[ create a new paste ] login | about

Link: http://codepad.org/kZGrkNuG    [ raw code | output | fork ]

PHP, pasted on Jan 25: 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

Using casts:

<?php
$value = 44;
echo "value: $value\n";
echo 'SELECT * FROM `foo` WHERE `id` = ' . (int)$value;
?> 

<?php
$value = 'foobar';
echo "value: $value\n";
echo 'SELECT * FROM `foo` WHERE `id` = ' . (int)$value;
echo "\nProbably not the desired outcome!";
?> 


Using validation:

<?php
$value = 44;
echo "value: $value\n";
if (filter_var($value , FILTER_VALIDATE_INT)) {
    echo 'SELECT * FROM `foo` WHERE `id` = ' . $value;
} else {
    echo "Bad user. Give me a number!";
}
?> 


<?php
$value = 'foobar';
echo "value: $value\n";
if (filter_var($value , FILTER_VALIDATE_INT)) {
    echo 'SELECT * FROM `foo` WHERE `id` = ' . $value;
} else {
    echo "Bad user. Give me a number!";
}
?>


Output: 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

Using casts:

value: 44
SELECT * FROM `foo` WHERE `id` = 44 

value: foobar
SELECT * FROM `foo` WHERE `id` = 0
Probably not the desired outcome! 


Using validation:

value: 44
SELECT * FROM `foo` WHERE `id` = 44 


value: foobar
Bad user. Give me a number!


Create a new paste based on this one


Comments: