docs: replace types mixed at all classes in Validation.

[ping-yee]

Description
See #6310
I don't modify the mixed at reuquired_without[] comment out in Validation\StrictRules\Rules.php because I already changed it at PR #6589 .

Checklist:

• Securely signed commits
• Component(s) with PHPDoc blocks, only if necessary or adds value
• Unit testing, with >80% coverage
• User guide updated
• Conforms to style guide

[kenjis]

Probably the input value type is array|bool|float|int|object|string|null for all methods.
Because an attacker can send any value that can be used in JSON.

[ping-yee]

Honestly, I am not sure about the different between normal rule and strict rule.

Is it just different between having strict mode and not having strict mode?
If it is, there is the fixed type ?string $str paramter of these function at not having strict mode.

Like:

In not having strict mode.

CodeIgniter4/system/Validation/Rules.php

Line 27 in dbb3426

public function differs(?string $str, string $field, array $data): bool

CodeIgniter4/system/Validation/Rules.php

Line 39 in dbb3426

public function equals(?string $str, string $val): bool

In having strict mode.

CodeIgniter4/system/Validation/StrictRules/Rules.php

Line 37 in dbb3426

public function differs($str, string $field, array $data): bool

CodeIgniter4/system/Validation/StrictRules/Rules.php

Line 51 in dbb3426

public function equals($str, string $val): bool

If all of the values need to be changed to array|bool|float|int|object|string|null, probably all of paramters need to be changed from ?string $str to $str at not having strict mode file.

[kenjis]

See https://codeigniter4.github.io/CodeIgniter4/libraries/validation.html#traditional-and-strict-rules

Traditional Rules are legacy. These are not designed to validate non-string values.

Strictly speaking, probably traditional rule parameter types should be removed, too.
But it is a breaking changes.

[MGatner]

I'm afraid it will need to be more nuanced and painstaking than this. For example, the first line of int:

if (is_int($str)) {

... clearly means to support int input.

I think it is a problem with our Validation class in a larger scale, that it is trying to be both Form Validation and more General/Persistence Validation. But until a rework is agreed upon and executed we will need to try to hold these together.

[ping-yee]

Yeah, it looks like will be a huge work and what I think is too easy before.
But I have no time to handle this huge work recently, I may split this huge work into some smaller PR to contribute.