php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #51245 Bug in filter_var with SimpleXMLElement
Submitted: 2010-03-09 11:36 UTC Modified: 2013-02-18 00:34 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: a dot dorn at sitesol dot de Assigned:
Status: No Feedback Package: Unknown/Other Function
PHP Version: 5.2.13 OS: WIN
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: a dot dorn at sitesol dot de
New email:
PHP Version: OS:

 

 [2010-03-09 11:36 UTC] a dot dorn at sitesol dot de
Description:
------------
In 5.2.1 we always received the string 'png' in example 2. It seems that filter_var does not call the "__toString" (or something similar) Method at least for SimpleXMLElement objects.

Example 3 is working correctly.



Test script:
---------------
class Benutzer
 {
     protected $name;
     public function __construct( $name )
      {
         $this->name = $name;
     }
     public function __toString()
     {
         return $this->name;
     }
 }
$benutzer = new Benutzer( 'TEST' );


$xmlstring = '<?xml version="1.0" encoding="iso-8859-1"?'.'><file uuid="samplefile_1234234646sdfsdf" 

name="openengine_logo" ext="png" status="released" action="update">
    <meta>
        <attribute key="title" value="Download A"/>
        <attribute key="product_name" value="Product A"/>
        <attribute key="product_name" value="Product B"/>
        <attribute key="product_name" value="Product C"/>
        <attribute key="product_family" value="Product Family A"/>
        <attribute key="product_version" value="1.0"/>
        <attribute key="group_main" value="Group A"/>
        <attribute key="group_sub" value="Group B"/>
        <attribute key="document_type" value="Image"/>
        <attribute key="document_type" value="Video"/>
        <attribute key="document_type" value="Audio"/>
        <attribute key="language" value="en"/>
        <attribute key="language" value="de"/>
        <attribute key="description" value="This is a sample file"/>
        <attribute key="release_date" value="2003-06-04T12:30:17"/>
    </meta>
    <auth folder="YYY"/>
    <user id="XXX"/>
</file>';

$xml = simplexml_load_string($xmlstring);

echo "\n###################################################\n";
echo "Testing filter_var with SimpleXMLElement Object\n";
echo "\n###################################################\n";


echo "\nExample 1";
echo "\n----------------------------\n";
echo "DUMP XML Attribute\n\n";
echo "Output:\n";
echo $xml["ext"];
echo "\n----------------------------\n";

echo "\nExample 2";
echo "\n----------------------------\n";
echo "Output filter_var\n\n";
echo "Result:\n";
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
echo "\n\nPROBLEM: in former versions as 5.2.1 result has been 'png'";
echo "\n----------------------------\n";

echo "\nExample 3";
echo "\n----------------------------\n";
echo "Output filter_var with active type switching\n\n";
echo "Result:\n";
echo var_dump(filter_var((string) $xml["ext"], FILTER_SANITIZE_STRING));
echo "\n----------------------------\n";

echo "\nExample 4";
echo "\n----------------------------\n";
echo "Output user object with __toString Method\n\n";
echo "Result:\n";
echo var_dump(filter_var($benutzer, FILTER_SANITIZE_STRING));
echo "\n----------------------------\n";

Expected result:
----------------
###################################################
Testing filter_var with SimpleXMLElement Objects

###################################################

Example 1
----------------------------
DUMP XML Attribute

Output:
png
----------------------------

Example 2
----------------------------
Output filter_var

Result:
string(3) "png"


PROBLEM: in former versions as 5.2.1 result has been 'png'
----------------------------

Example 3
----------------------------
Output filter_var with active type switching

Result:
string(3) "png"

----------------------------

Example 4
----------------------------
Output user object with __toString Method

Result:
string(4) "TEST"

----------------------------


Actual result:
--------------
###################################################
Testing filter_var with SimpleXMLElement Objects

###################################################

Example 1
----------------------------
DUMP XML Attribute

Output:
png
----------------------------

Example 2
----------------------------
Output filter_var

Result:
bool(false)


PROBLEM: in former versions as 5.2.1 result has been 'png'
----------------------------

Example 3
----------------------------
Output filter_var with active type switching

Result:
string(3) "png"

----------------------------

Example 4
----------------------------
Output user object with __toString Method

Result:
string(4) "TEST"

----------------------------


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-03-09 11:51 UTC] pajoye@php.net
-Status: Open +Status: Feedback
 [2010-03-09 11:51 UTC] pajoye@php.net
I don't see a difference betweeen the expected and actual results. Also if there is a problem with filter_var and __toString, please provide a simple script to reproduce it (small class + filter_var only).

Also try using 5.3.2 as I have fixed something related to toString there.
 [2010-03-09 12:45 UTC] a dot dorn at sitesol dot de
***problematic code:
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));

***expected result (by version 5.2.1):
string(3) "png"

***result by version 5.2.12 and 5.2.13
bool(false)
 [2010-03-09 12:59 UTC] a dot dorn at sitesol dot de
the behavior in php 5.3.2 is the expected

string(3) "png"

:-)

will you offer a bugfix for php version 5.2.x?
 [2010-03-09 13:02 UTC] a dot dorn at sitesol dot de
Here is the small script:

$xmlstring = '<?xml version="1.0" encoding="iso-8859-1"?'.'><file ext="png">
    <user id="XXX"/>
</file>';

$xml = simplexml_load_string($xmlstring);

echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
 [2010-03-09 13:04 UTC] pajoye@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2010-03-09 13:05 UTC] pajoye@php.net
Did you try with 5.3.2 as well?

Also please provide a script without using simplexml as it is unrelated to this problem, if any.
 [2010-03-09 13:19 UTC] a dot dorn at sitesol dot de
@pajoye@php.net

please se my posts 

[2010-03-09 10:59 UTC] a dot dorn at sitesol dot de
no bug in 5.3.2

[2010-03-09 11:02 UTC] a dot dorn at sitesol dot de
example script


As my problem has been only occured with SimpleXMLElement object, please use (!!!) simple xml to reproduce the bug. 

My example script (three lines) again (with <?php ?>):

:-)

<?php
$xmlstring = '<?xml version="1.0" encoding="iso-8859-1"?'.'><file ext="png"><user id="XXX"/></file>';
$xml = simplexml_load_string($xmlstring);
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
?>
 [2013-02-18 00:34 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 13 03:01:28 2024 UTC