Because that only typecasts it. It's safe but it isn't what the user
actually entered.
This way I can actually determine if the user put in "123abc" and
reject it, not accept it and keep the "123" silently for example. Same
with floats. You may or may not consider a negative number acceptable,
or with ints and floats 0 might not be acceptable too. So it's some
analysis before intval/floatval/etc. I want to return to the user with
a rejection notice so they literally get what they gave me (assuming
it passes the sanity check) - it's not just simple silently
typecasting and giving them something they didn't give me.
And I meant to say "garbage in, garbage out*"
* properly encoded or sanitized of course
:)
On Jun 7, 2010, at 10:51 AM, Ashley Sheridan
<a...@ashleysheridan.co.uk> wrote:
Why waste time validating an integer value when intval() will do
that for you?
Thanks,
Ash
http://www.ashleysheridan.co.uk
