convert a '$_GET' hex value (string form) to hex int -- how?

Question

I suspect this might be a duplicate but lord if I can find it.

I need to convert a 'mostly' hex value passed in the _GET[] array from string to an actual hex integer. I say 'mostly' because the hex number passed in is not prepended with the "0x"

The most promising thing I tried and then raised the white flag on this problem was this -- 'azk' is the name of the GET[] parameter passed in:

   $timeStamp = filter_input(INPUT_GET, 'azk', FILTER_SANITIZE_STRING); 

   //FAILS FOR HEX -->  $test = (int)$timeStamp;
   //FAILS FOR HEX -->  $test =  0 + $timeStamp;

   $retval =  sscanf($timeStamp, '%x', $test);
   var_dump(gettype($test));
   var_dump($test);

Here's what happens: the user passes in an 'azk' value of 531cb6d6, which is in fact a hex value but not prepended with the '0x'.

Despite my instructions to sscanf() above -- note that I specifically instruct sscanf() to convert the value of 'timeStamp' into a hex value by way of the '%x' flag --

-- the $test value is shown, via the var_dump's above, as this:

   string(7) "integer" int(1394390742)   

The '1394390742' is not hex. I'm not seeing why, I specifically instruct sscanf to convert to %x hex value, but this '1394390742' is the base-10 (decimal) version of the base-16 (hexadecimal) value that got passed in, the 531cb6d6 value. In other words, using "%x" is converting hex to decimal. Not sure if that is a bug, a setting in the web server ini files somewhere, or a lack of my understanding of "%x".

The sscanf() is not all I've tried, this is not exhaustive but I tried things like this, to me the most obvious choice:

   // BOTH OF THESE FAIL TO PASS HEX CHARS, BOTH RETURN THIS:   53166
 $timeStamp = filter_input(INPUT_GET, 'azk', FILTER_SANITIZE_NUMBER_INT,
                             FILTER_FLAG_ALLOW_HEX);

 $timeStamp = filter_input(INPUT_GET, 'azk', FILTER_VALIDATE_INT, 
                             FILTER_FLAG_ALLOW_HEX);

I've looked at a bunch of SO posts, I can't believe this isn't covered, but I can't find it. If someone knows how to pull this off -- convert a hex value passed by the _GET as a string, then convert to a hex value -- I would be in your debt.

Answer 1

As var_dump shows, the variable $test contains an integer.
PHP is converting the integer back to a decimal string just so it can show it, but the integer itself is not intrinsically decimal, nor hex. Those are just two possible representations of the same value.
If you want to output the value back as an hex string, you can use one of these:

echo dechex($test);
printf("%x", $test);

Edit: I saw your comments, you don't need to cast as int:
1) hexdec takes the string and returns an integer
2) ...do the math using integers...
3) dechex takes the result as integer an returns a string

Answer 2

You can use the hexdec() function:

$timeStamp = hexdec('531cb6d6'); // 1394390742

If you want to sanitize the string before using it then you can create your own filter using a callback:

$hexTimestamp = filter_input(INPUT_GET, 'azk', FILTER_CALLBACK, array(
    'options' => function($str) {
        return ctype_xdigit($str) ? $str : 0;
    }
));
$timeStamp = hexdec('531cb6d6');

If you not going to use the HEX value then you could also convert it to an integer as part of the sanitizing:

$timestamp = filter_input(INPUT_GET, 'azk', FILTER_CALLBACK, array(
    'options' => function($str) {
        return ctype_xdigit($str) ? hexdec($str) : false;
    }
));

Edit:

Okay, I am getting confused, I think. You have a HEX input and you want to turn it into a "HEX number". I am not sure I understand what you mean.

If you want the input HEX value to become a "real" PHP HEX value, like 0x531cb6d6, then you are mistaken about how PHP works. When PHP sees a HEX constant, like 0x531cb6d6, then it immediately converts it to an integer. PHP does not use HEX numbers; HEX notation is just a way of representing a number, and it not actually a type of number distinct from integers.

If you want the input HEX value, "531cb6d6", to look like a HEX value with the 0x prefix then you can just add it: '0x'.$timeStamp.

Not sure if I answered your question.