On 13/12/2022 10:11, Craig Francis wrote:
undefined indexes are a classic, but once you've found them all (the tricky bit), it often makes your code better, and helps identify mistakes (similar to undefined variables). [...] The null value can come from many sources (e.g. GET/POST/COOKIE/databases)
These two examples are interesting in conjunction: $_GET, $_POST, and $_COOKIE will never contain null values unless you have code writing directly to them, because HTTP has no representation for it, only empty strings. So the only context where you'll get a null from them is because you mishandled an undefined array key, which as you say is often an indicator of a mistake.
Data retrieved from a database is probably the most common source of actual null values. Sometimes, it's important to distinguish those nulls from empty strings, sometimes you don't care - but that's true of undefined array keys as well. Which is ultimately the problem with all of these discussions - some people will see more benefits from catching extra mistakes, others will see more cost from fixing code that's lazy but not actually broken.
An interesting example I came across recently was a user-defined function for SQL string escaping (I'd like to stress legacy; I know that proper parameters avoid this issue). The function always expected a string, but didn't check that, so if given a PHP null, it would put '' in the SQL rather than NULL, leading to data corruption. I have effectively added the same notice to it as PHP has to built-in functions, to track down where else this might be causing problems without escalating to an error immediately.
Regards, -- Rowan Tommins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
