> The one problem with all your musings is that there is no such thing as an
> integer when it comes to transferring data over http.  Everything comes as
> a string.  What is done with these strings when they get to the
> application is what matters.  It's not like there is an HTML form element
> like <input type=integer> or <input type=float>.  All you have is <input
> type=text> when it comes to users entering data and passing it to you.  I
> fail to see how strong typing helps you here at all.  You are going to
> have to apply some sort of user-space rule once you receive the data.  And
> that is quite easy to do with PHP.

Right, obviously.  The only data type in http is the string.  However,
there is obviously some value in being able to say:

function pay(fromaccount int, toaccount int, amount int, memo
         varchar(100)) { // ....

instead of:

function pay(fromaccount, toaccount, amount, memo) { // ....

In the former case, even if there was a mistake in checking user
input, at least the script will die instead of trying to do some
operation on some impossible data type.  That's a good thing.

Obviously, all user input must be taken from string type to other
types, but internal functions should be constrained.  It's just
another level of checking.  It's exactly the same reason why databases
allow you to put constraints into table definitions.  Sure, you should
check that the value is positive when you do the INSERT, but you
should also put a constraint into the table.  Lots of things go
wrong.

Also obviously, this capability isn't needed for most of what PHP is
used for, and so maybe it doesn't belong in PHP, and maybe those of us
who are writing more sensitive aps should look into other things.  Any
sugestions?

I don't want people to think that I'm bashing PHP.  I'm not.  I love
it.  I could never go back to perl or anything else.  It's just that
I'm working on this one particular financial application, and I'm
paranoid that something will slip through somewhere, and I would feel
more comfortable if I could define variables that have built-in
constraints.  Can I use classes to do this?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to