From 20e9bfdece3d1b7de11c5e2d71d5d5be59bb54b4 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Tue, 21 Aug 2018 14:22:44 +0200 Subject: Document our type-juggling-prevention system --- doc/source/config.rst | 5 +++-- doc/source/features.rst | 16 ++++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/doc/source/config.rst b/doc/source/config.rst index b3495ae..14626ce 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst @@ -109,8 +109,9 @@ It can either be ``enabled`` or ``disabled``. Prevent sloppy comparison ^^^^^^^^^^^^^^^^^^^^^^^^^ -sloppy_comparison, disabled by default, will prevent php `type -juggling `_ (``==``) , preventing any bypass of a comparison. +:ref:`Sloppy comparison prevention `, disabled by default, will prevent php `type +juggling `_ (``==``): +two values with different types will always be different. It can either be ``enabled`` or ``disabled``. diff --git a/doc/source/features.rst b/doc/source/features.rst index e420156..5543696 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst @@ -316,6 +316,22 @@ This feature is largely inspired from the `autostrict `_ module from `krakjoe `__. +.. _sloppy-comparisons-feature: + +Preventing sloppy comparisons +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The aforementioned :ref:`strict mode ` only works with +annotated types and native functions, so it doesn't cover every instances of +`type juggling ` +during comparisons. Since comparison between different types in PHP is +`notoriously `__ +difficult to get right, Snuffleupagus offers a way to **always** use the +``identical`` operator instead of the ``equal`` one (see the `operator section +` for PHP's documentation +for more details), so that values with different types will always be treated +as being different. + .. _readonly-exec-feature: Preventing execution of writable PHP files -- cgit v1.3