Make your code
do your job

Presented by Larry Garfield (@Crell)

@Crell

Larry implements Huggable
  • Senior Architect, Palantir.net
  • Drupal 8 Web Services Lead
  • Drupal Representative, PHP-FIG
  • implements Huggable

Humans got smarter by making tools
do our work for us.

Make your tools do your job

Your job is...

To write code

To write correct (error-free) code

Be smarter

Make your tools find the errors for you

Static analysis

I can tell it's wrong just by looking at it

My tools can tell it's wrong just by looking at it

E_ALL

What is wrong with this picture?


function showForm($user) {
    require_once('form_tools.php');

    if ($user->isAdmin()) {
        $isAdmin = true;
    }

    $out = "<form>\n<input name='name'>";

    if ($isAdmin) {
        $out .= "<select name='role'>\n";
        $out .= "<option>Admin</option>\n";
        $out .= "<option>Peon</option>\n";
        $out .= "</option>";
    }

    $out .= "</form>";
    return $out;
}
        

          PHP Notice:  Undefined variable: isAdmin in samples.php on line 15
        

Slightly better


function showForm($user) {
    require_once('form_tools.php');

    $isAdmin = (bool)($user->isAdmin());

    $out = "<form>\n<input name='name'>";

    if ($isAdmin) {
        $out .= "<select name='role'>";
        $out .= "<option>Admin</option>\n";
        $out .= "<option>Peon</option>\n";
        $out .= "</option>";
    }

    $out .= "</form>";
    return $out;
}
        

PHP Mess Detector

Add information to analyze

Approximate your code

Abstracting values


function sum_square($a, $b) {
  return ($a * $a) + ($b * $b);
}
        

Number {
  POSITIVE,
  NEGATIVE,
  ZERO,
  UNKNOWN
}
          

POSITIVE * POSITIVE = POSITIVE;          POSITIVE + POSITIVE = POSITIVE;
POSITIVE * NEGATIVE = NEGATIVE;          NEGATIVE + NEGATIVE = NEGATIVE;
NEGATIVE * NEGATIVE = POSITIVE;          POSITIVE + NEGATIVE = UNKNOWN;
POSITIVE * ZERO = ZERO;                  POSITIVE + ZERO = POSITIVE;
NEGATIVE * ZERO = ZERO;                  NEGATIVE + ZERO = NEGATIVE;
UNKNOWN  * ZERO = ZERO;                  POSITIVE + UNKNOWN = UNKNOWN;
UNKNOWN  * POSITIVE = UNKNOWN;           NEGATIVE + UNKNOWN = UNKNOWN;
UNKNOWN  * NEGATIVE = UNKNOWN;           UNKNOWN  + ZERO = UNKNOWN;
        

          The result will always be POSITIVE or ZERO, never NEGATIVE.
        

Errors


function bigger($x, $y) {
  return ($x > $y) ? $x : 0;
}

function compute($a, $b, $c) {
  return ($a + $b) / ($b * $c);
}
        

compute($a, $b, bigger($x, $y));
        

What do we know?

Errors


function bigger($x, $y) {
  return ($x > $y) ? "the first" : "the second";
}

function compute($a, $b, $c) {
  return ($a + $b) / ($b * $c);
}

compute($a, $b, bigger($x, $y));
        

What do we know?

Put the abstract version in code


function bigger(number $x, number $y) {
  return ($x > $y) ? $x : 'the second';
}
function compute(number $a, number $b, number $c) returns a number {
  return ($a + $b) / ($b * $c);
}
        

May or may not work


function bigger(number $x, number $y) returns a string {
  return ($x > $y) ? "the first" : "the second";
}
function compute(number $a, number $b, number $c) returns a number {
  return ($a + $b) / ($b * $c);
}
        

Obviously wrong!


function bigger(number $x, number $y) returns a number {
  return ($x > $y) ? 1 : 2;
}
function compute(number $a, number $b, number $c) returns a number {
  return ($a + $b) / ($b * $c);
}
        

Cannot fail!

