Gubbins Posted January 16, 2010 Share Posted January 16, 2010 Hi, Can anyone show me how to modify this peice of code so symbols like + and - cannot be used? if ( ($bet < 0) || !(is_numeric($bet)) ){ $error = "One or more of your bet(s) was invalid."; error($error); } Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/ Share on other sites More sharing options...
Felex Posted January 16, 2010 Share Posted January 16, 2010 can you explain a bit more ? because, there is no need to exclude symbols from $bet variable. Anyway, this code only works if $bet is a number... it means, symbols must be away from $bet... Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996068 Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 ok well its from a roulette script and i need to stop people using the + or - symbols as it can be exploited and i thought by modifying that line of code would do the trick. so if zero, - or + was used it would return the error as "One or more of your bet(s) was invalid." Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996069 Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 Any ideas of what i need to do please? Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996168 Share on other sites More sharing options...
wildteen88 Posted January 16, 2010 Share Posted January 16, 2010 You could use regex to see if $bet only contains numbers, if ( $bet < 0 || preg_match('/[^0-9]+/', $bet) ){ $error = "One or more of your bet(s) was invalid."; error($error); } Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996208 Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 You could use regex to see if $bet only contains numbers, if ( $bet < 0 || preg_match('/[^0-9]+/', $bet) ){ $error = "One or more of your bet(s) was invalid."; error($error); } umm it didnt work, i just tested it and it let me use the minus sign, any ideas? Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996218 Share on other sites More sharing options...
mattal999 Posted January 16, 2010 Share Posted January 16, 2010 $bet = (int) $bet; if($bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996258 Share on other sites More sharing options...
oni-kun Posted January 16, 2010 Share Posted January 16, 2010 Mattal, you cannot typecast a string into an int, as it would hide the error (allowing a-z to be parsed in the conditional statement). Try this: $bet = -20; $bet = abs($bet); if(!is_numeric($bet) || $bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } It will remove the +- from the string, as the absolute (abs) function is supposed to do, and then check based upon if it is above zero, and is numeric. Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996261 Share on other sites More sharing options...
Gubbins Posted January 17, 2010 Author Share Posted January 17, 2010 Mattal, you cannot typecast a string into an int, as it would hide the error (allowing a-z to be parsed in the conditional statement). Try this: $bet = -20; $bet = abs($bet); if(!is_numeric($bet) || $bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } It will remove the +- from the string, as the absolute (abs) function is supposed to do, and then check based upon if it is above zero, and is numeric. Thank you for trying but it still lets me use the minus sign to make a bet thus exploiting the game for cheaters. I dont know what to do next? Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996633 Share on other sites More sharing options...
mattal999 Posted January 17, 2010 Share Posted January 17, 2010 Then the issue is not with that part of the code. That could WORKS, as I tested it on a local server. Show us the full code please. Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996663 Share on other sites More sharing options...
oni-kun Posted January 17, 2010 Share Posted January 17, 2010 Yes, You are aware that a radifying integer will be absolute, as the absolute function is used for. The minus will not appear if what you've posted is truly your code, It is impossible. What exactly are you testing? Link to comment https://forums.phpfreaks.com/topic/188678-no-symbols/#findComment-996667 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.