Hi Larry!
2015-07-26 1:29 GMT+02:00 Larry Garfield <la...@garfieldtech.com>:
> Another point here is that 0 is a perfectly legitimate random number in many
> cases, so callers would need to do a === check, not just a boolean check.
What "boolean check" are you talkin' about? I've never seen a code
using e.g. strpos() like follows:
<?php
if(!is_bool($pos = strpos('foobar', 'baz'))) {
// we are correct, use $pos' value somewhere
} else {
// strpos() produced a boolean, thus no 'baz' found in 'foobar'
}
?>
Rather it is most frequently being done like below:
<?php
if(FALSE !== $pos = strpos('foobar', 'baz')) {
// we are correct, use $pos' value somewhere
} else {
// strpos() produced a boolean, thus no 'baz' found in 'foobar'
}
?>
I think in both cases you do a kind of "boolean check".
> Especially as we're talking not about a user error but a "your system is not
> setup
> right so it will never work" situation, as I understand it.
So, I generally agree with this approach. It is a better thing to
always fail closed if your system isn't set up, e.g. missing some
required things, to work properly. It's the same if your code uses
some vendor extension not included in the core by default -- it can
not work work properly without having this extension available.
I say +1 for raising a E_ERROR on random_int()/random_bytes() fail.
Best regards,
Kubo2, Jakub Kubíček
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
