EDIT: NOT a duplicate, I'm not asking to check for integers, I'm asking for non integers numbers. So it's not.
EDIT2: New script.
LAST EDIT (for reference): You're looking for is_numeric(). Also, do not use "sanitation", instead use preg_match() to make sure it only contains allowed characters (using a regex). This way you can alert the user of invalid characters, plus his/her input won't be modified without his/her knowledge.
I'd like to automize the variable declaring/sanitizing process for large forms.
I'm using a list (array) that contains all the elements names of the form so I can loop through them and dynamically declare/sanitize them.
$list = array( 'name', '...' );
foreach ( $list as $name ) {
if ( is_array($_POST[$name]) ) {
$$name = filter_input( INPUT_POST , $name , FILTER_SANITIZE_STRING , FILTER_REQUIRE_ARRAY );
foreach ($$name as $key) {
// not sure, but i'd do this
$key = preg_replace('[a-z]', '', $key);
if ( is_numeric($$name[$key]) ) {
$$key = (int) $$name[$key];
} else {
$$key = $$name[$key];
}
}
} else {
if ( is_numeric($_POST[$name]) ) {
$$name = filter_input( INPUT_POST , $name , FILTER_SANITIZE_NUMBER_INT );
} else {
$$name = filter_input( INPUT_POST , $name , FILTER_SANITIZE_STRING );
}
}
}
So now, in theory, I can simply use the variable name and have the values of the arrays:
$stmt->bind_param('isis', $nums, $texts, $more_nums, $more_texts);
In the example, those variables were dynamically generated.
How would I do this? Thanks.
