php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #63804 Recommending the addition of a new filter - Date validation and sanitization
Submitted: 2012-12-19 10:35 UTC Modified: -
Votes:3
Avg. Score:4.0 ± 0.8
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:2 (66.7%)
From: rick dot sketchy+phpnet at gmail dot com Assigned:
Status: Open Package: Filter related
PHP Version: 5.4.9 OS: ALL
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2012-12-19 10:35 UTC] rick dot sketchy+phpnet at gmail dot com
Description:
------------
Lets assume you have a form, and you want the user to input a date. In this 
example, I'm going to use a UK formatted date (tho a US formatted or other format 
of date will work.

Lets say our user enters "01/12/2012" (1st Dec 2012) as their date. They hit 
submit on the form.

Currently if you wish to validate that date, you have to first sanitize it, Then 
to run the checkdate function, it needs the date to be split into month, day and 
year. This is all well and good, but now we've got to explode our date, check the 
exploded content is valid, then run checkdate.

Would it not be simpler to be able to do this:

filter_var($_POST['date'], FILTER_SANITIZE_DATE);

(A FILTER_VALIDATE_DATE) would also be handy here)

This would allow you to strip out having to explode the date string and run 
checkdate.

In the background, this would simply be doing a check to see the date format.

Alternatively, some sort of function to automatically detect a date format, and 
convert it to the gregorian date, which obviously for a date (without a time) is 
the preferable end result given that it will likely be stored in this format in a 
database. 


Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 09:01:30 2024 UTC