Tools can tell you that,
if you help them

Type systems

A type system is a tractable syntactic method for proving the absence of certain program behaviors by classifying phrases according to the kinds of values they compute.

—Benjamin Pierce, Types and Programming Languages

Semantic metadata about code we can analyze to find bugs

Typing crash course

Static types
Specified ahead of time, analyzed by the compiler
Dynamic types
Derived by the compiler/runtime on the fly
Explicit types
Specified in the source code by a human
Implicit types
Compiler derives types from context
Strict types (PHP)
Variables only change type explicitly
Weak types (PHP)
Variables can change type implicitly where possible

Types in PHPractice


function compute_shipping($src, $user) {
  $dest = $user['addres'];

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

function distance_between($src, $dest) {
  // ...
}

compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

HTTP Referer header, anyone?


function compute_shipping($src, $user) {
  $dest = $user['address'];

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

function compute_shipping($src, $user) {
  $dest = $user['address'];

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$user = 123;
compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

function compute_shipping($src, array $user) {
  $dest = $user['address'];

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$user = 123;
compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

function compute_shipping($src, array $user) {
  $dest = $user['address'];

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$user = ['id' => 123];
compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

class User {
  public $id;
  public $address;

  public function __construct($id, $address) {
    $this->id = $id;
    $this->address = $address;
  }
}

function compute_shipping($src, User $user) {
  $dest = $user->address;

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$user = new User(/*...*/);

compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

function compute_shipping($src, User $user) {
  $dest = $user->address;

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$user = new User(123, [
  'street' => '456 Main',
  'city' => 'Chicago',
  'state' => 'IL',
  'zip' => 60614,
]);

compute_shipping('2211 N. Elston Ave, Chicago, IL 60614', $user);
        

Does this still work? Up to distance_between()


class User {
  public $id;
  public $address;

  public function __construct($id, Address $address) {
    $this->id = $id;
    $this->address = $address;
  }
}

class Address {
  public $street;
  public $city;
  public $state;
  public $zip;
}

function distance_between(Address $src, Address $dest) { /* ... */ }

function compute_shipping($src, User $user) {
  $dest = $user->address;
  $distance = distance_between($src, $dest);
  return $distance * .5; // 50 cents/km
}

$u_address = new Address();
$u_address->street = '456 Main St.';
$u_address->city = 'Chicago';
$u_address->state = 'IL';
$u_address->zip = 60614;

$user = new User(123, $u_address);
$src = new Address(); // ...
compute_shipping($src, $user);
        

class User {
  protected $id;
  protected $address;

  public function __construct($id, Address $address) {
    $this->id = $id;
    $this->address = $address;
  }

  public function getAddress() : Address {
    return $this->address;
  }
}

function compute_shipping($src, User $user) {
  $dest = $user->getAddress();

  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

$u_address = new Address(); // ...

$user = new User(123, $u_address);

$src = new Address(); // ...

compute_shipping($src, $user);
        

<aside>

Return types

  • New in PHP 7!
  • Not nullable (good)

$r = new UserRepository();

print $r->findById(123)->getAddress()->getStreet() . PHP_EOL;
        

          Method called on non-object
        

No NULL means:

  • Exception
  • "Empty" value object

For Repositories etc.


class UserRepository {
  // ...

  public function findById($id) : User {
    if (/* can't find the user */) {
     throw new InvalidArgumentException('No such User: ' . $id);
    }
    return $user;
  }

}
        

For Value objects


interface AddressInterface {
  public function getStreet();
  public function getCity();
  public function getState();
  public function getZip();
}

class EmptyAddress implements AddressInterface {
  public function getStreet() { return ''; }
  public function getCity() { return ''; }
  public function getState() { return ''; }
  public function getZip() { return ''; }
}

class Address implements AddressInterface {
    // ...
}
        

Returning false on error is a
big 'screw you' to your users

</aside>


class User {
  protected $id;
  protected $address;

  public function __construct($id, AddressInterface $address) {
    $this->id = $id;
    $this->address = $address;
  }

  public function getAddress() : AddressInterface {
    return $this->address;
  }
}

function compute_shipping(AddressInterface $src, User $user) {
  $dest = $user->getAddress();
  $distance = distance_between($src, $dest);
  return $distance * .5; // 50 cents/km
}

function distance_between(AddressInterface $src, AddressInterface $dest) {
  // ...
}

