rfc:null_coercion_consistency
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
rfc:null_coercion_consistency [2022/04/15 07:32] – Feedback from George P. Banyard craigfrancis | rfc:null_coercion_consistency [2022/04/15 07:34] – craigfrancis | ||
---|---|---|---|
Line 131: | Line 131: | ||
</ | </ | ||
- | Examples where NULL has previously been fine for scripts not using // | + | Examples, often working with user input, |
<code php> | <code php> | ||
Line 155: | Line 155: | ||
</ | </ | ||
- | And developers have used //NULL// to skip certain parameters, e.g. | + | And developers have used NULL to skip certain parameters, e.g. |
<code php> | <code php> | ||
setcookie(' | setcookie(' | ||
+ | |||
+ | substr($string, | ||
mail(' | mail(' | ||
Line 171: | Line 173: | ||
The only realistic way for developers to find when NULL is passed to these internal functions is to use the deprecation notices (not ideal). | The only realistic way for developers to find when NULL is passed to these internal functions is to use the deprecation notices (not ideal). | ||
- | It is possible to use very strict Static Analysis, to follow every variable from source to sink (to check if a variable could be //NULL//), but most developers are not in a position to do this (i.e. not using static analysis, or not at a high enough level, or they are using a baseline to ignore). | + | It is possible to use very strict Static Analysis, to follow every variable from source to sink (to check if a variable could be NULL), but most developers are not in a position to do this (i.e. not using static analysis, or not at a high enough level, or they are using a baseline to ignore). |
In the last JetBrains developer survey, where 67% regularly used Laravel, **only 33% used Static Analysis** ([[https:// | In the last JetBrains developer survey, where 67% regularly used Laravel, **only 33% used Static Analysis** ([[https:// | ||
Line 355: | Line 357: | ||
===== Rejected Features ===== | ===== Rejected Features ===== | ||
- | Did consider updating | + | - Updating |
===== Notes ===== | ===== Notes ===== |
rfc/null_coercion_consistency.txt · Last modified: 2023/10/18 11:57 by craigfrancis