Req #49510 [Com]: boolean validation fails with FILTER_NULL_ON_FAILURE
Edit report at https://bugs.php.net/bug.php?id=49510&edit=1 ID: 49510 Comment by: pgarvin76 at gmail dot com Reported by:m dot kurzyna at crystalpoint dot pl Summary:boolean validation fails with FILTER_NULL_ON_FAILURE Status: Assigned Type: Feature/Change Request Package:Filter related Operating System: Linux PHP Version:5.3.0 Assigned To:pajoye Block user comment: N Private report: N New Comment: Never mind my last comment. I was using the wrong executable when running the tests. The fix works. However, this patch was not merged into the 5.3 branch. Can we get it merged for 5.3.19? Previous Comments: [2012-10-26 03:32:23] pgarvin76 at gmail dot com There was a fix committed in branch 5.4.8 (a26390ef0c22be3637795d9b5ab1c445e1d3f847). But the problem still persists for me. The test file (bug49510.phpt) fails on my fresh build. [2012-09-12 20:22:38] dernelson at corelogic dot com The question the developer is asking filter_var() is: "is boolean FALSE a valid boolean", and the answer filter_var() is giving back is "nope." Regardless of the technical details underlying the implementation, there is an obvious problem here. Short of changing PHP so that (string)FALSE === '0' (hah), I would suggest an explicit test case for boolean FALSE values, so that the function can return boolean FALSE in those cases, instead of NULL. [2012-07-15 04:57:34] s...@php.net Filters operate on strings. So any value that is passed to the filter_var() will be coerced into string. This means (boolean)false and '' is exactly the same for the filter. And that means the callbacks will be receiving strings too. Now, the docs specifically say '' is a valid value for "boolean" filter and is converted to false, so '' should not return NULL with FILTER_NULL_ON_FAILURE I guess since it's documented not to be failure value. [2012-06-24 00:34:38] 2072 at teaser dot fr Knowing this issue I wanted to make a boolean validation filter of my own using FILTER_CALLBACK but it suffers from the same problem, these filters are not "boolean safe". It appears that what is to be validated is first converted to a string. So when given (bool)true my callback actually receives (string)'1' and (string)'' when given (bool)false. There is definitely something wrong. (I'm using PHP 5.3.8) [2010-09-01 13:55:06] schkovich at gmail dot com filter_var(false,FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) // got NULL, expected false That does not make sense at all! Further on, I have to agree with m.kurzyna that since false === (bool)"" filter_var("",FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) should return FALSE and not NULL. Basically, as implemented, getting FALSE from filter_var(false,FILTER_VALIDATE_BOOLEAN) means that validation failed. It appears to be a design problem since filter_var() as specified will return FALSE if the filter fails making it impossible to distinguish if filter failed or valid FALSE value is returned. Therefore, instead returning FALSE if filter fails perhaps warning could be issued or even better exception thrown. On addition when voting I've wrongly selected that I am not using the same version and the same operating system. Correct ones are: PHP Version => 5.3.2-1ubuntu4.2 System => Linux schkovich 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:21:58 UTC 2010 x86_64 The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=49510 -- Edit this bug report at https://bugs.php.net/bug.php?id=49510&edit=1
Req #49510 [Com]: boolean validation fails with FILTER_NULL_ON_FAILURE
Edit report at https://bugs.php.net/bug.php?id=49510&edit=1 ID: 49510 Comment by: pgarvin76 at gmail dot com Reported by:m dot kurzyna at crystalpoint dot pl Summary:boolean validation fails with FILTER_NULL_ON_FAILURE Status: Assigned Type: Feature/Change Request Package:Filter related Operating System: Linux PHP Version:5.3.0 Assigned To:pajoye Block user comment: N Private report: N New Comment: There was a fix committed in branch 5.4.8 (a26390ef0c22be3637795d9b5ab1c445e1d3f847). But the problem still persists for me. The test file (bug49510.phpt) fails on my fresh build. Previous Comments: [2012-09-12 20:22:38] dernelson at corelogic dot com The question the developer is asking filter_var() is: "is boolean FALSE a valid boolean", and the answer filter_var() is giving back is "nope." Regardless of the technical details underlying the implementation, there is an obvious problem here. Short of changing PHP so that (string)FALSE === '0' (hah), I would suggest an explicit test case for boolean FALSE values, so that the function can return boolean FALSE in those cases, instead of NULL. [2012-07-15 04:57:34] s...@php.net Filters operate on strings. So any value that is passed to the filter_var() will be coerced into string. This means (boolean)false and '' is exactly the same for the filter. And that means the callbacks will be receiving strings too. Now, the docs specifically say '' is a valid value for "boolean" filter and is converted to false, so '' should not return NULL with FILTER_NULL_ON_FAILURE I guess since it's documented not to be failure value. [2012-06-24 00:34:38] 2072 at teaser dot fr Knowing this issue I wanted to make a boolean validation filter of my own using FILTER_CALLBACK but it suffers from the same problem, these filters are not "boolean safe". It appears that what is to be validated is first converted to a string. So when given (bool)true my callback actually receives (string)'1' and (string)'' when given (bool)false. There is definitely something wrong. (I'm using PHP 5.3.8) [2010-09-01 13:55:06] schkovich at gmail dot com filter_var(false,FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) // got NULL, expected false That does not make sense at all! Further on, I have to agree with m.kurzyna that since false === (bool)"" filter_var("",FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) should return FALSE and not NULL. Basically, as implemented, getting FALSE from filter_var(false,FILTER_VALIDATE_BOOLEAN) means that validation failed. It appears to be a design problem since filter_var() as specified will return FALSE if the filter fails making it impossible to distinguish if filter failed or valid FALSE value is returned. Therefore, instead returning FALSE if filter fails perhaps warning could be issued or even better exception thrown. On addition when voting I've wrongly selected that I am not using the same version and the same operating system. Correct ones are: PHP Version => 5.3.2-1ubuntu4.2 System => Linux schkovich 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:21:58 UTC 2010 x86_64 [2009-09-10 11:24:37] m dot kurzyna at crystalpoint dot pl As much as i'd like to have empty string be invalid false cast i have to disagree with you for consistency reasons. If (boolean)'' == false then filter_var('','boolean') should also return false. Both in general and in case of FILTER_NULL_ON_FAILURE (just like the documentation states). Also, because i can't stress it enough, this is a VALIDATOR not a SANITIZER so using it as a strict caster is secondary to it's validation purpose and as such it currently fails both on implied and explicit behavior. The ideal solution would be to have FILTER_VALIDATE_BOOLEAN roughly equal to current behavior with FILTER_NULL_ON_FAILURE and a *seperate* FILTER_SANITIZE_BOOLEAN similar to current behavior w/o the null failure flag. This however probably is impossible due to BC. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=49510 -- Edit this bug report at https://bugs.php.net/bug.php?id=49510&edit=1
Req #49510 [Com]: boolean validation fails with FILTER_NULL_ON_FAILURE
Edit report at https://bugs.php.net/bug.php?id=49510&edit=1 ID: 49510 Comment by: dernelson at corelogic dot com Reported by:m dot kurzyna at crystalpoint dot pl Summary:boolean validation fails with FILTER_NULL_ON_FAILURE Status: Assigned Type: Feature/Change Request Package:Filter related Operating System: Linux PHP Version:5.3.0 Assigned To:pajoye Block user comment: N Private report: N New Comment: The question the developer is asking filter_var() is: "is boolean FALSE a valid boolean", and the answer filter_var() is giving back is "nope." Regardless of the technical details underlying the implementation, there is an obvious problem here. Short of changing PHP so that (string)FALSE === '0' (hah), I would suggest an explicit test case for boolean FALSE values, so that the function can return boolean FALSE in those cases, instead of NULL. Previous Comments: [2012-07-15 04:57:34] s...@php.net Filters operate on strings. So any value that is passed to the filter_var() will be coerced into string. This means (boolean)false and '' is exactly the same for the filter. And that means the callbacks will be receiving strings too. Now, the docs specifically say '' is a valid value for "boolean" filter and is converted to false, so '' should not return NULL with FILTER_NULL_ON_FAILURE I guess since it's documented not to be failure value. [2012-06-24 00:34:38] 2072 at teaser dot fr Knowing this issue I wanted to make a boolean validation filter of my own using FILTER_CALLBACK but it suffers from the same problem, these filters are not "boolean safe". It appears that what is to be validated is first converted to a string. So when given (bool)true my callback actually receives (string)'1' and (string)'' when given (bool)false. There is definitely something wrong. (I'm using PHP 5.3.8) [2010-09-01 13:55:06] schkovich at gmail dot com filter_var(false,FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) // got NULL, expected false That does not make sense at all! Further on, I have to agree with m.kurzyna that since false === (bool)"" filter_var("",FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) should return FALSE and not NULL. Basically, as implemented, getting FALSE from filter_var(false,FILTER_VALIDATE_BOOLEAN) means that validation failed. It