Check if a variable is an integer in PHP

Question

I am doing a pagination script and I want to give users the ability to control how many results are shown in one page. I am doing this through the use of a GET variable, like this: example.org/articles.php?count=10. Only problem is that the GET variable must be an integer or the code spits out random errors, some of which contains information that the user should not be seeing.

Here is my code:

// Checks if there is a GET variable (this part works fine)
if (isset($_GET["count"])) {
    if (!empty($_GET["count"])) {
        $page_rows = $_GET["count"];
    } else { 
        $page_rows = $page_rows_default;
    }
} else { 
$page_rows = $page_rows_default;
}

// checks if the GET variable is an interger
// if not, the offending value is replaced with 0 
// (it doesn't work)
if(is_int($page_rows) == false) {
    $page_rows = 0;
}

From my experimentation my code can tolerate zeros and negative integers, but fails hard when given something like ?count=asdf. I mostly do not want the user to be able to crash the script by injecting random text into the GET variables. How do I get the script to automatically detect non-integer values so that they can be dealt with instead of simply halting the code?

try with is_numeric() . http://php.net/manual/en/function.is-numeric.php — Manashvi Birla, Jun 01 '15 at 05:45
It is irrelevant if the script checks if the value is numeric or not as you are using a GET request that can just be manipulated in the page request. Therefore I can just go into the address bar of my browser and type in `example.org/articles.php?count=asdf` if I wanted too and get the information you are trying to prevent the users from seeing. You should be using the POST method which will send the request in the HTTP header instead. In regards to pagination, you should use a drop down box with `10, 20, 50, 100, ALL` (or something similar) as options. — rjmd, Jun 01 '15 at 06:08

score 1 · Answer 1 · answered Jun 01 '15 at 05:46

1

You can use is_numeric(). For reference http://php.net/manual/en/function.is-numeric.php

answered Jun 01 '15 at 05:46

Manashvi Birla

2,837
3
14
28

The answer is correct. Downvoters mention the reason.!! – Manashvi Birla Jun 01 '15 at 05:48
1

this must be a comment. not an answer. thanks. – Alive to die - Anant Jun 01 '15 at 05:50
1

is_numeric checks only if the variable is of any numeric datatype (double, int, ..) and 1.23 isn't a integer, but a double. `is_numeric(1.23)` would be true. – take Jun 01 '15 at 05:52
The question here specifies " automatically detect non-integer values" like ?count=asdf . so is_numeric works – Manashvi Birla Jun 01 '15 at 05:56
`?count=1.23` would not work with `is_numeric()`, as "take" mentioned, it just checks for numeric type, not integer. – Adam Jun 24 '19 at 13:16

score 1 · Answer 2 · answered Jun 01 '15 at 05:48

1

is_numeric() can done the trick for you

if(is_numeric($page_rows))
{
   //your condition 
}
else
{
 //another condition
}

answered Jun 01 '15 at 05:48

Vivek Singh

2,453
1
14
27

Check if a variable is an integer in PHP

2 Answers2