Faks Posted October 11, 2010 Share Posted October 11, 2010 I was thinking for some time and came up with this code if ($id =(int)($_GET['id'])) (trim(isset($_GET['id']))) && abs(intval($_GET['id'])); i understand very well what code do but i think it can be optimized too any suggest will be good Link to comment https://forums.phpfreaks.com/topic/215643-about-get/ Share on other sites More sharing options...
AbraCadaver Posted October 11, 2010 Share Posted October 11, 2010 I was thinking for some time and came up with this code if ($id =(int)($_GET['id'])) (trim(isset($_GET['id']))) && abs(intval($_GET['id'])); i understand very well what code do but i think it can be optimized too any suggest will be good What do you think this code is doing??? Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121207 Share on other sites More sharing options...
Faks Posted October 11, 2010 Author Share Posted October 11, 2010 I was thinking for some time and came up with this code if ($id =(int)($_GET['id'])) (trim(isset($_GET['id']))) && abs(intval($_GET['id'])); i understand very well what code do but i think it can be optimized too any suggest will be good What do you think this code is doing??? at begining code is converted to int (numbers only) then it strips whitespaces then it if it is true it will show information, but after and i think i did a mistake cause abs and intval is useless because in begging ii all ready converted $id to numbers only . Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121208 Share on other sites More sharing options...
AbraCadaver Posted October 11, 2010 Share Posted October 11, 2010 The only thing this code does is, if it exits assign $_GET['id'] to $id and cast it to an integer. If $_GET['id'] doesn't exist then $id = 0 and you get a notice. The rest of the code does nothing. What are you wanting to do? Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121210 Share on other sites More sharing options...
rwwd Posted October 11, 2010 Share Posted October 11, 2010 By the looks of it you are tying to see if the value passed by url is an int, and a whole one at that. In which case, something like this would be ok:- $id = ((isset($_GET['id'])) && (ctype_digit($_GET['id'])) ? (int)$_GET['id'] : ''); so would this:- $id = ((isset($_GET['id'])) && (preg_match("/^\d+$/", $_GET['id'])) ? (int)$_GET['id'] : ''); <- I think the regex is right anyway! You get the idea. Don't forget that (int) isn't really the preferred way of doing this, and is only really used to force numerical values to be whole numbers, I do similar to this on my pagination class, it scratches the itch.. Rw Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121212 Share on other sites More sharing options...
Faks Posted October 11, 2010 Author Share Posted October 11, 2010 By the looks of it you are tying to see if the value passed by url is an int, and a whole one at that. In which case, something like this would be ok:- $id = ((isset($_GET['id'])) && (ctype_digit($_GET['id'])) ? (int)$_GET['id'] : ''); so would this:- $id = ((isset($_GET['id'])) && (preg_match("/^\d+$/", $_GET['id'])) ? (int)$_GET['id'] : ''); <- I think the regex is right anyway! You get the idea. Don't forget that (int) isn't really the preferred way of doing this, and is only really used to force numerical values to be whole numbers, I do similar to this on my pagination class, it scratches the itch.. Rw thanks for examples too but i came up with even better code witch even attackers will drive off if ($id = ((isset($_GET['id'])) && (ctype_digit($_GET['id'])) ? (int)$_GET['id'] : '')) { true; } else { echo $redirect.false; } Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121217 Share on other sites More sharing options...
rwwd Posted October 11, 2010 Share Posted October 11, 2010 That wouldn't function as you are assigning in the if() evaluation, you need to evaluate! $id = ((isset($_GET['id'])) && (ctype_digit($_GET['id'])) ? (int)$_GET['id'] : ''); if ($id != ""){ //case is true true;//<-- your assigning true to nothing here? } else{ echo $redirect.false; } That sort of makes sense... Rw Link to comment https://forums.phpfreaks.com/topic/215643-about-get/#findComment-1121223 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.