eiLs_hgD=i1RbiUMEg_ho9rF=eveMmrs5mtvuksVrf-2_8g@mail.gmail.com>
In-Reply-To: <CA+9eiLs_hgD=i1RbiUMEg_ho9rF=eveMmrs5mtvuksVrf-2_8g@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Re: [RFC-Discuss] Scalar Type Declarations v0.5
From: lester@lsces.co.uk (Lester Caine)

On 25/02/15 12:58, Dmitry Stogov wrote:
>> Does that mean when reading or writing code, in addition to checking the
>> > signature of a function,
>> > I have to check the 'strict_types' setting at the top as well, to
>> > understand how that signature behaves?
>> >
> I think you should check it in the top line of the file where the function
> was called from.

Of cause the real world situation here is that the legacy included files
and their functions will simply not have type hints. The problems only
start to arise if someone updates the library code following one
practice while other users are not even bothered by it. I get that if
strict typing is added to the library, but the user is not bothering
with any type hinting than it will not get in the way, but there still
has to be checks in the to find out if the strict check is needed while
I may well simply be using the library like I always have ... and
throwing strings at it. It's at this point I am trying to work out what
will happen? If I am a novice users I just expect the normal weak
conversion, and presumably the 'strict mode' function I am calling has
the code to cater for that in this instance while also having the checks
for strict mode ready for strict mode calls to the same function? I
don't see how any of this can be optimised out unless the code is only
compiled for one mode or the other.

One has to add of cause any third party change to the conversion rules
which may come into play as well, but I still see all of this as a red
herring since the reason any type hint fails is of more importance than
catching that the wrong type of value has arrived. MOST of the time this
is 'protecting' against morons who are only interested in hacking your
site, so while one passes a few integers via the URL handshaking to
control navigation perhaps, one has to ensure that when someone tries to
inject alternate text things fail tidily? Even if data is validated via
javascript in the browser one can't assume that what should be a nice
clean value is actually what gets through? All right if that fails in a
later function call then one can crash out, and you don't want to serve
hackers anyway, but one needs to know if it is a hacker or a user with a
problem. But this more a play against the need for type hinting at all ...

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk