Edit report at http://bugs.php.net/bug.php?id=51245&edit=1
ID: 51245
Updated by: paj...@php.net
Reported by: a dot dorn at sitesol dot de
Summary: Bug in filter_var with SimpleXMLElement
Status: Feedback
Type: Bug
Package: Unknown/Other Function
Operating System: WIN
PHP Version: 5.2.13
New Comment:
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
Previous Comments:
------------------------------------------------------------------------
[2010-03-09 13:02:34] a dot dorn at sitesol dot de
Here is the small script:
$xmlstring = '<?xml version="1.0" encoding="iso-8859-1"?'.'><file
ext="png">
<user id="XXX"/>
</file>';
$xml = simplexml_load_string($xmlstring);
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
------------------------------------------------------------------------
[2010-03-09 12:59:47] a dot dorn at sitesol dot de
the behavior in php 5.3.2 is the expected
string(3) "png"
:-)
will you offer a bugfix for php version 5.2.x?
------------------------------------------------------------------------
[2010-03-09 12:45:35] a dot dorn at sitesol dot de
***problematic code:
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
***expected result (by version 5.2.1):
string(3) "png"
***result by version 5.2.12 and 5.2.13
bool(false)
------------------------------------------------------------------------
[2010-03-09 11:51:00] paj...@php.net
I don't see a difference betweeen the expected and actual results. Also
if there is a problem with filter_var and __toString, please provide a
simple script to reproduce it (small class + filter_var only).
Also try using 5.3.2 as I have fixed something related to toString
there.
------------------------------------------------------------------------
[2010-03-09 11:36:02] a dot dorn at sitesol dot de
Description:
------------
In 5.2.1 we always received the string 'png' in example 2. It seems that
filter_var does not call the "__toString" (or something similar) Method
at least for SimpleXMLElement objects.
Example 3 is working correctly.
Test script:
---------------
class Benutzer
{
protected $name;
public function __construct( $name )
{
$this->name = $name;
}
public function __toString()
{
return $this->name;
}
}
$benutzer = new Benutzer( 'TEST' );
$xmlstring = '<?xml version="1.0" encoding="iso-8859-1"?'.'><file
uuid="samplefile_1234234646sdfsdf"
name="openengine_logo" ext="png" status="released" action="update">
<meta>
<attribute key="title" value="Download A"/>
<attribute key="product_name" value="Product A"/>
<attribute key="product_name" value="Product B"/>
<attribute key="product_name" value="Product C"/>
<attribute key="product_family" value="Product Family A"/>
<attribute key="product_version" value="1.0"/>
<attribute key="group_main" value="Group A"/>
<attribute key="group_sub" value="Group B"/>
<attribute key="document_type" value="Image"/>
<attribute key="document_type" value="Video"/>
<attribute key="document_type" value="Audio"/>
<attribute key="language" value="en"/>
<attribute key="language" value="de"/>
<attribute key="description" value="This is a sample file"/>
<attribute key="release_date" value="2003-06-04T12:30:17"/>
</meta>
<auth folder="YYY"/>
<user id="XXX"/>
</file>';
$xml = simplexml_load_string($xmlstring);
echo "\n###################################################\n";
echo "Testing filter_var with SimpleXMLElement Object\n";
echo "\n###################################################\n";
echo "\nExample 1";
echo "\n----------------------------\n";
echo "DUMP XML Attribute\n\n";
echo "Output:\n";
echo $xml["ext"];
echo "\n----------------------------\n";
echo "\nExample 2";
echo "\n----------------------------\n";
echo "Output filter_var\n\n";
echo "Result:\n";
echo var_dump(filter_var($xml["ext"], FILTER_SANITIZE_STRING));
echo "\n\nPROBLEM: in former versions as 5.2.1 result has been 'png'";
echo "\n----------------------------\n";
echo "\nExample 3";
echo "\n----------------------------\n";
echo "Output filter_var with active type switching\n\n";
echo "Result:\n";
echo var_dump(filter_var((string) $xml["ext"],
FILTER_SANITIZE_STRING));
echo "\n----------------------------\n";
echo "\nExample 4";
echo "\n----------------------------\n";
echo "Output user object with __toString Method\n\n";
echo "Result:\n";
echo var_dump(filter_var($benutzer, FILTER_SANITIZE_STRING));
echo "\n----------------------------\n";
Expected result:
----------------
###################################################
Testing filter_var with SimpleXMLElement Objects
###################################################
Example 1
----------------------------
DUMP XML Attribute
Output:
png
----------------------------
Example 2
----------------------------
Output filter_var
Result:
string(3) "png"
PROBLEM: in former versions as 5.2.1 result has been 'png'
----------------------------
Example 3
----------------------------
Output filter_var with active type switching
Result:
string(3) "png"
----------------------------
Example 4
----------------------------
Output user object with __toString Method
Result:
string(4) "TEST"
----------------------------
Actual result:
--------------
###################################################
Testing filter_var with SimpleXMLElement Objects
###################################################
Example 1
----------------------------
DUMP XML Attribute
Output:
png
----------------------------
Example 2
----------------------------
Output filter_var
Result:
bool(false)
PROBLEM: in former versions as 5.2.1 result has been 'png'
----------------------------
Example 3
----------------------------
Output filter_var with active type switching
Result:
string(3) "png"
----------------------------
Example 4
----------------------------
Output user object with __toString Method
Result:
string(4) "TEST"
----------------------------
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=51245&edit=1
