views:

7128

answers:

7

I need to be able to see if a form input in PHP is numeric. If it is not numeric, the website should redirect. I have tried is_numeric() but it does not seem to work.

Code examples will be nice.

I am developing a shopping cart that accepts an interger value for the quantity. I am trying this:

if(!is_numeric($quantity)){
                //redirect($data['referurl']."/badinput");
                echo "is not numeric";
        }
+4  A: 

You should probably explain what you mean by "numeric" - integral, floating point, exponential notation etc? is_numeric() will accept all of these.

If you want to check that a string contains nothing other than digits, then you could use a regular expression, e.g.

/^\d+$/

If you're going to use the actual value as if it were an integer, you'll probably want to pass it through intval() anyway, which will return 0 if the value cannot be parsed - if 0 is a valid value, then you'll probably have to handle that in some way, maybe by constraining the lower range of the value.

Rob
There's a small error in your regex. Should be /^\d+$/You need to escape the d.
mabwi
Quite right, and corrected; thanks!
Rob
A: 

I am developing a shopping cart that accepts an interger value for the quantity. I am trying this:

if(!is_numeric($quantity)){
  //redirect($data['referurl']."/badinput");
  echo "is not numeric";
 }

but it does not work.

please add this information to your question instead o posting it as an answer! and delete this answer later.
tharkun
try "if ( is_numeric( $quantity ) ) { ... }" The problem is that "$qauntity == 0" is going to equal either 0 or 1 (false or true) and it will always be numeric.
gpojd
Sorry, yeah, I noticed the == 0
+1  A: 

Check is_int and is_numeric. There are examples in each of the links. If you need more help, I would post the data you are having problems with and a code sample.

EDIT:

$quantity == 0

will always be numeric, since it will return a boolean value (1 or 0). The correct thing to do it:

if ( is_numeric( $quantity ) ) {
...
}

or

if ( is_int( $quantity ) ) {
...
}
gpojd
A: 

What Rob said, although instead of regular expressions to check for digits, I would use ctype_digit

Tom Ritter
+1  A: 
if(!is_numeric($quantity == 0)){
                //redirect($data['referurl']."/badinput");
                echo "is not numeric";

What you have here are two nested conditions. Let's say $quantity is 1.

The first condition evaluates 1 == 0 and returns FALSE. The second condition checks if FALSE is numeric and returns FALSE because FALSE is not numeric.

just write:

if (!is_numeric($quantity))
{
    echo 'is not numeric';
}
tharkun
You missed a ')'...
Tader
Yeah, I missed all of these little errors. Thanks
A: 

tharkun has the best answer so far. If you're asking a question like this, it's my guess that you don't really want to start messing around with reg-exp's just yet.

Re-think your logic. Why do you want to check to see if $quantity==0 is a numeric result? If you're trying to avoid errors b/c you think it's possible for quantity to not have an assigned value, you're checking a little late. This is a very common (and nefarious) security hole in your application -- if $quantity has a value derived at all from user input, please make sure to sanitize the input before it reaches this point in execution. As a smaller part of the issue, you will not need to assign a default value, because you sanitized your input previously (and that sanitization is where you'd deal with a 'no input' situation).

Good luck!

Travis Leleu
Yeah, the entire problem was from a typo. Silly me
+1  A: 

It might also be wise to do some client side validation of the input using JavaScript.

The round-trip to the server and back is a long one for what might amount to a typo, and you'll reduce server overhead by making the client browser do a bit of the quality assurance beforehand.

infoxicated