php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #75229 FILTER_VALIDATE_INT should allow 0 prefixes
Submitted: 2017-09-19 14:53 UTC Modified: 2017-09-20 08:31 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: thflori at gmail dot com Assigned:
Status: Open Package: Filter related
PHP Version: 7.1.9 OS: Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2017-09-19 14:53 UTC] thflori at gmail dot com
Description:
------------
Someone defined octal numbers are prefixed with a 0 but there is no mathematical theory that says a number with one or more 0 in front is not a number. When we now use filter_var to filter user input we have to tell the user that a number with 0 in front is not an integer. Or we use a more generic way like reg exp /^\d+$/ but I thought the filter_var is made for this propose.

Currently the problem is that users enter minutes and seconds with zeroes in front. It should indeed not be a float so to filter for integer is correct.

Test script:
---------------
var_dump(filter_var('03', FILTER_VALIDATE_INT));
var_dump(filter_var('+08', FILTER_VALIDATE_INT));
var_dump(filter_var('-010', FILTER_VALIDATE_INT));

Expected result:
----------------
int(3)
int(8)
int(-10)

Actual result:
--------------
false
false
false

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-09-19 16:15 UTC] derick@php.net
I don't believe we should change that. This filter is really for properly formatted numbers.
 [2017-09-20 08:31 UTC] cmb@php.net
> This filter is really for properly formatted numbers.

But FILTER_VALIDATE_FLOAT is not? (<https://3v4l.org/OC3UQ>)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 09:01:30 2024 UTC