[12.x] Add InteractsWithData::clamp()

[cosmastech]

I see it happen pretty routinely that an endpoint has a per_page parameter that someone will retrieve like this:

/** @var int<PHP_INT_MIN, PHP_INT_MAX> $perPage */
$perPage = request()->integer('per_page', 50);

If the request doesn't have validation in front of it (which happens pretty frequently), an attack surface is opened up to perform painfully large DB queries. If we can gently nudge developers to instead use:

/** @var int<1, 100> $perPage */
$perPage = request()->clamp('per_page', 1, 100, 50);

then databases everywhere will be overjoyed! OWASP experts will have to find new work! Gitlab and GitHub will receive fewer comments by yours truly!

[shaedrich]

Not sure but people might appreciate a shortcut 🤔

Suggested change

	* @param int|float $max
	* @param int|float $default
	* @return float|int
	*/
	public function clamp($key, $min, $max, $default = 0)
	{
	return Number::clamp($this->data($key, $default), $min, $max);
	}
	* @param int|float|null $max
	* @param int|float $default
	* @return float|int
	*/
	public function clamp($key, $min, $max = null, $default = 0)
	{
	if (func_num_args() === 2) {
	$max = $min;
	$min = 0;
	}
	return Number::clamp($this->data($key, $default), $min, $max);
	}

or

Suggested change

	* @param int|float $max
	* @param int|float $default
	* @return float|int
	*/
	public function clamp($key, $min, $max, $default = 0)
	{
	return Number::clamp($this->data($key, $default), $min, $max);
	}
	* @param int|float|null $max
	* @param int|float $default
	* @return float|int
	*/
	public function clamp($key, $min, $max = null, $default = 0)
	{
	if (func_num_args() === 2) {
	[$min, $max] = [0, $min];
	}
	return Number::clamp($this->data($key, $default), $min, $max);
	}

[cosmastech]

That's clever!

[cosmastech]

I think I'll leave it as is for now. I have a feeling this one is maybe a bit on the "we already have Number::clamp()" side of the house, but we'll see.