Better weak-typing.

.gitignore

@@ -1,2 +1,4 @@
 composer.lock
 /vendor/
+/tests/phpunit.phar
+/tests/phpunit.phar.asc

lib/random_bytes_com_dotnet.php

@@ -39,7 +39,10 @@
  */
 function random_bytes($bytes)
 {
-    if (is_float($bytes) || (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))) {
+    if (
+        (is_float($bytes) && $bytes >= ~PHP_INT_MAX && $bytes <= PHP_INT_MAX) ||
+        (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))
+    ) {
         $bytes = (int) $bytes;
     }
     if (!is_int($bytes)) {

lib/random_bytes_dev_urandom.php

@@ -74,7 +74,10 @@ function random_bytes($bytes)
             stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);
         }
     }
-    if (is_float($bytes) || (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))) {
+    if (
+        (is_float($bytes) && $bytes >= ~PHP_INT_MAX && $bytes <= PHP_INT_MAX) ||
+        (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))
+    ) {
         $bytes = (int) $bytes;
     }
     if (!is_int($bytes)) {

lib/random_bytes_libsodium.php

@@ -41,7 +41,10 @@
  */
 function random_bytes($bytes)
 {
-    if (is_float($bytes) || (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))) {
+    if (
+        (is_float($bytes) && $bytes >= ~PHP_INT_MAX && $bytes <= PHP_INT_MAX) ||
+        (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))
+    ) {
         $bytes = (int) $bytes;
     }
     if (!is_int($bytes)) {

lib/random_bytes_mcrypt.php

@@ -41,7 +41,10 @@
  */
 function random_bytes($bytes)
 {
-    if (is_float($bytes) || (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))) {
+    if (
+        (is_float($bytes) && $bytes >= ~PHP_INT_MAX && $bytes <= PHP_INT_MAX) ||
+        (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))
+    ) {
         $bytes = (int) $bytes;
     }
     if (!is_int($bytes)) {

lib/random_bytes_openssl.php

@@ -41,7 +41,10 @@
  */
 function random_bytes($bytes)
 {
-    if (is_float($bytes) || (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))) {
+    if (
+        (is_float($bytes) && $bytes >= ~PHP_INT_MAX && $bytes <= PHP_INT_MAX) ||
+        (is_string($bytes) && preg_match('#^\-?[0-9]+$#', $bytes))
+    ) {
         $bytes = (int) $bytes;
     }
     if (!is_int($bytes)) {

lib/random_int.php

@@ -41,15 +41,21 @@ function random_int($min, $max)
     /**
      * Type and input logic checks
      */
-    if (is_float($min) || (is_string($min) && preg_match('#^\-?[0-9]+$#', $min))) {
+    if (
+        (is_float($min) && $min >= ~PHP_INT_MAX && $min <= PHP_INT_MAX) ||
+        (is_string($min) && preg_match('#^\-?[0-9]+$#', $min))
+    ) {
         $min = (int) $min;
     }
     if (!is_int($min)) {
         throw new TypeError(
             'random_int(): $min must be an integer'
         );
     }
-    if (is_float($max) || (is_string($max) && preg_match('#^\-?[0-9]+$#', $max))) {
+    if (
+        (is_float($max) && $max >= ~PHP_INT_MAX && $max <= PHP_INT_MAX) ||
+        (is_string($max) && preg_match('#^\-?[0-9]+$#', $max))
+    ) {
         $max = (int) $max;
     }
     if (!is_int($max)) {

tests/unit/RandomIntTest.php

@@ -18,6 +18,7 @@ public function testOutput()
             random_int("0", "1"),
             random_int(0.11111, 0.99999),
             random_int($half_neg_max, PHP_INT_MAX),
+            random_int(0.0, 255.0)
         );
 
         $this->assertFalse($integers[0] === $integers[1]);
@@ -29,5 +30,29 @@ public function testOutput()
         $this->assertTrue($integers[5] >= 0 && $integers[5] <= 1);
         $this->assertTrue($integers[6] === 0);
         $this->assertTrue($integers[7] >= $half_neg_max && $integers[7] <= PHP_INT_MAX);
+        $this->assertTrue($integers[8] >= 0 && $integers[8] <= 255);
+    }
+
+    public function testFailureCases()
+    {
+        // Machine epsilons make this insignificant with +1 or - 1:
+        $x = PHP_INT_MAX;
+        $x += 2048;
+        $y = ~PHP_INT_MAX;
+        $y -= 2048;
+
+        try {
+            $integer = random_int(0, $x);
+            $this->assertTrue(false);
+        } catch (Error $ex) {
+            $this->assertTrue($ex instanceof Exception);
+        }
+
+        try {
+            $integer = random_int($y, $x);
+            $this->assertTrue(false);
+        } catch (Error $ex) {
+            $this->assertTrue($ex instanceof Exception);
+        }
     }
 }