$u_address = new Address(); // ...
$user = new User(123, $u_address);

$src = new Address(); // ...
compute_shipping($src, $user);
        

function compute_shipping(AddressInterface $src, AddressInterface $dest) {
  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

function distance_between(AddressInterface $src, AddressInterface $dest) {
  // ...
}

$u_address = new Address(); // ...
$user = new User(123, $u_address);

$src = new Address(); // ...
compute_shipping($src, $user->getAddress());
        

What does distance_between() return?


function compute_shipping(AddressInterface $src, AddressInterface $dest) : float {
  $distance = distance_between($src, $dest);

  return $distance * .5; // 50 cents/km
}

function distance_between(AddressInterface $src, AddressInterface $dest) : int {
  // ...
}

$u_address = new Address(); // ...
$user = new User(123, $u_address);

$src = new Address(); // ...
compute_shipping($src, $user->getAddress());
        

Scalar typing

Everyone here owes
Andrea Faulds and Anthony Ferrara a drink

New type specs in PHP 7

  • int
  • float
  • string
  • bool

Full type list

  • int
  • float
  • string
  • bool
  • array
  • Any class name
  • callable

interface AddressInterface {
  public function getStreet();
  public function getCity();
  public function getState();
  public function getZip();
}
        

Is getStreet() a string or object?


interface AddressInterface {
  public function getStreet() : string;
  public function getCity() : string;
  public function getState() : string;
  public function getZip() : string;
}
        

class Address implements AddressInterface {
  public function __construct(string $street, string $city, string $state, string $zip) {
    // ...
  }
  // ...
}
        

$u_address = new Address('45 Hull St', 'Boston', 'MA', 02113);
$user = new User(123, $u_address);

$src = new Address('2211 N. Elston Ave', 'Chicago', 'IL', 60614);
compute_shipping($src, $user->getAddress());
        

Strict vs Weak mode

Weak by default

* string -> int may E_NOTICE

Strict mode

Address.php


declare(strict_types=1);

class Address implements AddressInterface {
  public function __construct(string $street, string $city, string $state, string $zip) {
    // ...
  }
  public function getZip() : string {
    return $this->zip;
  }


  // ...
}
        

Affects calls and returns from this file

Strict mode

setup.php


declare(strict_types=1);

$u_address = new Address('45 Hull St', 'Boston', 'MA', 02113);
$user = new User(123, $u_address);

$src = new Address('2211 N. Elston Ave', 'Chicago', 'IL', 60614);
compute_shipping($src, $user->getAddress());
        

Affects calls and returns from this file

Casting in strict mode

* int converts to float automatically

Using strict types

90% of the time

(Everywhere except Input)

Also, Documentation

No silver bullet

Types find bugs

Types find many bugs

Type checkers have false positives


class ThingOne {
  public function helpCat() { /* ... */ }
}

class ThingTwo {
  public function helpCat() { /* ... */ }
}

class CatInTheHat {

  public function welcome(ThingOne $thing) {
    $thing->helpCat();
  }
}
        

Type checking will reject valid programs!

So, testing?

Program testing can be used to show the presence of bugs, but never to show their absence.

— Edsger W. Dijkstra

Testing will accept invalid programs!

Testing: establishes upper bounds on correctness

Proof: establishes lower bounds on correctness

Chris Smith

Typing is a form of automated proof

Type first, then test

We've outsourced testing to language syntax!

Larry Garfield

Senior Architect, Palantir.net

Let's Make Something Good Together.

Keep tabs on our work at @Palantir

Further reading