RE: [PHP-DEV] RE: Announcing RFC 'Anonymous Catches'
>> If you have an exception like BadCredentialsException and throw it
>> during authentication if the user has entered wrong login data, than
>> you have such a situation right?
>> But do you need any further information? No - in the catch block it may
>> be enough to create a message for the user saying: "wrong username or password".
>
> I believe that the example you provided, the one with
> 'BadCredentialsException', is a good example of a bad design and usage
> of exceptions, at least from my point of view.
>
> The fact that frameworks like Symfony2, Zend Framework or other php
> libraries/frameworks (ab)use the exceptions it doesn't mean that it's
> a good thing or you should have exceptions for everything.
Alright... all bigger frameworks have a bad design...
> The provided example could just as well return false; for the login
> function and that's it, no?
What if a false login could have different reasons? And these reasons could be
dynamic because other users may add event listeners and add additional "exceptional
cases"?
false cannot contain this information.
> Exceptions should be used for exceptional cases where the application
> can't recover automatically from them.
> They are, even as their name suggests, exceptional cases, while a bad
> credential for a user login is not :)
I think you are confusing "exception" with "error". It is a point of view
wheather
a case is exceptional or not. In my opinion bad credentials are an exception
because the normal flow is a successful login.
Best regards
--
Christian Stoller
LEONEX Internet GmbH
Thread (18 messages)