php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #71319 FILTER_SANITIZE_NUMBER_FLOAT return float instead of string
Submitted: 2016-01-09 12:40 UTC Modified: 2020-06-04 16:29 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: cyb10101 at gmail dot com Assigned: cmb (profile)
Status: Not a bug Package: Filter related
PHP Version: 5.5.31 OS: Ubuntu 14.04
Private report: No CVE-ID: None
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
23 + 21 = ?
Subscribe to this entry?

 
 [2016-01-09 12:40 UTC] cyb10101 at gmail dot com
Description:
------------
Hi, I'm not sure if that's a bug.
The function filter_var($x, FILTER_SANITIZE_NUMBER_FLOAT) should not return a float instead string?

Kind regards, Cyb10101

Test script:
---------------
<?php
function d($a = '', $x, $z = ' | ') {echo $a; var_dump($x); echo $z;}
function run($x) {
	d('init=', $x);
	d('bool=', (filter_var($x, FILTER_VALIDATE_FLOAT) ? 'Valid' : 'Not Valid'));
	d('validate=', filter_var($x, FILTER_VALIDATE_FLOAT));
	d('sanitize=', filter_var($x, FILTER_SANITIZE_NUMBER_FLOAT), "<br />\n");
}

run(0.5);	// init=float(0.5) | bool=string(5) "Valid" | validate=float(0.5) | sanitize=string(2) "05"
run('0.5');	// init=string(3) "0.5" | bool=string(5) "Valid" | validate=float(0.5) | sanitize=string(2) "05"



Expected result:
----------------
run(0.5);	// ... | sanitize=float(0.5)
run('0.5');	// ... | sanitize=float(0.5)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-01-12 02:16 UTC] vadz77 at hotmail dot com
I don't think this is a bug. `FILTER_SANITIZE_NUMBER_FLOAT` should just sanitize a string and return as a string. E.g. http://codepad.org/T690Wdad
 [2016-01-12 12:10 UTC] Cyb at Cyb10101 dot de
I just think, as soon as I have a float or integer, it does not make much sense to have a string.
Finally, it is indeed cleaned, so you get a float or not?

Of course, there can convert with floatval.
That's why I'm not sure.

http://php.net/manual/de/function.floatval.php
 [2020-06-04 12:49 UTC] cmb@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2020-06-04 12:49 UTC] cmb@php.net
FILTER_SANITIZE_NUMBER_FLOAT behaves as documented[1]:

| Remove all characters except digits, +- and optionally .,eE.

It does not return a float, because the result is not guaranteed
to be a valid numer, e.g. <https://3v4l.org/Kc0q7>.

[1] <https://www.php.net/manual/en/filter.filters.sanitize.php>
 [2020-06-04 16:29 UTC] cyb10101 at gmail dot com
-: Cyb at Cyb10101 dot de +: cyb10101 at gmail dot com
 [2020-06-04 16:29 UTC] cyb10101 at gmail dot com
I think it's because it feels a little strange.
You always think of a float as a number with a comma.
Probably the point is if you enter a serial number: 123.456.789 => 123456789

But I think that will solve it:
filter_var($variable, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);

Anyway thank you. If you have no concerns, you can simply close the ticket.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 07 05:01:29 2024 UTC