Re: PHP Security — PHP Programming Language

You are here: Re: PHP Security « PHP Programming Language « IT news, forums, messages

Posted by Justin Koivisto on 11/04/05 22:18

Justin Koivisto wrote:
>
> if(is_numeric($_POST['num'])){
> if (intval($_POST['num']) == $_POST['num']){
> $clean['num']=intval($_POST['num']);
> }else if (floatval($_POST['num']) == $_POST['num']) {
> $clean['num']=floatval($_POST['num']);
> }
> }else{
> // not a number...
> }

Some things I should have pointed out is that this does not cover all
the different ways of representing numbers...

For instance, if the submitted value was an octal number like "010",
$clean['num'] is 10 rather than 8 as it should.

If "0x10" was submitted, $clean['num'] == NULL rather than 16...

If "1e4" is submitted, $clean['num'] == float(10000)...

--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com

Navigation:

Next in forum: Re: PHP Security
Prev in forum: Re: Appending #anchor with other variables
Thread view: Re: PHP Security

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация