Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Anthony Ferrara:
Scalar Types and PHP
Feb 12, 2015 @ 17:25:47

Anthony Ferrara has tossed his own hat into the ring around the debate that's been going about the RFC for scalar type hints in PHP. In his post he agrees with (most of) the suggestions made in the proposal around strict, weak and the "compromise" of mixed typing.

There's currently a proposal that's under vote to add Pascal Martin's excellent post about it. What I want to talk about is more of an opinion. Why I believe this is the correct approach to the problem.

He starts off talking about the "all strict" angle that some suggested as the proper approach then moves into the "weak argument" explaining the difference between the two. He shares a bit of history around the problems detecting subtle bugs caused by typing issues and how it is definitely a problem that needs solving. Finally, he talks about the mixed-typing compromise and provides some code samples showing a common bug that can happen with weak typing.

tagged: scalar type hint rfc opinion example weak compromise mixedtype

Link: http://blog.ircmaxell.com/2015/02/scalar-types-and-php.html

Anthony Ferrara:
What's In A Type
Oct 24, 2014 @ 18:55:39

In a new post to his site Anthony Ferrara takes on the topic of typing in PHP, discussing some of the main ideas around the current typing scheme and the discussions being have about potential changes.

There has been a lot of talk about typing in PHP lately. There are a couple of popular proposals for how to clean up PHP's APIs to be simpler. Most of them involve changing PHP's type system at a very fundamental level. So I thought it would be a good idea to talk about that. What goes into a type?

He starts at the highest level, covering what "typing" is in general and some of the tradeoffs that come with being a strongly typed versus weakly typed language. He then gets into PHP's two "semi-independent type systems" - one for objects and one for everything else. He includes some code examples to illustrate and how, for the non-object handling, context means everything for how the types are switched. He also talks about polymorphism, the chaos that could come from scalars becoming objects and a current RFC suggesting the addition of "safe casting" functions to PHP to provide less "magic" when shifting values from one type to another.

tagged: type switching casting rfc proposal function weak strong

Link: http://blog.ircmaxell.com/2014/10/whats-in-type.html

Matthew Turland's Blog:
The Yin and Yang of Typing
Feb 01, 2008 @ 17:58:00

A little while back Matthew Turland posted about something that some developers moving over to PHP from more strict languages have an issue with - variable typing - and how its evolved in languages over time.

Without a little background in programming languages or computer science in general, it's entirely possible that typing systems are not something that have crossed your mind. I thought I'd take a blog entry to share some of my thoughts on how it’s affecting the creation and evolution of languages.

He walks through history a bit, mentioning C, Java, Python and PHP and how they differ in their default type handling. He especially focuses on the "blurred line" between strong and weak typing and how some if offers special features to the language that uses the method.

tagged: typing strong weak strict dynamic java python c

Link:

Secunia.com:
PHP SOAP Extension HTTP Authentication Weak Nonce
May 16, 2007 @ 14:31:00

Secunia has a new advisory posted concerning an issue discovered with PHP's SOAP extension's HTTP authentication mechanism:

The weakness is caused due to the use of an uninitialized variable within the function "make_http_soap_request()" of the SOAP extension when calling "php_rand_r()" to generate the nonce for the digest authentication, which may result in a weak and predictable nonce.

The issue is marked as "less critical" but should still be taken into consideration. The issue has been corrected in the latest CVS commit.

tagged: soap extension weak nonce phprandr cvs commit soap extension weak nonce phprandr cvs commit

Link:

Secunia.com:
PHP SOAP Extension HTTP Authentication Weak Nonce
May 16, 2007 @ 14:31:00

Secunia has a new advisory posted concerning an issue discovered with PHP's SOAP extension's HTTP authentication mechanism:

The weakness is caused due to the use of an uninitialized variable within the function "make_http_soap_request()" of the SOAP extension when calling "php_rand_r()" to generate the nonce for the digest authentication, which may result in a weak and predictable nonce.

The issue is marked as "less critical" but should still be taken into consideration. The issue has been corrected in the latest CVS commit.

tagged: soap extension weak nonce phprandr cvs commit soap extension weak nonce phprandr cvs commit

Link:


Trending Topics: