|
|
Posted by Jerry Stuckle on 11/04/05 21:44
Justin Koivisto wrote:
> Jerry Stuckle wrote:
>
> <snip>
>
>> Your way of forcing it to an int with intval would give me 1 item.
>> The correct response is to call is_int to determine if it is an
>> integer or not, and if it isn't, tell me about it.
>
>
> No, calling is_int is not the correct response. That is because all data
> that is collected from the user is of type string. is_int checks to see
> if it of type integer. What you'd really want to do is something like
> the following:
>
> if(is_numeric($_POST['num'])){
> if (intval($_POST['num']) == $_POST['num']){
> $clean['num']=intval($_POST['num']);
> }else if (floatval($_POST['num']) == $_POST['num']) {
> $clean['num']=floatval($_POST['num']);
> }
> }else{
> // not a number...
> }
>
>
>> Calling intval or floatval is incorrect - NEVER change the user's
>> data; it's either valid or invalid. If the former, process it. If
>> the latter, return an error message to the user!
>
>
> Correct, never change the submitted data, but in the case of numbers,
> converting the variable type is acceptable if you don't change the
> meaning of the submitted data.
>
Justin,
You're right - it should have been is_numeric. And the rest of your
code is great, as well (of course).
Thanks for the correction.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|