chocopi Posted June 24, 2007 Share Posted June 24, 2007 I know that using $_GET can be dangerous if you are not careful, I was wondering if it would be safe just to use is_numeric() ? As I only want for numerical values to be passed through $_GET would it be safe to use is_numeric() or should I take other procautions ? Thanks ~ Chocopi Quote Link to comment Share on other sites More sharing options...
trq Posted June 24, 2007 Share Posted June 24, 2007 I'de use sprintf or maybe even type casting. As far as I know, anything coming through $_GET is actually a string. Quote Link to comment Share on other sites More sharing options...
chocopi Posted June 24, 2007 Author Share Posted June 24, 2007 kool thanks, but how would I only allow for numbers ? or would it be formatted so that it is treated all as a interger ? ~ Chocopi Quote Link to comment Share on other sites More sharing options...
trq Posted June 24, 2007 Share Posted June 24, 2007 <?php // either. $num = sprintf("%d",$_GET['key']); // or $num = (int) $_GET['key']); ?> Of course you could also use preg_match <?php $num = preg_match('[0-9]',$_GET['key']); ?> Quote Link to comment Share on other sites More sharing options...
chocopi Posted June 24, 2007 Author Share Posted June 24, 2007 Cheers Thanks Thorpe Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.