appears to be a design problem since filter_var() as specified will return FALSE if the filter fails making it impossible to distinguish if filter failed or valid FALSE value is returned. Therefore, instead returning FALSE if filter fails perhaps warning could be issued or even better exception thrown. On addition when voting I've wrongly selected that I am not using the same version and the same operating system. Correct ones are: PHP Version => 5.3.2-1ubuntu4.2 System => Linux schkovich 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:21:58 UTC 2010 x86_64 [2009-09-10 11:24:37] m dot kurzyna at crystalpoint dot pl As much as i'd like to have empty string be invalid false cast i have to disagree with you for consistency reasons. If (boolean)'' == false then filter_var('','boolean') should also return false. Both in general and in case of FILTER_NULL_ON_FAILURE (just like the documentation states). Also, because i can't stress it enough, this is a VALIDATOR not a SANITIZER so using it as a strict caster is secondary to it's validation purpose and as such it currently fails both on implied and explicit behavior. The ideal solution would be to have FILTER_VALIDATE_BOOLEAN roughly equal to current behavior with FILTER_NULL_ON_FAILURE and a *seperate* FILTER_SANITIZE_BOOLEAN similar to current behavior w/o the null failure flag. This however probably is impossible due to BC. [2009-09-10 11:09:43] sjo...@php.net I agree that filter_var() should return null for the empty string. I think that this usage of filter_var() is meant to convert string representations of booleans to boolean values. That is, "true", "on", "1", "false", "off" and "0" should be converted, other strings should return null. The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=49510 -- Edit this bug report at https://bugs.php.net/bug.php?id=49510&edit=1
Req #49510 [Com]: boolean validation fails with FILTER_NULL_ON_FAILURE
Edit report at https://bugs.php.net/bug.php?id=49510&edit=1 ID: 49510 Comment by: 2072 at teaser dot fr Reported by:m dot kurzyna at crystalpoint dot pl Summary:boolean validation fails with FILTER_NULL_ON_FAILURE Status: Assigned Type: Feature/Change Request Package:Filter related Operating System: Linux PHP Version:5.3.0 Assigned To:pajoye Block user comment: N Private report: N New Comment: Knowing this issue I wanted to make a boolean validation filter of my own using FILTER_CALLBACK but it suffers from the same problem, these filters are not "boolean safe". It appears that what is to be validated is first converted to a string. So when given (bool)true my callback actually receives (string)'1' and (string)'' when given (bool)false. There is definitely something wrong. (I'm using PHP 5.3.8) Previous Comments: [2010-09-01 13:55:06] schkovich at gmail dot com filter_var(false,FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) // got NULL, expected false That does not make sense at all! Further on, I have to agree with m.kurzyna that since false === (bool)"" filter_var("",FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) should return FALSE and not NULL. Basically, as implemented, getting FALSE from filter_var(false,FILTER_VALIDATE_BOOLEAN) means that validation failed. It appears to be a design problem since filter_var() as specified will return FALSE if the filter fails making it impossible to distinguish if filter failed or valid FALSE value is returned. Therefore, instead returning FALSE if filter fails perhaps warning could be issued or even better exception thrown. On addition when voting I've wrongly selected that I am not using the same version and the same operating system. Correct ones are: PHP Version => 5.3.2-1ubuntu4.2 System => Linux schkovich 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:21:58 UTC 2010 x86_64 [2009-09-10 11:24:37] m dot kurzyna at crystalpoint dot pl As much as i'd like to have empty string be invalid false cast i have to disagree with you for consistency reasons. If (boolean)'' == false then filter_var('','boolean') should also return false. Both in general and in case of FILTER_NULL_ON_FAILURE (just like the documentation states). Also, because i can't stress it enough, this is a VALIDATOR not a SANITIZER so using it as a strict caster is secondary to it's validation purpose and as such it currently fails both on implied and explicit behavior. The ideal solution would be to have FILTER_VALIDATE_BOOLEAN roughly equal to current behavior with FILTER_NULL_ON_FAILURE and a *seperate* FILTER_SANITIZE_BOOLEAN similar to current behavior w/o the null failure flag. This however probably is impossible due to BC. [2009-09-10 11:09:43] sjo...@php.net I agree that filter_var() should return null for the empty string. I think that this usage of filter_var() is meant to convert string representations of booleans to boolean values. That is, "true", "on", "1", "false", "off" and "0" should be converted, other strings should return null. [2009-09-10 09:05:53] m dot kurzyna at crystalpoint dot pl Personally i think it's just fine (empty string ain't false - if anything it's null) but in PHP world it is (both on PHP and C levels): (string)false = '' (boolean)'' == false Z_STRLEN_P(value) = 0 Oh, and there is this little documentation thingy you like to cite from time to time: If FILTER_NULL_ON_FAILURE is set, FALSE is returned only for "0", "false", "off", "no", and "", and NULL is returned for all non-boolean values. where empty string is explicitly stated as being false. [2009-09-10 08:57:29] sjo...@php.net Why do you think it is wrong that it returns null for an empty string? The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=49510 -- Edit this bug report at https://bugs.php.net/bug.php?id=49510&edit=1
