Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:65735
Return-Path: <glopes@nebm.ist.utl.pt>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 64224 invoked from network); 8 Feb 2013 21:35:14 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Feb 2013 21:35:14 -0000
Authentication-Results: pb1.pair.com header.from=glopes@nebm.ist.utl.pt; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=glopes@nebm.ist.utl.pt; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain nebm.ist.utl.pt from 193.136.128.21 cause and error)
X-PHP-List-Original-Sender: glopes@nebm.ist.utl.pt
X-Host-Fingerprint: 193.136.128.21 smtp1.ist.utl.pt Linux 2.6
Received: from [193.136.128.21] ([193.136.128.21:35856] helo=smtp1.ist.utl.pt)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 0C/45-18015-09F65115 for <internals@lists.php.net>; Fri, 08 Feb 2013 16:35:13 -0500
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp1.ist.utl.pt (Postfix) with ESMTP id 288C470003C6;
	Fri,  8 Feb 2013 21:35:09 +0000 (WET)
X-Virus-Scanned: by amavisd-new-2.6.4 (20090625) (Debian) at ist.utl.pt
Received: from smtp1.ist.utl.pt ([127.0.0.1])
	by localhost (smtp1.ist.utl.pt [127.0.0.1]) (amavisd-new, port 10025)
	with LMTP id qTCt7bYzIeQQ; Fri,  8 Feb 2013 21:35:08 +0000 (WET)
Received: from mail2.ist.utl.pt (mail.ist.utl.pt [IPv6:2001:690:2100:1::8])
	by smtp1.ist.utl.pt (Postfix) with ESMTP id 3BDE470003C0;
	Fri,  8 Feb 2013 21:35:07 +0000 (WET)
Received: from damnation.nl.lo.geleia.net (unknown [IPv6:2001:470:94a2:4:21d:baff:feee:cc0b])
	(Authenticated sender: ist155741)
	by mail2.ist.utl.pt (Postfix) with ESMTPSA id 6044B2002E31;
	Fri,  8 Feb 2013 21:35:05 +0000 (WET)
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
To: "'Patrick Schaaf'" <php@bof.de>, "internals@lists.php.net"
 <internals@lists.php.net>, "Frank Liepert" <Frank.Liepert@gmx.de>, hakre
 <hanskrentel@yahoo.de>
Cc: "'Derick Rethans'" <derick@php.net>, "'Martin Jansen'"
 <martin@divbyzero.net>
References: <510EA95F.40503@divbyzero.net>
 <alpine.DEB.2.02.1302031737430.5054@whisky.home.derickrethans.nl>
 <2835262.zO39iNXCyM@rofl> <002d01ce02c8$dbb6d430$93247c90$@Liepert@gmx.de>
 <op.wrzbosnpidpuyk@damnation.nl.lo.geleia.net>
 <1360350275.70839.YahooMailNeo@web133005.mail.ir2.yahoo.com>
 <op.wr7eq8pkidpuyk@damnation.nl.lo.geleia.net>
 <1360357762.54581.YahooMailNeo@web133003.mail.ir2.yahoo.com>
Date: Fri, 08 Feb 2013 22:35:01 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: Quoted-Printable
Organization: =?utf-8?Q?N=C3=BAcleo_de_Eng=2E_Biom=C3=A9di?=
 =?utf-8?Q?ca_do_I=2ES=2ET=2E?=
Message-ID: <op.wr7h8ntnidpuyk@damnation.nl.lo.geleia.net>
In-Reply-To: <1360357762.54581.YahooMailNeo@web133003.mail.ir2.yahoo.com>
User-Agent: Opera Mail/12.12 (Linux)
Subject: Re: AW: [PHP-DEV] FILTER_VALIDATE_INT and +0/-0
From: glopes@nebm.ist.utl.pt ("Gustavo Lopes")

On Fri, 08 Feb 2013 22:09:22 +0100, hakre <hanskrentel@yahoo.de> wrote:
> ----- Urspr=C3=BCngliche Message -----
>> Von: Gustavo Lopes <glopes@nebm.ist.utl.pt>
>>>   A special case still left is "=C2=B10". It is with the 'PLUS-MINUS=

>>> SIGN' (U+00B1).
>>
>> By special case, I meant a deviation to the general rule on how the  =

>> code handles the input. The code handles the characters 0-9 prefixed =
by  =

>> an optional sign.
>
> The general rule is to either allow + 'PLUS SIGN' (U+002B) and -   =

> 'HYPHEN-MINUS' (U+002D) for all positive natural numbers excluding zer=
o.
>
> The discussion is about to allow those as well for zero.

I was explaining what I meant by "special rule" (read the context), not =
 =

describing any concrete implementation. If you fail to see how a general=
  =

rule that does not include the (IMO completely unnecessary) zero exclusi=
on  =

is simpler and therefore a priori preferable, I surely won't be able to =
 =

convince you.

> The 'PLUS-MINUS SIGN' (U+00B1) is a relevant sign for the number zero =
in  =

> this context but it got unnoticed so far in the discussion.
>
> [...]
>
> Unicode is never irrelevant, it's used to communicate clearly and  =

> specifically about which signs I'm concerned about.
>
> Unicode does not classify "numeric characters", you probably meant  =

> 'Number, Decimal Digit', 'Symbol, Math [Sm]', 'Punctuation, Dash' or  =

> 'Number, Other' but it remains unspecified in your email. Would you  =

> please elaborate?

Elaborating is not necessary. The whole issue is irrelevant. This filter=
  =

was never meant to handle anything but those ASCII characters. From I ca=
n  =

tell from the docs, the only filters that deal with anything else are  =

FILTER_SANITIZE_FULL_SPECIAL_CHARS (uses default_charset),  =

FILTER_SANITIZE_STRING and FILTER_UNSAFE_RAW with ENCODE_HIGH (which see=
m  =

to assume ISO-8859-1). Does this mean ext/filter sucks? To a certain  =

extent.

> Otherwise I'd say it's important to document a note that the function =
is  =

> US-ASCII / ISO-8859-1 safe (only?) as this is string input validation.=

>

Feel free to fix the docs or open a bug report.

-- =

Gustavo Lopes