ID: 40156 Updated by: [EMAIL PROTECTED] Reported By: pmjones88 at gmail dot com -Status: Open +Status: Bogus Bug Type: Filter related Operating System: Mac OS X PHP Version: 5.2.0 New Comment:
No, that's what the logical filters are for. Previous Comments: ------------------------------------------------------------------------ [2007-01-17 20:23:14] pmjones88 at gmail dot com Then it should at least fail when it realizes that the value isn't going to be useful as a float. Maybe I don't get it; a "sanitized" float should return as a "float". Otherwise you're just stripping non-numeric characters, which is not quote the same thing. ------------------------------------------------------------------------ [2007-01-17 20:12:06] [EMAIL PROTECTED] http://php.net/filter FILTER_SANITIZE_NUMBER_FLOAT - Remove all characters except digits, +- and optionally .,eE. It's not supposed to validate the result. ------------------------------------------------------------------------ [2007-01-17 20:11:15] [EMAIL PROTECTED] Use FILTER_VALIDATE_FLOAT if you like to validate a string and get a float value. Sanitizing filters only clean the string. ------------------------------------------------------------------------ [2007-01-17 20:01:27] pmjones88 at gmail dot com Description: ------------ When using FILTER_SANITIZE_NUMBER_FLOAT with FILTER_FLAG_ALLOW_FRACTION, it seems to allow any number of decimal points, not just a single decimal point. This results in an invalid value being reported as sanitized. Reproduce code: --------------- <?php $val = 'abc ... 123.45 ,.../'; $san = filter_var($val, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION); var_dump($san); ?> Expected result: ---------------- float 123.45 Actual result: -------------- string(12) "...123.45..." ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=40156&edit=1