Edit report at https://bugs.php.net/bug.php?id=62097&edit=1
ID: 62097
User updated by: kazuo at o-ishi dot jp
Reported by: kazuo at o-ishi dot jp
Summary: New behavior of string == has a compatibility
problem
Status: Assigned
Type: Bug
Package: Scripting Engine problem
Operating System: Gentoo Linux
PHP Version: 5.4.4RC1
Assigned To: stas
Block user comment: N
Private report: N
New Comment:
I have shown test cases that work on released version 5.4.3
but not work on developing version.
Now, YOU need explain real merit of this backward incompatible change.
md5() is not enough reason, because it should always be compared by
=== instead of ==.
Generally, at the case when new behavior (memcmp for large
value) is acceptable, we can and we should just use ===.
> If you have such code
> sample and can explain what data it accepts, what it does and why it relies
> on
> string comparisons cutting numbers, please do so. Your database example is
> missing data, so I can not see what is going on there and why you think it
> works
> differently in 5.4.3 and 5.4.4.
(I'm sorry but I cannot understand what you say in this two sentence.
Could you explain detail?)
In JPY (Japan Yen), we normally use it in integer (e.g. 100 yen).
But sometimes it take fraction (e.g. foreign exchange 1 USD = 78.80 JPY).
So database column type with fraction is reasonable.
And set to / get from the column in integer form is also reasonable.
Again, I just report incompatibility from PHP 5.4.3 to PHP 5.4.4RC.
This is wrong way if you want to fix security problem, because
incompatible change makes the users difficult to migrate to new version.
Previous Comments:
------------------------------------------------------------------------
[2012-05-31 00:46:41] s...@php.net
I do not see "heavy" impact - so far I did not see any code sample that did
something that makes sense in 5.4.3 but not on 5.4.4. If you have such code
sample and can explain what data it accepts, what it does and why it relies on
string comparisons cutting numbers, please do so. Your database example is
missing data, so I can not see what is going on there and why you think it
works
differently in 5.4.3 and 5.4.4.
------------------------------------------------------------------------
[2012-05-30 08:57:43] kazuo at o-ishi dot jp
In summary, this is my opinion:
Recent changes on string == have problems on compatibility.
Impact of the behavior change of == operator is heavy.
This change should be excluded from PHP 5.4.x series.
I'm sure that current (old) behavior also have problems, but
compatibility is better.
If it will be changed, it should be a natural extension of current
behavior; number-like string is compared as number.
(e.g. canonicalize string as number way before memcmp.)
Of course, such behavior should be described explicitly in PHP Manual.
------------------------------------------------------------------------
[2012-05-30 07:18:45] kazuo at o-ishi dot jp
Please think that it is money (or member ID).
But why?
------------------------------------------------------------------------
[2012-05-30 07:09:15] s...@php.net
What is in $row[0] in your example?
------------------------------------------------------------------------
[2012-05-30 06:17:28] s...@php.net
Automatic comment on behalf of cataphract
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=78ff9ebb6bb501dff995727512c38fdeff50021b
Log: Fixed bug #62097
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=62097
--
Edit this bug report at https://bugs.php.net/bug.php?id=62097&edit=1
