Geek Answers Handbook

Checking php type for method parameters - is it worth it?

I am wondering what you think of the best practice here - do you buy a lot to check the parameters in PHP? I really saw a noticeable number of errors in projects where you implemented parameter type checking compared to those that do not? I think of such things:

public function __construct($screenName, $createdAt) { if (!is_string($screenName) || !is_string($createdAt) { return FALSE; } }
+7
source share
4 answers

Typically, in a PHP application that uses the skalar variable, β€œtypes” are tied to the actual string input (HTTP request). PHP has made it so simple to convert string input to numbers so you can use it to calculate, etc.

However, checking for scalar is_string values ​​as suggested in your example does not make much sense. Because almost any type of variable in a scalar family is a string, or at least can be used as a string. As for the example of your class, the question will be, does it really make sense to check the type of the variable or not?

For the code you proposed, this makes no sense, because you exit the constructor with return false; . This will lead to the completion of the constructor and the return of an incorrectly initialized object.

Instead, you should throw an exception, for example. a InvalidArgumentException if the constructor argument does not provide the expected / required value type.

Leaving this aside and taking for granted that your constructor of objects should differ between a string and an integer or bool or any other type of scalar, you should do the checks.

If you do not rely on exact types of scalars, you can use a string instead.

Just make sure that the data hidden inside the object is always completely correct, and it is not possible for the incorrect data to slip into private members.

+6
source

It depends. I usually use the hint type built into PHP for higher level objects ((stdClass $ obj, array $ arr, MyClass $ mine)), but when it comes to lower level values ​​- especially numbers and strings, it becomes a little less useful .

For example, if you have the string '12345' , it becomes a little difficult to distinguish between it and the number 12345 .

For everything else, accidentally casting an array into a string will be obvious. PHP instances will scream for class instances that are passed to strings if they don't have __toString . So your only real problem is the classes that have the __toString method and, well, that really limits the number of times it can occur. I am really wondering if this is worth the overhead.

+6
source

Checking function arguments is a very good practice. I suspect that people often don’t do this because their functions are growing and the code is becoming uglier and less readable. Now with PHP 7 you can type scan types, but there is still no solution for cases when you want your parameter to be one of two types: an array or an instance of \ Traversable (both of them can be moved using foreach).

In this case, I recommend looking at the args module from NSPL . __ the constructor from your example will look like this:

 public function __construct($screenName, $createdAt) { expectsAll(string, [$screenName, $createdAt]); } // or require a non-empty array, string or instance of \ArrayAccess function first($sequence) { expects([nonEmpty, arrayAccess, string], $sequence); return $sequence[0]; }

Additional examples here .

+2
source

Better documentation is more important when you're the only one interacting with these methods. The standard commentary on the method definition gives you well-documented methods that can easily be compiled into an API, which is then used in many IDEs.

If you are hosting your libraries or your inputs to other people, it is nevertheless useful to perform type checking and throw errors if your code does not work with their input. Type checking at the user's input protects you from errors and hacking attempts, as well as a library that allows other developers to know that the input they provided is not what you expect, sometimes it is pleasant.

0
source

More articles:


All Articles