Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:86060 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 74558 invoked from network); 30 Apr 2015 03:06:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 Apr 2015 03:06:16 -0000 Authentication-Results: pb1.pair.com smtp.mail=smalyshev@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=smalyshev@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.192.170 as permitted sender) X-PHP-List-Original-Sender: smalyshev@gmail.com X-Host-Fingerprint: 209.85.192.170 mail-pd0-f170.google.com Received: from [209.85.192.170] ([209.85.192.170:34215] helo=mail-pd0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id EB/B0-05379-82C91455 for ; Wed, 29 Apr 2015 23:06:16 -0400 Received: by pdbqa5 with SMTP id qa5so46729020pdb.1 for ; Wed, 29 Apr 2015 20:06:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=eItkBBwHGItj3Q7JKsnVRpj5ahBtnAwZPi5XVw5/LSY=; b=YSXhoyXNPHED4cBjq0dqdm9M7pptyj7OAXZXy9uOU34IS5Q4iekjpP35+DMesogID3 tIvXRH64RFn8rut7ptRdYhB/xkrpt3QuHiKfxpdVYvyHe/L1PdAygBYAHSN0L5xpFUog 2NIuG91QTVrszcpndWndHfgzRdRc6wdzE6mpl8NYvg4wvh5iXM1er46p3b5W3O6Y4rIP df/NIVIfrIXCfKwDIC5DnLVhp0Fx1fLhHGRugzGOQcZJAR9ulNF2irRIrXqS5Kjx3sOC J5n8Y45yQR7XUzVzLzML3G8T1BUjFfqU75OMLtygup+A4AhV8CYr8p3yTerQWKEIH6Rx ZJVg== X-Received: by 10.68.165.2 with SMTP id yu2mr4003750pbb.43.1430363172937; Wed, 29 Apr 2015 20:06:12 -0700 (PDT) Received: from Stas-Air.local (108-66-6-48.lightspeed.sntcca.sbcglobal.net. [108.66.6.48]) by mx.google.com with ESMTPSA id wx8sm565852pbc.1.2015.04.29.20.06.11 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 29 Apr 2015 20:06:12 -0700 (PDT) Message-ID: <55419C0C.7020207@gmail.com> Date: Wed, 29 Apr 2015 20:05:48 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Yasuo Ohgaki CC: Ryan Pallas , "internals@lists.php.net" References: <55401F31.9030703@gmail.com> <55416849.9010808@gmail.com> <5541753D.5050908@gmail.com> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Adding "numeric" type hint From: smalyshev@gmail.com (Stanislav Malyshev) Hi! > How many of us are expected that > > mydb_find_by_id(INT_MAX+1); > Note: INT_MAX+1 is pseudo integer string value. > > fails with fatal error? I guess it's not many. I'm not sure what is the meaning of "INT_MAX+1 is pseudo integer string value" - if it fits the integer, it's the integer, if it's a string that looks like decimal rendering of a natural number that is equal to INT_MAX+1, then it's not an integer, it's just a string. It can not be used as integer. If somebody voted on this RFC without expecting it, that means they did not understand the RFC. I don't know what can be done about people voting for RFCs they don't understand - we can't take an exam before voting. We expect people first understand it then vote, and assume everybody who votes understands what it means and accepts the consequences. > Users are recognized record ID as integer even if it's a string integer > indeed. There's no such thing as "string integer". It's either string - which can be convertible or not convertible to integer - and there's actual integer value. > I think many, if not most, users are not aware that db record ID field is > "string integer" . As long as users do not apply arithmetic, string integer > worked perfectly with PHP. I'm saying this is a tradition. I don't see where you derive such "tradition" from. PHP never worked this way. The only difference is that before you'd get something like INT_MAX or -INT_MAX or 0 or whatever random value after conversion. I don't see how that would be better than fatal error, really. > Most obvious use case is record ID that I mentioned above, but it's not > limited to record ID. e.g. all database numeric values/JSON numeric/ > PHP array integer type key beyond INT_MAX/MIN. You can't have integer array key beyond integer, that is a logical impossibility. As for external values, external value can be anything - row of ones, random binary noise, string "porcupine", anything. You can't expect it to be convertible to integer. You'll have to check anyway. "numeric" type is not going to help you. > Great. I think "int"/"float" type hint is too strict even under weak mode. > Therefore, I want to have "numeric" type hint at least. I don't see how this helps anything. "numeric" is not a type, it is a validation of a string form. As such, it has very little to do with PHP types. > Having "numeric" or accepting huge value(including GMP) for "int"/"float" > should be acceptable. IMHO. That negates the whole purpose of having "int" type, since what comes out of it is not int anymore. > As I wrote, huge numbers are valid data for databases. I don't want to have String "porcupine" is a valid data for database too. Should we have a type that says "number or string 'porcupine'"? Both are valid data for DB. But they do not form a type. > DoS incident just because PHP limits numbers to native type range > while databases accept these larger values as valid values. Databases accept *anything* as valid values. If you expect this to fit PHP's scalar types, you need to check. Otherwise, you need to use PHP type that can accommodate anything, namely - string. > We may have integrated GMP float in near future also. Accepting compatible > value/type is mandatory if it's a type "hint" for weak mode. I don't > think we > decided to have type declaration(type enforcement), do we? We can accept compatible values. The question is what to do with *incompatible* values. Accepting those is not really possible within typed parameters semantics. -- Stas Malyshev smalyshev@gmail.com