php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #71319 FILTER_SANITIZE_NUMBER_FLOAT return float instead of string
Submitted: 2016-01-09 12:40 UTC Modified: 2020-06-04 16:29 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: cyb10101 at gmail dot com Assigned: cmb (profile)
Status: Not a bug Package: Filter related
PHP Version: 5.5.31 OS: Ubuntu 14.04
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: cyb10101 at gmail dot com
New email:
PHP Version: OS:

 

 [2016-01-09 12:40 UTC] cyb10101 at gmail dot com 
Description:
------------
Hi, I'm not sure if that's a bug.
The function filter_var($x, FILTER_SANITIZE_NUMBER_FLOAT) should not return a float instead string?

Kind regards, Cyb10101

Test script:
---------------
<?php
function d($a = '', $x, $z = ' | ') {echo $a; var_dump($x); echo $z;}
function run($x) {
	d('init=', $x);
	d('bool=', (filter_var($x, FILTER_VALIDATE_FLOAT) ? 'Valid' : 'Not Valid'));
	d('validate=', filter_var($x, FILTER_VALIDATE_FLOAT));
	d('sanitize=', filter_var($x, FILTER_SANITIZE_NUMBER_FLOAT), "<br />\n");
}

run(0.5);	// init=float(0.5) | bool=string(5) "Valid" | validate=float(0.5) | sanitize=string(2) "05"
run('0.5');	// init=string(3) "0.5" | bool=string(5) "Valid" | validate=float(0.5) | sanitize=string(2) "05"



Expected result:
----------------
run(0.5);	// ... | sanitize=float(0.5)
run('0.5');	// ... | sanitize=float(0.5)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-01-12 02:16 UTC] vadz77 at hotmail dot com 
I don't think this is a bug. `FILTER_SANITIZE_NUMBER_FLOAT` should just sanitize a string and return as a string. E.g. http://codepad.org/T690Wdad
 [2016-01-12 12:10 UTC] Cyb at Cyb10101 dot de 
I just think, as soon as I have a float or integer, it does not make much sense to have a string.
Finally, it is indeed cleaned, so you get a float or not?

Of course, there can convert with floatval.
That's why I'm not sure.

http://php.net/manual/de/function.floatval.php
 [2020-06-04 12:49 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2020-06-04 12:49 UTC] cmb@php.net 
FILTER_SANITIZE_NUMBER_FLOAT behaves as documented[1]:

| Remove all characters except digits, +- and optionally .,eE.

It does not return a float, because the result is not guaranteed
to be a valid numer, e.g. <https://3v4l.org/Kc0q7>.

[1] <https://www.php.net/manual/en/filter.filters.sanitize.php>
 [2020-06-04 16:29 UTC] cyb10101 at gmail dot com
-: Cyb at Cyb10101 dot de +: cyb10101 at gmail dot com
 [2020-06-04 16:29 UTC] cyb10101 at gmail dot com 
I think it's because it feels a little strange.
You always think of a float as a number with a comma.
Probably the point is if you enter a serial number: 123.456.789 => 123456789

But I think that will solve it:
filter_var($variable, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);

Anyway thank you. If you have no concerns, you can simply close the ticket.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 14:01:32 2024 UTC