>
> why not have false + e_warning for strict_types=0 and fatal error for
> strict_types=1 ?
> Doing function random_int(): int { ...
How's this connected to `strict_types`? It's not.
If people use this function without reading documentation, they will also
> use other things without documentation like database queries without
> binding/escaping, inject html without escaping, etc.
> Having core functions suddenly throw exceptions causes many problems in
> the code structure.
How are these things connected? How does this create any issues in any
existing code structure? This RFC affects only two new functions introduced
in PHP 7.
I think there are a lot of security problems if people ignore return
> values, e.g. password comparison, user lookup in database, lookups for
> permissions, etc.
You compare an edge case, where these two functions currently return false
instead of throwing an exception to fail closed, to functions with an
expected `true|false` return value.
This change is especially important, because these functions may be used in
a way like this, as already mentioned in the previous discussions:
for ($i = 0; $i < 10; $i++) {
$result .= $values[random_int(0, 10)];
}
It's simply far too easy to make mistakes in security relevant code.
Regards, Niklas
