>> If you have an exception like `BadCredentialsException` and throw it >> during authentication if the user has entered wrong login data, than >> you have such a situation right? >> But do you need any further information? No - in the catch block it may >> be enough to create a message for the user saying: "wrong username or >> password". > > I believe that the example you provided, the one with > 'BadCredentialsException', is a good example of a bad design and usage > of exceptions, at least from my point of view. > > The fact that frameworks like Symfony2, Zend Framework or other php > libraries/frameworks (ab)use the exceptions it doesn't mean that it's > a good thing or you should have exceptions for everything.
Alright... all bigger frameworks have a bad design... > The provided example could just as well return false; for the login > function and that's it, no? What if a false login could have different reasons? And these reasons could be dynamic because other users may add event listeners and add additional "exceptional cases"? `false` cannot contain this information. > Exceptions should be used for exceptional cases where the application > can't recover automatically from them. > They are, even as their name suggests, exceptional cases, while a bad > credential for a user login is not :) I think you are confusing "exception" with "error". It is a point of view wheather a case is exceptional or not. In my opinion bad credentials are an exception because the normal flow is a successful login. Best regards -- Christian Stoller LEONEX Internet GmbH
