| Author |
Message |
Donovan
Client
Joined: Oct 07, 2003
Posts: 691
Location: Ohio
|
 Posted:
Thu Nov 29, 2007 9:28 am |
 
|
Is there any preferred way to validate decimal values before writing them to the db?
Currently I have..
$irat_wt = $_POST['irat_wt'];
$grat_wt = $_POST['grat_wt'];
$appex_wt = $_POST['appex_wt'];
but all _POST values are a string aren't they?
These variable will hold the values of what weights of test results for different exam.
irat = individual readiness test
grat = group readiness test
appex = application exercise
Right now they are all data type decimal (3,2).
They will vote at the beginning of each year and decide how much the irat, grat, and appex is worth to their overall grade.
I was using values such as irat = 0.20, grat = 0.40, appex = 0.40
If I edit these values I want to ensure I validate the data before I update the table.
I guess I can decrease the length of the data type to 2,2 so I only have values such as .20 and .40.
Will intval() suffice? |
|
|
 
 |
|
gotcha
Regular
Joined: Mar 14, 2005
Posts: 79
|
| Posted:
Thu Nov 29, 2007 10:06 am |
|
intval will turn it into a whole number, removing the decimal point. I think the function you want to look at is number_format(). |
|
|
|
|
|
evaders99
Moderator
Joined: Apr 30, 2004
Posts: 2853
|
| Posted:
Thu Nov 29, 2007 2:04 pm |
|
floatval may also be a function to take a look at, depending on what you want to do |
|
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 7487
Location: Arizona
|
| Posted:
Fri Nov 30, 2007 10:08 pm |
|
Raven tends to recommend the PHP . Some reasons why:
"It should be noted that ctype functions are always preferred over regular expressions, and even to some equivalent str_* and is_* functions. This is because of the fact that ctype uses a native C library and thus processes significantly faster."
I could have sworn too that they are "rock solid", but I cannot recall the reference. |
|
|
|
|
|
Gremmie
Former Moderator in Good Standing
Joined: Apr 06, 2006
Posts: 2401
Location: Iowa, USA
|
| Posted:
Fri Nov 30, 2007 10:19 pm |
|
Unfortunately there is no ctype function for floating point numbers. 
If you are trying to prevent SQL injection and you know the value should be a float, I would use floatval() like evaders suggests. That will turn the string into a float, or 0 if it isn't a float. Then you could use sprintf to format it the way you want for the SQL query.
| Code: |
$x = sprintf('%5.2f', floatval($x));
$sql = "UPDATE ........... SET something = $x";
|
|
|
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 7487
Location: Arizona
|
| Posted:
Sat Dec 01, 2007 9:07 am |
|
Ah, yes, sorry.  That is a bummer |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
