Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:84971
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 48409 invoked from network); 16 Mar 2015 02:32:40 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 16 Mar 2015 02:32:40 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.180 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.214.180 mail-ob0-f180.google.com  
Received: from [209.85.214.180] ([209.85.214.180:36301] helo=mail-ob0-f180.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 35/FD-06614-7C046055 for <internals@lists.php.net>; Sun, 15 Mar 2015 21:32:39 -0500
Received: by obdfc2 with SMTP id fc2so26005046obd.3
        for <internals@lists.php.net>; Sun, 15 Mar 2015 19:32:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=HlSY0XhL5KI3UHHEO0zcmJZE3DHt3YqOb/Ka3V98aC0=;
        b=excB6JPaup3EAZ+7GiW8wIMLFsDueEpn7N5XH3KQKYFcVaS1vE9MbANQQlf9PMzi1j
         G1iAnWRxfHhN2ffKP/b02G7JNNi4sL/3WpXwuE4wDhE3KCWeZ7IfKZEEjGHt37hKzfxe
         /yzLUGtqch0UdCE7PHS5A3LYZWOf6Iiu1DM4dZRG/GxIPsCikdzCnQHe1mE43SliUy6a
         1+1F4P6Yed42mbCUxfYhZWnR5jlsF1JTerEtin6YD76aKjFjtFDltlSWagd05/Kl1El3
         BdHcBtdf5PG+3JDc8K+42cNb3W19ceUHtnYiaVgVbGCKwg21Fx5DP+ePMrcAaAyUlh4d
         zJWw==
X-Received: by 10.202.13.203 with SMTP id 194mr8513788oin.130.1426473156454;
 Sun, 15 Mar 2015 19:32:36 -0700 (PDT)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.202.58.2 with HTTP; Sun, 15 Mar 2015 19:31:56 -0700 (PDT)
In-Reply-To: <CAGa2bXa6P-euEB_h2q1w9wb=Ms6N0DRSe3eDp0rwJx98cqz6sQ@mail.gmail.com>
References: <CAAyV7nFAE07s+o8xW6fYwAu2-goo3riWuuWSTZn4hTo5O58HrA@mail.gmail.com>
 <CAGa2bXZrmQuzCTQ=E8gkGU-N2wV459PfL2VCdmeu_+JQD17LEQ@mail.gmail.com>
 <CAEZPtU7_vEpF=pLQfcF6Y9n-TU4K5D-zxHiSD-bw65S4zsS-ag@mail.gmail.com> <CAGa2bXa6P-euEB_h2q1w9wb=Ms6N0DRSe3eDp0rwJx98cqz6sQ@mail.gmail.com>
Date: Mon, 16 Mar 2015 11:31:56 +0900
X-Google-Sender-Auth: yw01PcJ5pjcj9RZNYWRQm926AMg
Message-ID: <CAGa2bXYaasEwXr_Y5DaYDii+L4mOe0m8z5agMOJyg_tkTDh8-Q@mail.gmail.com>
To: Pierre Joye <pierre.php@gmail.com>
Cc: Anthony Ferrara <ircmaxell@gmail.com>, 
	"internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a113d149cc5b18405115ea932
Subject: Re: [PHP-DEV] [RFC][Status] Scalar Type Declarations Voting Date Change
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a113d149cc5b18405115ea932
Content-Type: text/plain; charset=UTF-8

Hi all,

On Mon, Mar 16, 2015 at 11:16 AM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:

>
>
>>
>> > It's natural that we have different point of views, but we can easily
>> > understand/guess
>> > the consequence of the RFC. Weak mode is simply too weak to be useful.
>> > Strict mode will hide type bugs by errorless casts.
>>
>> Show me examples when something not in strict mode behave differently
>> and it will be fixed. But saying that is per se wrong and double
>> standard in regard of voting. Or why did you vote in favor of other
>> RFCs which obviously had or still have bugs?
>>
>
> This code is an example that I posted in other thread.
>
> e.g.
> <?php
> function check_num_range(int $num) { if ($num < 0 || $num > 100)
> trigger_error('Invalid range'); }
> // Somewhere far from function definition.
> $num = $GET['num'];
> // Somewhere far from $num definition.
> check_num_range($num); // Trying to check validity, int and range.
> echo 'You have '.$num. ' now <br />'; // But $num could have any string.
>                                                             //
> "check_num_range((int)$num)" wouldn't help also.
> ?>
>
> Simple cast hides bugs, not eliminates type bugs.
> This is just an example and there are many cases that cast hides bugs in
> real world codes.
>

Another common example is database's NUMERIC types.

Database's NUMERIC type has much higher precisions. PostgreSQL has up to
131072 digits
before the decimal point; up to 16383 digits after the decimal point.
Casting to int/float drops
data.

SQLite has type affinity so it can hold any number (or even string etc) in
INT fields. Casting
drops data just like PostgreSQL's NUMERIC type.

Average users did write code like

$sql = 'SELECT * FROM some_table WHERE id='. (int)$id;

even under 32 bit platforms. I'm sure there will be many users who writes
invalid/buggy casts.
It's buggy code even under 64 bit platforms as PHP only support "signed
int" by default.

What we really need is decent conversion rules (it's OK to have new one
since we don't have
it before) that helps users to find bugs in PHP. Users can protect
themselves by additional
code, but why don't we provide it even if there is the code for it?

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a113d149cc5b18405115ea932--