Req #49510 [Com]: boolean validation fails with FILTER_NULL_ON_FAILURE
Edit report at http://bugs.php.net/bug.php?id=49510&edit=1 ID: 49510 Comment by: schkovich at gmail dot com Reported by:m dot kurzyna at crystalpoint dot pl Summary:boolean validation fails with FILTER_NULL_ON_FAILURE Status: Assigned Type: Feature/Change Request Package:Feature/Change Request Operating System: Linux PHP Version:5.3.0 Assigned To:pajoye Block user comment: N New Comment: filter_var(false,FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) // got NULL, expected false That does not make sense at all! Further on, I have to agree with m.kurzyna that since false === (bool)"" filter_var("",FILTER_VALIDATE_BOOLEAN,FILTER_NULL_ON_FAILURE) should return FALSE and not NULL. Basically, as implemented, getting FALSE from filter_var(false,FILTER_VALIDATE_BOOLEAN) means that validation failed. It appears to be a design problem since filter_var() as specified will return FALSE if the filter fails making it impossible to distinguish if filter failed or valid FALSE value is returned. Therefore, instead returning FALSE if filter fails perhaps warning could be issued or even better exception thrown. On addition when voting I've wrongly selected that I am not using the same version and the same operating system. Correct ones are: PHP Version => 5.3.2-1ubuntu4.2 System => Linux schkovich 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:21:58 UTC 2010 x86_64 Previous Comments: [2009-09-10 11:24:37] m dot kurzyna at crystalpoint dot pl As much as i'd like to have empty string be invalid false cast i have to disagree with you for consistency reasons. If (boolean)'' == false then filter_var('','boolean') should also return false. Both in general and in case of FILTER_NULL_ON_FAILURE (just like the documentation states). Also, because i can't stress it enough, this is a VALIDATOR not a SANITIZER so using it as a strict caster is secondary to it's validation purpose and as such it currently fails both on implied and explicit behavior. The ideal solution would be to have FILTER_VALIDATE_BOOLEAN roughly equal to current behavior with FILTER_NULL_ON_FAILURE and a *seperate* FILTER_SANITIZE_BOOLEAN similar to current behavior w/o the null failure flag. This however probably is impossible due to BC. [2009-09-10 11:09:43] sjo...@php.net I agree that filter_var() should return null for the empty string. I think that this usage of filter_var() is meant to convert string representations of booleans to boolean values. That is, "true", "on", "1", "false", "off" and "0" should be converted, other strings should return null. [2009-09-10 09:05:53] m dot kurzyna at crystalpoint dot pl Personally i think it's just fine (empty string ain't false - if anything it's null) but in PHP world it is (both on PHP and C levels): (string)false = '' (boolean)'' == false Z_STRLEN_P(value) = 0 Oh, and there is this little documentation thingy you like to cite from time to time: If FILTER_NULL_ON_FAILURE is set, FALSE is returned only for "0", "false", "off", "no", and "", and NULL is returned for all non-boolean values. where empty string is explicitly stated as being false. [2009-09-10 08:57:29] sjo...@php.net Why do you think it is wrong that it returns null for an empty string? [2009-09-10 08:53:11] m dot kurzyna at crystalpoint dot pl Actually it is broken even more then i initially reported because it also returns NULL for empty string: filter_var('',FILTER_VALIDATE_BOOLEAN,array('flags'=>FILTER_NULL_ON_FAILURE)) // got NULL, expected false The problem is in ext/filter/logical_filters.c(233) - the check is done by using string representation of zval being checked. For false value it's an empty string and the switch from line 244 doesn't cover this case (hence same result for false and empty string). Something along the lines of following patch should fix the problem: --- logical_filters.c 2009-06-10 21:01:17.0 +0200 +++ logical_filters.fixed.c 2009-09-10 10:48:59.953675880 +0200 @@ -242,6 +242,10 @@ * returns false for "0", "false", "off", "no", and "" * null otherwise. */ switch (len) { + case 0: + ret = 0; + break; + case 1: if (*str == '1') { ret = 1; On the side note: i was always wondering why (string)false == '' and not '0'? --