Expression template for DB_ID validator has unnecessary single quotes around first argument to bccomp():

define('DB_ID',		"({}>=0&&bccomp('{}',\"10000000000000000000\")<0)&&");

When actually used in validation process, it produces following PHP code in function calc_exp2():

return (($_REQUEST["qqq"]["0"]>=0&&bccomp('$_REQUEST["qqq"]["0"]',"10000000000000000000")<0)) ? 1 : 0;

Expression part with bccomp() in it will always evaluate to true, regardless of value in request.