At 16:33 15/12/2005, Greg Beaver wrote:
Stefan Walk wrote:
> See http://bugs.php.net/bug.php?id=23110
>
> It's definitely a gotcha, especially if you use switch(){}, as there
> is no way to do strict type checking there.
Please reconsider the decision to leave this bug open in PHP, any
unexpected behavior in an operator as fundamental as == is VERY
dangerous, and if used improperly could lead to security holes (i.e.
unexpectedly, input that does not match could match a strict filter
based on ==)
I understand the rationale behind loosely typed comparison, and use it
myself, but this is beyond loosely typed, it is explicitly changing type
in an irrational way, as it only applies in certain cases.
Greg,
A lot of thought has been put into the current behavior, which was
decided upon probably around 8+ years ago. While I'm not positive we
made the right decision back then (even though I think we did) -
changing this behavior is completely out of the question. It's not a
bug, it's a well-documented feature ("strings that look like numbers
behave like numbers"), and changing it would effect an enormous
amount of applications.
In order to change such a fundamental behavior there have to be
clear-cut compelling reasons, and no compelling reasons against -
which is clearly not the case.
Zeev
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
