Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94838 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 41790 invoked from network); 4 Aug 2016 21:26:45 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 4 Aug 2016 21:26:45 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender) X-PHP-List-Original-Sender: yohgaki@ohgaki.net X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp Received: from [180.42.98.130] ([180.42.98.130:39618] helo=es-i.jp) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 29/21-33134-313B3A75 for ; Thu, 04 Aug 2016 17:26:44 -0400 Received: (qmail 97041 invoked by uid 89); 4 Aug 2016 21:26:39 -0000 Received: from unknown (HELO mail-qk0-f182.google.com) (yohgaki@ohgaki.net@209.85.220.182) by 0 with ESMTPA; 4 Aug 2016 21:26:39 -0000 Received: by mail-qk0-f182.google.com with SMTP id p186so120330549qkd.1 for ; Thu, 04 Aug 2016 14:26:38 -0700 (PDT) X-Gm-Message-State: AEkoouuvC+HlUnmbR09pPiibFSAX+Rg5EPh1JsIMoiJCjIlJwNfjGs7/1hezwzeHIlq13dSjy6sb54GFQB72VQ== X-Received: by 10.55.89.197 with SMTP id n188mr8828763qkb.60.1470345991095; Thu, 04 Aug 2016 14:26:31 -0700 (PDT) MIME-Version: 1.0 Received: by 10.140.85.242 with HTTP; Thu, 4 Aug 2016 14:25:50 -0700 (PDT) In-Reply-To: <27c5add4-2c4c-bab1-6ca7-9c191917dd0e@gmail.com> References: <27c5add4-2c4c-bab1-6ca7-9c191917dd0e@gmail.com> Date: Fri, 5 Aug 2016 06:25:50 +0900 X-Gmail-Original-Message-ID: Message-ID: To: Rowan Collins Cc: "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] Adding validate_var_array()/validate_input_array() to which version? From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi Rowan, On Fri, Aug 5, 2016 at 6:04 AM, Rowan Collins wrote: > On 04/08/2016 20:29, Yasuo Ohgaki wrote: >> >> One of my objective is following best practices. >> Prefer exception over error is one of them. Although, I strongly suggest >> to use exception for validation errors, I will have choices. > > > Best practice is to use exceptions to indicate an error *inside* the > function, i.e. something going wrong with the function itself. If I run (as > a simplified example) validate_var('abc', FILTER_NUMERIC) that's not > something going wrong inside validate_var(), so validate_var() shouldn't be > throwing an exception, IMO. > > Now, the *reason* I'm calling validate_var may be that the function I'm > writing will go wrong if the validation doesn't pass, but that's up to *me* > to throw an exception: > > if ( validate_var($foo, FILTER_NUMERIC) ) { > throw new InvalidArgumentException; > } Input validation is like assertion shouldn't fail. However, it's possible to design code like this. > > That said, in another message you explained that this isn't intended for > "validation" in the sense of "form validation", but in a more restricted > sense of "dangerous data"; I think the name misled me, and may mislead > others, if that is the sole purpose of the function. I'm still not entirely > convinced, though, that a boolean-returning function wouldn't be enough to > fill both purposes. I understands there are use cases for both with/without exception. In fact, I implemented it without exception at first. My preference is to raise exception to encourage users to handle validation error correctly, i.e. terminate script execution, but my intention may not be interpreted correctly with or without exception. How about to have switch like assert()? It has exception on/off switch. Anyone prefer parameter flag? Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net