CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
Pages
Terms of Use About Contribute 🧠Logic graph Contact
← Back to glossary

Enum::cases() & Enum from()/tryFrom()

PHP PHP 8.1+ Intermediate
debt(d5/e1/b3/t7)
d5 Detectability Operational debt — how invisible misuse is to your safety net

Closest to 'specialist tool catches it' (d5). The detection_hints list phpstan and psalm as the tools that catch misuse (e.g., calling tryFrom() on a unit enum or from() on untrusted input). These are static analysis tools, not the default compiler or a basic linter, placing this squarely at d5.

e1 Effort Remediation debt — work required to fix once spotted

Closest to 'one-line patch or single-call swap' (e1). The quick_fix is a direct substitution: replace from() with tryFrom() for user input, or swap a unit enum for a backed enum. Each correction is a single-call or single-declaration change.

b3 Burden Structural debt — long-term weight of choosing wrong

Closest to 'localised tax' (b3). The choice affects wherever enum values are consumed from external input or used for form options, but the rest of the codebase is unaffected. The fix is scoped to individual call sites rather than being architectural or cross-cutting.

t7 Trap Cognitive debt — how counter-intuitive correct behaviour is

Closest to 'serious trap' (t7). The misconception is that from()/tryFrom() exist on all enums, but they only exist on backed enums. A developer familiar with other language enums or even PHP's own unit enums would confidently call tryFrom() on a unit enum and get a fatal error at runtime. This contradicts the intuitive expectation that all enum variants share the same interface, earning t7.

About DEBT scoring → scored by claude-sonnet-4-6 · 2026-05-11 · reviewed by human

TL;DR

Backed enums provide from() (throws on miss) and tryFrom() (returns null) for value lookup, plus cases() to get all cases — essential for forms and validation.

Explanation

UnitEnum::cases() returns an array of all enum cases. BackedEnum::from(string|int) returns the matching case or throws ValueError. BackedEnum::tryFrom() returns null instead of throwing. Use cases() to build select options, from() when the value should always be valid, tryFrom() when handling user input that may be invalid. Pure enums only have cases() — no from()/tryFrom(). PHP 8.3 added typed enum constants.

Common Misconception

from() and tryFrom() work on pure (unit) enums — they only exist on backed enums (those with : string or : int).

Why It Matters

tryFrom() is the idiomatic way to validate enum values from user input — it handles invalid values gracefully without try/catch.

Common Mistakes

  • Using from() on untrusted user input — throws ValueError.
  • Calling tryFrom() on a pure (unit) enum — method doesn't exist.
  • Not using cases() for building form options — manually listing cases duplicates the enum.

Code Examples

✗ Vulnerable 
// Unsafe — throws ValueError on invalid input:
$status = Status::from($request->get('status'));

// Building options manually — duplicates enum:
$options = ['active' => 'Active', 'inactive' => 'Inactive'];
✓ Fixed 
// Safe user input:
$status = Status::tryFrom($request->get('status')) ?? Status::Active;

// Build options from enum:
$options = array_column(
    array_map(fn(Status $s) => ['value' => $s->value, 'label' => $s->getLabel()], Status::cases()),
    'label', 'value'
);
Added 22 Mar 2026
Views 42

Curated in Warsaw under one editorial standard. 1,506 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings T 0 pings W 1 ping T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 1 ping F 1 ping S 0 pings S 3 pings M 0 pings T 0 pings W 1 ping T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 1 ping W 0 pings T 0 pings F 0 pings S 0 pings S 0 pings M 1 ping T 0 pings W
Agents 0
No pings yet today
PetalBot 1
Amazonbot 9 Unknown AI 4 Google 4 SEMrush 4 Scrapy 4 ChatGPT 3 Perplexity 3 Ahrefs 3 Claude 2 Meta AI 1 PetalBot 1
Also referenced
Input Validation vs Output Encoding 118 Enums (PHP 8.1) 60 match Expression (PHP 8.0) 49 Enums Implementing Interfaces 38
How they use it
crawler 31 crawler_json 5 pre-tracking 2
Related categories
php 13.1k general 3k
DEV INTEL Tools & Severity
🟡 Medium ⚙ Fix effort: Low
⚡ Quick Fix
Use tryFrom() for user input (never from()). Use cases() to build form options. Use from() only when values are from a trusted internal source.
📦 Applies To
PHP 8.1+ web cli queue-worker
🔗 Prerequisites
🔍 Detection Hints
::from\(
Auto-detectable: ✓ Yes phpstan psalm
⚠ Related Problems
🤖 AI Agent
Confidence: High False Positives: Medium ✓ Auto-fixable Fix: Low Context: Line Tests: Update
CWE-20
✓ schema.org compliant