Forum OpenACS Improvement Proposals (TIPs): template::data::validate::integer allows leading zeros

Collapse
1: template::data::validate::integer allows leading zeros
Posted by Ryan Gallimore on 04/16/10 08:10 PM
This integer validation proc allows numbers with leading zeros such as 000111 or +00123. Thanks to Jim for finding this bug.

regexp {^[+-]?\d+$} $value

I suggest making small tweak in the regexp to use this instead:

regexp {^[+-]?(?!0+)\d+$} $value

Collapse
2: Re: template::data::validate::integer allows leading zeros (response to 1)
Posted by Don Baccus on 04/16/10 08:21 PM
Leading zeroes in the absence of an explicit sign should be allowed. They should only be disallowed in the presence of an explicit sign.

000111 is a legal integer in most programming languages.

-000111 or +000111 ... not so much so.

Collapse
3: Re: template::data::validate::integer allows leading zeros (response to 2)
Posted by Gustaf Neumann on 04/17/10 01:00 PM
Be aware that 08 and 09 (with or without explicit sign) are invalid number-strings in Tcl. Don's example of 000111 is a valid number-string in Tcl, but its value is most likely not what an end user might expect (try e.g. [expr {000111 + 1}]).

The main question is against what kind of error a developer expects that template::data::validate::integer protects against: should be the number an integer number in the mathematical sense, is it an integer that can be used for computations in Tcl, or is it an integer in the sense of the database backend. As long there is a single validation function, only the intersection of the three definitions would be safe.

According to the documentation http://www.openacs.org/api-doc/proc-view?proc=template%3a%3adata%3a%3avalidate%3a%3ainteger, leading zeros are not excluded, neither with or without sign.

Collapse
4: Re: template::data::validate::integer allows leading zeros (response to 3)
Posted by Don Baccus on 04/17/10 01:33 PM
Oh, Tcl implements the stupid leading-zero-is-octal convention? What hell hath C wrought. SQL, coming from the Pascal heritage, doesn't implement that devil-spawn of a convention :)

OK, then disallowing numbers with leading zeros is fine.

Collapse
5: Re: template::data::validate::integer allows leading zeros (response to 4)
Posted by Dave Bauer on 04/17/10 05:33 PM
string is integer exists now, so that seems like a logical choice to validate integers now.
Collapse
6: Re: template::data::validate::integer allows leading zeros (response to 5)
Posted by Gustaf Neumann on 04/18/10 07:43 AM
string is integer does not solve the discussed problem.

set x 0111; puts [expr {[string is integer $x] ? $x : 0}]

outputs 73

Cheers, -gustaf neumann