Using casts:
<?php
$value = 44;
echo "value: $value\n";
echo 'SELECT * FROM `foo` WHERE `id` = ' . (int)$value;
?>
<?php
$value = 'foobar';
echo "value: $value\n";
echo 'SELECT * FROM `foo` WHERE `id` = ' . (int)$value;
echo "\nProbably not the desired outcome!";
?>
Using validation:
<?php
$value = 44;
echo "value: $value\n";
if (filter_var($value , FILTER_VALIDATE_INT)) {
echo 'SELECT * FROM `foo` WHERE `id` = ' . $value;
} else {
echo "Bad user. Give me a number!";
}
?>
<?php
$value = 'foobar';
echo "value: $value\n";
if (filter_var($value , FILTER_VALIDATE_INT)) {
echo 'SELECT * FROM `foo` WHERE `id` = ' . $value;
} else {
echo "Bad user. Give me a number!";
}
?>