Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:85523
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 6524 invoked from network); 29 Mar 2015 02:46:41 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 29 Mar 2015 02:46:41 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.46 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.218.46 mail-oi0-f46.google.com  
Received: from [209.85.218.46] ([209.85.218.46:33775] helo=mail-oi0-f46.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B9/B2-05058-09767155 for <internals@lists.php.net>; Sat, 28 Mar 2015 21:46:41 -0500
Received: by oifl3 with SMTP id l3so103760327oif.0
        for <internals@lists.php.net>; Sat, 28 Mar 2015 19:46:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:from:date:message-id:subject:to:content-type;
        bh=fpMrrPjihc1okZ/W8iC846OCHVbzoOhSSpA0D8oYaOY=;
        b=YPlArWncx0exW341u74e/PPCO7btImPosQwRQ+0FjI0y/huc4HLmq2O/JIcCizgwQ9
         KLF4Jgoi3uA4LTHkdWlcIdh2KJf9SPb38QrGLAGBODRwhWZHswDQTzD8puK9w4AOiWQz
         t9MFyZ92cgVvgazgp3CSce2WHpi7eHZy5As7DNEvByucgNqt7AH53m/lW11ftnBGjITP
         mVU0nCJW66T4QKf4vzK7LjIiGJwY9U7SiujuslJghJbS9V56ICvV5pjbhrpphM/m/UqX
         qIX2BeBc8AtO6qYBvZIRxHqFEvgIbPX4ZFrcipj0alAHXyMbcuKXlk1mpjuqJk3STB10
         3baQ==
X-Received: by 10.202.65.8 with SMTP id o8mr20490798oia.113.1427597197857;
 Sat, 28 Mar 2015 19:46:37 -0700 (PDT)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.202.58.2 with HTTP; Sat, 28 Mar 2015 19:45:57 -0700 (PDT)
Date: Sun, 29 Mar 2015 11:45:57 +0900
X-Google-Sender-Auth: D1tTuhLmhId2PkakqjEfK01nQE8
Message-ID: <CAGa2bXYpYOOw_hq3iVWdPZXfL=cTuWdfjsd6AJVVVGhzdhTnDw@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a113ddb5edc5ca00512645f27
Subject: Basic type hint and documentation
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a113ddb5edc5ca00512645f27
Content-Type: text/plain; charset=UTF-8

Hi all,

PHP7 will have type hint for basic types and it's already merged into
master.
I have some suggestions for the document.

The document must have _big_ warning for unconditional casts. IMO.
Unconditional casts are evil in code as casts will not raise errors for
invalid casts.

$ ./sapi/cli/php  -d error_reporting=-1 -r 'echo
(int)2342342342342342342342342;'
-6773393222916898816

$ ./sapi/cli/php -d error_reporting=-1 -r 'echo (int)"abc";'
0

There are codes that treat 0/negative values as "special values".
Unconditional casts may cause security breach with such codes.

MySQL may have unsigned 64 bit integer for ID/etc, SQLite can
have any number as ID/int/etc. There is NUMERIC data type for
DBMS also. Data looks like float does not have to be IEEE 754
double. It may have much higher precision. JSON/etc data may
have such values in it. Use of  "int"/"float" type hint for these are
bugs.

It also should mention 32 bit platforms. "int" is 32 bit signed int.
Code uses "int" type hint and cast may have serious bug that
may be find in production over time.

Users may need casts with PHP7, but they must never cast unconditionally.

The document must warn:

 - Users should never cast integer/float unconditionally. Unconditional
   casts may lead security breach.
 - Users should not cast 64 bit int to float unconditionally.
 - Users should aware that float can have 53 bit signed integer at most.
 - Users should consider 32 bit platforms to be portable.
 - Users should use "string" type hint for numbers for external resources
   and must validate its format as it is now if numbers exceed type spec.

Examples should be listed:

 - Almost all database abstraction library should not use "int" type
   hint for IDs, but should use "string" type hint.
 - JSON numbers/etc are not limited PHP int/float. "string" type is favored
    type hint unless exact number spec is known and fit into PHP int/float.
 - Above will apply most external numerically formatted input values.

It would be better to document "Best practice of basic type hints" also. It
should mention importance of input validation.


Unlike "coercive type" RFC, users must be more careful about type
compatibility by themselves. I guess many PHP users are not familiar with
proper type handling. The document must be explicit  about proper type
handing. There might be other things users must be careful, the document
should explain fully.

I don't think these warnings prevent misuse, but better documentation may
help.
If there is anything should be added, please mention them in the document.

Just my .02 for people who are going to write document for basic type hint.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a113ddb5edc5ca00512645f27--