On Sun, 2008-01-06 at 11:28 +0000, Alain Williams wrote:
> On Sat, Jan 05, 2008 at 07:34:04PM -0800, Mike Lively wrote:
>
> > input is going to makes it's way into your api at some point. Now of
> > course you can (and should) be filtering this
> > input before it is used, but if imo when dealing with a loosely typed
> > language where the same input could be hinted as an
> > int in one function it eventually reaches, and a string in another.
>
> > The point being I understand you may be targeting 'internal stuff' but
> > programming (especially web development) is
> > centered around manipulating/reading input to perform actions...just
> > because it's not 'intended' doesn't mean it's going
> > to never happen.
>
> > Also, I am pretty sure PDO returns results from at least mysql and sqlite
> > as strings regardless of their type in the
> > database...or are results from the database also not something type hints
> > are inteded for?
>
> PLEASE READ CAREFULLY
>
> You have NOT understood what type hinting is about.
>
> You are confusing the TYPE and the VALUE.
>
> What type hinting means is:
>
> * is the TYPE correct ? If so succeed.
>
> * can the VALUE be 100% converted to the desired TYPE (eg '5' to int) ? If so
> succeed.
>
> * fail
>
> Type HINTING is not type ENFORCEMENT. PHP type juggling is still allowed, so
> PDO returning results as strings
> is quite OK as long as what is defined to be numeric *really* has a VALUE
> that is a number.
>
Actually this patch does do type enforcement. Once we start doing
conversions, we get into a gray area concerning the conversion rules.
As I said, this patch is not intended for stuff like $_GET, $_POST,
database data, etc. It is intended for internal functions to your
application.
function requireFile(string $file, bool $getOutput = false, array $args
= array())
{
$obLevel = ob_get_level() ;
ob_start() ;
$return = require_once($file) ;
if ($getOutput)
{
$return = ob_get_clean() ;
}
else
{
if ($_mod['base']['output']['strict'] and
ob_get_length() > 0)
{
::error::go('Output generated
in file "' . $file . '".') ;
}
ob_end_clean() ;
}
if ($obLevel !== ob_get_level())
{
::error::go('Output buffering level mismatch
after inclusion of file
"' . $file . '".') ;
}
return $return ;
}
This function will not be called using input data.
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
