Gubbins Posted January 16, 2010 Share Posted January 16, 2010 Hi, Can anyone show me how to modify this peice of code so symbols like + and - cannot be used? if ( ($bet < 0) || !(is_numeric($bet)) ){ $error = "One or more of your bet(s) was invalid."; error($error); } Quote Link to comment Share on other sites More sharing options...
Felex Posted January 16, 2010 Share Posted January 16, 2010 can you explain a bit more ? because, there is no need to exclude symbols from $bet variable. Anyway, this code only works if $bet is a number... it means, symbols must be away from $bet... Quote Link to comment Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 ok well its from a roulette script and i need to stop people using the + or - symbols as it can be exploited and i thought by modifying that line of code would do the trick. so if zero, - or + was used it would return the error as "One or more of your bet(s) was invalid." Quote Link to comment Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 Any ideas of what i need to do please? Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted January 16, 2010 Share Posted January 16, 2010 You could use regex to see if $bet only contains numbers, if ( $bet < 0 || preg_match('/[^0-9]+/', $bet) ){ $error = "One or more of your bet(s) was invalid."; error($error); } Quote Link to comment Share on other sites More sharing options...
Gubbins Posted January 16, 2010 Author Share Posted January 16, 2010 You could use regex to see if $bet only contains numbers, if ( $bet < 0 || preg_match('/[^0-9]+/', $bet) ){ $error = "One or more of your bet(s) was invalid."; error($error); } umm it didnt work, i just tested it and it let me use the minus sign, any ideas? Quote Link to comment Share on other sites More sharing options...
mattal999 Posted January 16, 2010 Share Posted January 16, 2010 $bet = (int) $bet; if($bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } Quote Link to comment Share on other sites More sharing options...
oni-kun Posted January 16, 2010 Share Posted January 16, 2010 Mattal, you cannot typecast a string into an int, as it would hide the error (allowing a-z to be parsed in the conditional statement). Try this: $bet = -20; $bet = abs($bet); if(!is_numeric($bet) || $bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } It will remove the +- from the string, as the absolute (abs) function is supposed to do, and then check based upon if it is above zero, and is numeric. Quote Link to comment Share on other sites More sharing options...
Gubbins Posted January 17, 2010 Author Share Posted January 17, 2010 Mattal, you cannot typecast a string into an int, as it would hide the error (allowing a-z to be parsed in the conditional statement). Try this: $bet = -20; $bet = abs($bet); if(!is_numeric($bet) || $bet < 0) { $error = "One or more of your bet(s) was invalid."; error($error); } It will remove the +- from the string, as the absolute (abs) function is supposed to do, and then check based upon if it is above zero, and is numeric. Thank you for trying but it still lets me use the minus sign to make a bet thus exploiting the game for cheaters. I dont know what to do next? Quote Link to comment Share on other sites More sharing options...
mattal999 Posted January 17, 2010 Share Posted January 17, 2010 Then the issue is not with that part of the code. That could WORKS, as I tested it on a local server. Show us the full code please. Quote Link to comment Share on other sites More sharing options...
oni-kun Posted January 17, 2010 Share Posted January 17, 2010 Yes, You are aware that a radifying integer will be absolute, as the absolute function is used for. The minus will not appear if what you've posted is truly your code, It is impossible. What exactly are you testing? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.