Problems using is_int in if statement
Posted: Mon Mar 23, 2009 5:52 pm
Hi everyone,
I am using variables in my url with the $_GET statement which I put into a sql statement to retrieve page content from mySQL db. I wanted to prevent sql injection and I thought that as the variable will only contain numbers I could use this as my check. (If it is not a number reset the variable to the default page.)
This is my code below but it doesn't seem to work. I am not sure what I am doing wrong. The outer 'if' statement works but the inner one doesn't, it always evaluates to TRUE even with a valid number. Can anyone help? Thanks,
I am using variables in my url with the $_GET statement which I put into a sql statement to retrieve page content from mySQL db. I wanted to prevent sql injection and I thought that as the variable will only contain numbers I could use this as my check. (If it is not a number reset the variable to the default page.)
This is my code below but it doesn't seem to work. I am not sure what I am doing wrong. The outer 'if' statement works but the inner one doesn't, it always evaluates to TRUE even with a valid number. Can anyone help? Thanks,
Code: Select all
$myID = $_GET['contentid'];
if(empty($myID)){
echo ("The variable is empty.");
$myID = 1;
} else {
echo ("The variable is not empty.");
if(!(is_int($myID)))
echo ($myID);
$myID = 1;
}