Edit report at https://bugs.php.net/bug.php?id=62097&edit=1
ID: 62097
Updated by: hholz...@php.net
Reported by: kazuo at o-ishi dot jp
Summary: New behavior of string == has a compatibility
problem
Status: Wont fix
Type: Bug
Package: Scripting Engine problem
Operating System: Gentoo Linux
PHP Version: 5.4.4RC1
Assigned To: stas
Block user comment: Y
Private report: N
New Comment:
Ok, so the problem is not only with leading zeros but also with trailing
decimals
, eg.
"12345678901234567890" == "12345678901234567890.0"
will now return false while it returned true before (that is the essence of the
pgsql example further above).
This in combination with NUMERIC or DECIMAL fixed point values in databases
does indeed look like a more likely BC issue to run into than the leading zero
case.
On the other hand we're in "never compare floats for equality" land here ...
Previous Comments:
------------------------------------------------------------------------
[2012-06-01 21:26:20] s...@php.net
OK, we got trolls here, so I'm blocking comments to it. If you want to continue
discussion, you're welcome to raise it on the list.
------------------------------------------------------------------------
[2012-06-01 20:44:31] steve at home dot com
kazuo at o-ishi dot jp:
Just don't expect the PHP type system to make any sense, it's easier than
trying to understand it at this point. Obviously the developer you are talking
to does not understand this issue. If you want to have reliable behavior, PHP
is not for you (unless you stick to a single version and work out the oddities).
------------------------------------------------------------------------
[2012-05-31 06:23:30] s...@php.net
I believe I did explain the reason and I believe this is reason enough. If you
disagree, please feel free to raise it on internals list and if enough of the
community supports you it will be reversed. So far I did not hear any more
complaints about it. I think it is clear that there is a disagreement between
us
about how to handle this, and more discussion is not going to bring any
improvement. I am closing this bug, if you feel more discussion is required
please raise it on the list.
------------------------------------------------------------------------
[2012-05-31 02:36:51] kazuo at o-ishi dot jp
I have shown test cases that work on released version 5.4.3
but not work on developing version.
Now, YOU need explain real merit of this backward incompatible change.
md5() is not enough reason, because it should always be compared by
=== instead of ==.
Generally, at the case when new behavior (memcmp for large
value) is acceptable, we can and we should just use ===.
> If you have such code
> sample and can explain what data it accepts, what it does and why it relies
> on
> string comparisons cutting numbers, please do so. Your database example is
> missing data, so I can not see what is going on there and why you think it
> works
> differently in 5.4.3 and 5.4.4.
(I'm sorry but I cannot understand what you say in this two sentence.
Could you explain detail?)
In JPY (Japan Yen), we normally use it in integer (e.g. 100 yen).
But sometimes it take fraction (e.g. foreign exchange 1 USD = 78.80 JPY).
So database column type with fraction is reasonable.
And set to / get from the column in integer form is also reasonable.
Again, I just report incompatibility from PHP 5.4.3 to PHP 5.4.4RC.
This is wrong way if you want to fix security problem, because
incompatible change makes the users difficult to migrate to new version.
------------------------------------------------------------------------
[2012-05-31 00:46:41] s...@php.net
I do not see "heavy" impact - so far I did not see any code sample that did
something that makes sense in 5.4.3 but not on 5.4.4. If you have such code
sample and can explain what data it accepts, what it does and why it relies on
string comparisons cutting numbers, please do so. Your database example is
missing data, so I can not see what is going on there and why you think it
works
differently in 5.4.3 and 5.4.4.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=62097
--
Edit this bug report at https://bugs.php.net/bug.php?id=62097&edit=1
