Am I validating twice?

Asked

Viewed 47 times

-3

Hello, I have a Select in a form with values only integers.

When receiving this information in PHP, I make the following validations:

Validação

Because I’m already wearing (int) on line 297 and line 302, my first validation (on line 292, with !is_numeric) is redundant?

On line 292 I check if it is a number, on line 297 if it is not "0" (which would indicate that it is the first option of select "Select...", ie the user sent the form without selecting any option) and on line 302 I check if the selected option really exists in DB (and which was not manually changed by "Inspect Element") and which is not "99", which is equivalent to the select "Other" option.

I mean, how am I using (int), do I really need the 292 line? Or do I need to do this double-check?

Thank you.

php validation int

1 answer

2


Yes, it is redundant.

You could apply the cast once. The name of this is sanitization (Sanitize).

After sanitizing, filter and validate.

Example

$var = (int)$var; // Faz o cast para numérico inteiro

// verifica se é vazio ou igual a zero.
// o motivo é que o casting acima remove tudo que não for numérico.
if (empty($var || $var == 0)) {
    // mensagem de erro
}

In the other section of checkcategoryid and != 99, reverse the order by first checking if it is 99 so avoid unnecessary process if the number is 99.

note: This answer is based only on the code snippet you posted, such as the explanations in the question.

  • Thanks for the Checkcategoryid tip, it hadn’t even crossed my mind.

Browser other questions tagged php validation int

You are not signed in. Login or sign up in order to post.