DIP33: A standard exception hierarchy
Dicebot
m.strashun at gmail.com
Thu Apr 4 01:04:22 PDT 2013
On Wednesday, 3 April 2013 at 21:44:36 UTC, Jonathan M Davis
wrote:
> The main issue I have with the wrapper is the fact that you're
> then forced to
> overload your function if you want it to test the argument for
> validity if
> it's not wrapped and not test if it's wrapped. So, you're
> creating an extra
> overload with every function that's using the wrapper to
> determine whether it
> should test or not. And if you're not creating those overloads,
> then there was
> no point in creating the wrapper in the first place.
>
> - Jonathan M Davis
Imagine typical web app. It does want all string data used with
db backend escaped to prevent any SQL injections. It does not
want to add checks if data is escaped in every single db-related
function because they aren't free and data is supposed to come in
already escaped by user input validator.
Consider using wrapper types here. db backend functions don't
need to accept raw data because they are supposed to get them
already escaped. User input validation works with raw strings and
can never receive wrapped ones from anyone.
It is like contract, but works in release and is verified by type
system instead of custom code. You may just omit wrapper, of
course, but you lose compile-time errors on attempt to send raw
string to db then. That is huge difference.
More information about the Digitalmars-d
mailing list