2009/7/2 Stanislav Malyshev <s...@zend.com>: > It's not about the user input and security - it's about having different > parts of your code working together through all possible changes. If you've > got strict API you've got to make sure what you are sending to it would pass > those strict checks, and would keep doing so through all changes done to the > code.
Hmm. Sounds like a programmers job you're describing there. I wonder if the split is between people coming to PHP from web design (JavaScript/Perl) and coming to PHP from other programming languages (VB/Java/C++/COBOL/ColdFusion - a long list [1]). I've mainly come from a Delphi's Object Pascal and Sage Retrieve 4GL (syntatically a mix of COBOL and Pascal). >> A big +1 from me to incorporate type hinting into PHP. > > I think calling this proposal "type hinting" just confuses the discussion. > It's (optional) strict typing and it should be called so. Maybe this could be solved easier and made more acceptable to all sides if rather than calling it "type hinting" / "(optional) strict typing" it was called "auto casting". A significant issue is what happens when the variables supplied are NOT of the appropriate type. I agree with Stanislav in that developers could end up with having to "stuff their code with explicit type conversions". Inside the function/method, we are wanting to essentially force the inputs to match the requirements. So, rather than have the "explicit type conversions" being performed by users of the libraries, why not incorporate the conversions into the function/method declaration? If the data coming in is weakly typed, and we are wanting a specific type, we are going to cast it (currently). Casting is going to take place somewhere. Currently, you can use docblocks to suggest the type (no enforcement). If a user DOES read the docblocks and casts it, it doesn't actually help anyone as PHP is known to be weakly typed, so the library developer STILL has to do checks of some sort. But. If autocasting was available, users could RELY on the fact that PHP will use its built-in, well known and documented type-juggling logic to cast the supplied userland data to the libraries required type. This is now really utilising PHP's type-juggling to intelligently provide library developers with optional strict-typing. It incorporates type hinting, so a library user can do the casting if they want (I assume PHP does nothing for (string)"1" or (int)4, etc.) Essentially auto casting would remove having to manually cast data at all. Regards, Richard. [1] http://en.wikipedia.org/wiki/Comparison_of_programming_languages#Type_systems -- ----- Richard Quadling Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 "Standing on the shoulders of some very clever giants!" I need a car : http://snipurl.com/l4pih ZOPA : http://uk.zopa.com/member/RQuadling -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
