On 27 May 2022, at 07:44, Jordan LeDoux <[email protected]> wrote:
> On Thu, May 26, 2022 at 5:21 AM Craig Francis <[email protected]>
> wrote:
>> It sounds like you got lucky - you have a function that has a problem with
>> NULL (but I assume it's fine with an empty string?), and during your testing
>> you happened to pass NULL to this function. As noted before, static analysis
>> is *considerably* better at these types of checks, because it's able check
>> if variables *can* contain NULL. They can also perform other checks as well
>> (important when your code seems to care about NULL vs an empty string).
>
>
> Nearly *all* code has a problem with null.
Erm, but it doesn't... does it?
I know I keep going on about this very simply example, but it represents a
fairly typical style of programming PHP, and I just do not understand what the
problem with it is:
```
$search = $request->input('q'); // Laravel, returns NULL when 'q' is not
defined.
echo 'Results for ' . htmlspecialchars($search);
```
But forget about it, hopefully someone else can find a solution to the problem.
On 27 May 2022, at 07:44, Jordan LeDoux <[email protected]> wrote:
> It very much feels like the original effort to deprecate null calls decided
> to resolve this by saying "let's have the language help developers improve
> their code so it doesn't have these problems in the first place", and this
> effort is trying to resolve this by saying "let's have the language support
> the buggy code in ways that makes it work".
>
> At my job, my task for the last three weeks has literally been upgrading our
> internal codebase for 8.1, and the biggest set of logs I'm dealing with is
> exactly what you're talking about here: null's passed to internal functions.
> Every single case I've looked at so far has been traced to code that was
> written incorrectly, where some code somewhere was not properly guarding its
> values, and error cases were slipping through.
For one of the teams I work with (the only one trying to make the relevant
changes), this is also their "biggest" problem... but they are having exactly
the opposite experience, a considerable amount of hours have gone into finding
and changing their code, and not a single change was for code that was "written
incorrectly" (I suppose that depends on what you think "correct" code is)...
the other teams I work with are either suppressing this notice, or simply not
upgrading to 8.1.
Craig
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php
