Magic quotes and data integrity 2

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

Magic quotes and data integrity 2

Post by Heavy »

When I submit a text-field from a form using POST. I (the client) might fill the field with data like:

Code: Select all

123blabla
Note that there letters in the data.

I use MySQL and PHP.

Let's say I want to perform a data insertion:

Code: Select all

mysql_query("insert into table1 set Var1='".convert_function({$_POSTї'Fieldname1']})."'
Is there a conversion function I can use to convert the parameter to a valid number and get a type incompatibility error if it is not possible?

I refer to the ASP.VBScript function "clng()" .

clng() reports an error and aborts execution of the ASP-page.

would the PHP funtion "intval()" do the same?

I could test this on my computer and learn by myself, but I am far from the machine right now, and I believe It might be good for all of us newbies to read the anwers to this post. :wink:
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

no, intval will not abort the script execution

Code: Select all

<html><body>
<table border="1">
<?php
$a = "123abc";
$b = "123";
$c = 123;

echo '<tr><th> </th><th>$a=', $a, '</th><th>$b=', $b, '</th><th>$c=', $c,'</th></tr>';

echo '<tr><td>is_numeric()</td><td>',
 is_numeric($a)   ? 'true':'false', '</td><td>',
 is_numeric($b)   ? 'true':'false', '</td><td>',
 is_numeric($c)   ? 'true':'false', '</td></tr>';

echo '<tr><td>is_float()</td><td>',
 is_float($a)   ? 'true':'false', '</td><td>',
 is_float($b)   ? 'true':'false', '</td><td>',
 is_float($c)   ? 'true':'false', '</td></tr>';
 
echo '<tr><td>is_int()</td><td>',
 is_int($a)   ? 'true':'false', '</td><td>',
 is_int($b)   ? 'true':'false', '</td><td>',
 is_int($c)   ? 'true':'false', '</td></tr>';
 

echo '<tr><td>is_integer()</td><td>',
 is_integer($a)   ? 'true':'false', '</td><td>',
 is_integer($b)   ? 'true':'false', '</td><td>',
 is_integer($c)   ? 'true':'false', '</td></tr>';  
 
 
echo '<tr><td>is_string()</td><td>',
 is_string($a)   ? 'true':'false', '</td><td>',
 is_string($b)   ? 'true':'false', '</td><td>',
 is_string($c)   ? 'true':'false', '</td></tr>';  
 
 
echo '<tr><td>intval()==value</td><td>',
 (intval($a)==$a)     ? 'true':'false', '</td><td>',
 (intval($b)==$b)   ? 'true':'false', '</td><td>',
 (intval($c)==$c)   ? 'true':'false', '</td></tr>';   
 
echo '<tr><td>value==intval()</td><td>',
 ($a==intval($a))     ? 'true':'false', '</td><td>',
 ($b==intval($b))   ? 'true':'false', '</td><td>',
 ($c==intval($c))   ? 'true':'false', '</td></tr>';    

echo '<tr><td>value==(string)intval()</td><td>',
 ($a==(string)intval($a))     ? 'true':'false', '</td><td>',
 ($b==(string)intval($b))   ? 'true':'false', '</td><td>',
 ($c==(string)intval($c))   ? 'true':'false', '</td></tr>';  
?></table></body></html>
most astonishing I found the results for intval($a)==$a and $a==intval($a).
afaik there is assertion-support in php 4.3
Post Reply