Exactly. Yes, we check data coming from POST/GET/COOKIE and other really external resources. But doing the same for data coming from database is kinda an overkill. And most projects do select their data mostly from databases. And I'm 100% sure that people will not use type hinting if they have to do all the conversions in the code just so that data coming from DB doesn't trigger errors on type hinting checks. Brr, that's just tons of code to add - convert every int/fload/decimal field to int/float in PHP.
2010/5/27 Lukas Kahwe Smith <m...@pooteeweet.org>: > > On 27.05.2010, at 10:45, Daniel Egeberg wrote: > >> If you don't know whether the user/database provided information you >> have is correct before you pass it along to something else, I would >> say that the code indeed is bad. Unless you regard "123abc" as a valid >> value from your user, don't allow the user to give you that value. If >> you regard it as a valid value, then it's not an int thus you wouldn't >> want to type cast it in the first place. > > > as Arvids already pointed out most database extensions for PHP atm return > strings even for integers/floats. furthermore the "123abc" example was > mentioned more for data coming from external sources, with strict typing you > are encouraging stuff like (int)"123abc". Of course a good programmer would > first check with is_numeric() before casting. Seems like a lot of work. > > With the proposal of weak typing with error/notice on data loss none of that > would be needed. > > regards, > Lukas Kahwe Smith > m...@pooteeweet.org > > > > -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
