WebApp Sec mailing list archives

Re: PHP variable sanitization functions

From: Jan Pieter Kunst <jpk () akamail com>
Date: Wed, 27 Aug 2003 04:56:05 +0200

function check_integer($integer, $extras='') {
        if (!is_integer($integer)) {
                $this->set_error("Type not integer");
                return FALSE;
        }

[...]

}

But see this note from the PHP documentation regarding is_integer()or is_int():

<http://nl3.php.net/manual/en/function.is-int.php>:

"Note: To test if a variable is a number or a numeric string (such asform input, which is always a string), you must use is_numeric() ."

JP

Current thread:

PHP variable sanitization functions Gavin Zuchlinski (Aug 24)
- Re: PHP variable sanitization functions Liam Quinn (Aug 24)
  - Re: PHP variable sanitization functions Jamie Pratt (Aug 25)
  - Re: PHP variable sanitization functions Gavin Zuchlinski (Aug 25)
- <Possible follow-ups>
- Re: PHP variable sanitization functions Ulf Harnhammar (Aug 26)
  - Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 26)
    - Re: PHP variable sanitization functions Cameron Green (Aug 26)
    - Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 27)
    - Re: PHP variable sanitization functions Cameron Green (Aug 27)
    - Re: PHP variable sanitization functions Gavin Zuchlinski (Aug 28)
    - Re: PHP variable sanitization functions Jean-Jacques Halans (Aug 29)
    - Looking for coder.htm / ASCII encoder n30 (Aug 29)
    - Re: PHP variable sanitization functions Tim Tompkins (Aug 29)
- Re: PHP variable sanitization functions hokkaido (Aug 26)
- Re: PHP variable sanitization functions Slow2Show (Aug 26)