clay1 Posted February 15, 2010 Share Posted February 15, 2010 User clicks a URL which sends user to a page ie: event.php?id=1000 where id=the id of an event in my table What steps should I take to ensure that nothing nefarious is sent? Thanks Link to comment https://forums.phpfreaks.com/topic/192197-validate-_get-variable/ Share on other sites More sharing options...
premiso Posted February 15, 2010 Share Posted February 15, 2010 Check if the value is_numeric then static cast the var to int: $id = isset($_GET['id']) && is_numeric($_GET['id'])?(int) $_GET['id']:0; The ternary operator (? : ) act as a shortened if / else. So if the get id has been set and it is numeric cast the id to int, else set id to 0. Link to comment https://forums.phpfreaks.com/topic/192197-validate-_get-variable/#findComment-1012850 Share on other sites More sharing options...
clay1 Posted February 15, 2010 Author Share Posted February 15, 2010 Thanks! Link to comment https://forums.phpfreaks.com/topic/192197-validate-_get-variable/#findComment-1012854 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.