dannyb785 Posted July 27, 2012 Share Posted July 27, 2012 Basically, the function I've been using to filter input to only integers is: function make_int($input) { return (int)$input; } But I was wondering if it was better to use regex like preg_match... is my way sufficient or perhaps is one or the other harder on resources? Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/ Share on other sites More sharing options...
Psycho Posted July 27, 2012 Share Posted July 27, 2012 No, regex would be a waste. But, that function is pretty much useless since you can just as easily use (int) $var instead of calling the function. You've basically created a function that does something that already exists. Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1364791 Share on other sites More sharing options...
peipst9lker Posted July 27, 2012 Share Posted July 27, 2012 You're not filtering you're casting? Is that what you meant? Filtering would be is_int(), is_numeric(), preg_match() The function you provided is casting any value to an integer. Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1364792 Share on other sites More sharing options...
xyph Posted July 27, 2012 Share Posted July 27, 2012 <?php $var = 1235523; $var2 = -245; $var3 = 'apple'; var_dump( isInt($var) ); // boolean true var_dump( isInt($var2) ); // boolean true var_dump( isInt($var3) ); // boolean false function isInt( $var ) { $var = (string)$var; if( ctype_digit($var) || ($var[0] == '-' && ctype_digit(substr($var,1))) ) return TRUE; return FALSE; } ?> Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1364794 Share on other sites More sharing options...
peipst9lker Posted July 27, 2012 Share Posted July 27, 2012 @xyph isn't is_numeric() doing the same thing? Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1364795 Share on other sites More sharing options...
xyph Posted July 27, 2012 Share Posted July 27, 2012 No, the manual tells you that. Floats are numeric, but they aren't integers. Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1364797 Share on other sites More sharing options...
dannyb785 Posted July 28, 2012 Author Share Posted July 28, 2012 Quote No, regex would be a waste. But, that function is pretty much useless since you can just as easily use (int) $var instead of calling the function. You've basically created a function that does something that already exists. I get what you're saying, but I only made it a function so that if I discovered that the function had a flaw in it that I could easily change it and not have to manually change every time I did that action on every page. And about casting/filtering: I just need to make sure that the specific input is an integer and convert it to an integer if it's not. So if it was "9 lbs" that the result would be '9', and similar Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1365010 Share on other sites More sharing options...
scootstah Posted July 28, 2012 Share Posted July 28, 2012 Quote No, the manual tells you that. Floats are numeric, but they aren't integers. So why not use is_int? Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1365012 Share on other sites More sharing options...
xyph Posted July 28, 2012 Share Posted July 28, 2012 Quote Quote No, the manual tells you that. Floats are numeric, but they aren't integers. So why not use is_int? Because PHP is loosely-typed, and generally variables coming from outside sources will be a string. It really depends how detailed you want your error reporting. Casting as an integer will close many potential attack vectors, but there's no way of knowing if the value being cast as an integer was actually an integer-equivalent prior to. I think you're taking my post out of context though. I was responding directly to this Quote @xyph isn't is_numeric() doing the same thing? I should've made that more clear. Link to comment https://forums.phpfreaks.com/topic/266323-best-way-to-filtering-to-only-integers/#findComment-1365073 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.