On Sun, 2008-01-06 at 11:28 +0000, Alain Williams wrote: > On Sat, Jan 05, 2008 at 07:34:04PM -0800, Mike Lively wrote: > > > input is going to makes it's way into your api at some point. Now of > > course you can (and should) be filtering this > > input before it is used, but if imo when dealing with a loosely typed > > language where the same input could be hinted as an > > int in one function it eventually reaches, and a string in another. > > > The point being I understand you may be targeting 'internal stuff' but > > programming (especially web development) is > > centered around manipulating/reading input to perform actions...just > > because it's not 'intended' doesn't mean it's going > > to never happen. > > > Also, I am pretty sure PDO returns results from at least mysql and sqlite > > as strings regardless of their type in the > > database...or are results from the database also not something type hints > > are inteded for? > > PLEASE READ CAREFULLY > > You have NOT understood what type hinting is about. > > You are confusing the TYPE and the VALUE. > > What type hinting means is: > > * is the TYPE correct ? If so succeed. > > * can the VALUE be 100% converted to the desired TYPE (eg '5' to int) ? If so > succeed. > > * fail > > Type HINTING is not type ENFORCEMENT. PHP type juggling is still allowed, so > PDO returning results as strings > is quite OK as long as what is defined to be numeric *really* has a VALUE > that is a number. >
Actually this patch does do type enforcement. Once we start doing conversions, we get into a gray area concerning the conversion rules. As I said, this patch is not intended for stuff like $_GET, $_POST, database data, etc. It is intended for internal functions to your application. function requireFile(string $file, bool $getOutput = false, array $args = array()) { $obLevel = ob_get_level() ; ob_start() ; $return = require_once($file) ; if ($getOutput) { $return = ob_get_clean() ; } else { if ($_mod['base']['output']['strict'] and ob_get_length() > 0) { ::error::go('Output generated in file "' . $file . '".') ; } ob_end_clean() ; } if ($obLevel !== ob_get_level()) { ::error::go('Output buffering level mismatch after inclusion of file "' . $file . '".') ; } return $return ; } This function will not be called using input data. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php