On Tue, Jul 15, 2014 at 3:21 PM, Andrea Faulds <a...@ajf.me> wrote: > > On 15 Jul 2014, at 14:18, Ferenc Kovacs <tyr...@gmail.com> wrote: > > > you can't optionally introduce strict typing to php, as the two of them > > can't co-exists. > > nobody forces you to not use a language with strict typing if you want > > that, but I don't think that it would worth changing the php type system > at > > this point. > > It’s also worth noting that if you do want strict typing in PHP, you now > have an alternative: Hack. Hack even allows you to mix strictly-typed code > with non-strictly-typed code if you want.
even Hack has some gotchas: http://grokbase.com/t/php/php-internals/1459q785wg/rfc-return-type-declarations-pre-vote-follow-up#20140509j1db9b91d2642wzbzbgte7k450 But PHP is not going to go in that direction. This RFC offer rather strict > validation of input to a function, but it does not offer strict *typing*, > as strings and floats, where interchangeable, are accepted. > yep > > > as I mentioned above, nobody argues that input validation (and escaping > > output in a context sensitive manner) is a must. > > Isn’t a must, surely? (I assume that was a typo) I wasn't talking about the rfc or the typehints, but having proper input validation in your application in general. -- Ferenc Kovács @Tyr43l - http://tyrael.hu
