Basic type hint and documentation

10 years ago by Yasuo Ohgaki — view source

unread

Hi all,

PHP7 will have type hint for basic types and it's already merged into
master.
I have some suggestions for the document.

The document must have big warning for unconditional casts. IMO.
Unconditional casts are evil in code as casts will not raise errors for
invalid casts.

$ ./sapi/cli/php -d error_reporting=-1 -r 'echo
(int)2342342342342342342342342;'
-6773393222916898816

$ ./sapi/cli/php -d error_reporting=-1 -r 'echo (int)"abc";'
0

There are codes that treat 0/negative values as "special values".
Unconditional casts may cause security breach with such codes.

MySQL may have unsigned 64 bit integer for ID/etc, SQLite can
have any number as ID/int/etc. There is NUMERIC data type for
DBMS also. Data looks like float does not have to be IEEE 754
double. It may have much higher precision. JSON/etc data may
have such values in it. Use of "int"/"float" type hint for these are
bugs.

It also should mention 32 bit platforms. "int" is 32 bit signed int.
Code uses "int" type hint and cast may have serious bug that
may be find in production over time.

Users may need casts with PHP7, but they must never cast unconditionally.

The document must warn:

Users should never cast integer/float unconditionally. Unconditional
casts may lead security breach.
Users should not cast 64 bit int to float unconditionally.
Users should aware that float can have 53 bit signed integer at most.
Users should consider 32 bit platforms to be portable.
Users should use "string" type hint for numbers for external resources
and must validate its format as it is now if numbers exceed type spec.

Examples should be listed:

Almost all database abstraction library should not use "int" type
hint for IDs, but should use "string" type hint.
JSON numbers/etc are not limited PHP int/float. "string" type is favored
type hint unless exact number spec is known and fit into PHP int/float.
Above will apply most external numerically formatted input values.

It would be better to document "Best practice of basic type hints" also. It
should mention importance of input validation.

Unlike "coercive type" RFC, users must be more careful about type
compatibility by themselves. I guess many PHP users are not familiar with
proper type handling. The document must be explicit about proper type
handing. There might be other things users must be careful, the document
should explain fully.

I don't think these warnings prevent misuse, but better documentation may
help.
If there is anything should be added, please mention them in the document.

Just my .02 for people who are going to write document for basic type hint.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net