Hi!
Doesn't "stuff their code with explicit type conversions" actually mean "perform appropriate validation and conversion on incoming data" ?
Sometimes it does, but in many cases it doesn't - since variables are not typed and types can be juggled, you'd have to take precautions even though you could be sure the value itself is sanitized.
We are constantly told about GIGO and not accepting anything a user supplies as safe, so, with that in mind, you validate the incoming
It's not about the user input and security - it's about having different parts of your code working together through all possible changes. If you've got strict API you've got to make sure what you are sending to it would pass those strict checks, and would keep doing so through all changes done to the code.
A big +1 from me to incorporate type hinting into PHP.
I think calling this proposal "type hinting" just confuses the discussion. It's (optional) strict typing and it should be called so.
-- Stanislav Malyshev, Zend Software Architect s...@zend.com http://www.zend.com/ (408)253-8829 MSN: s...@zend.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
