Validating Form Input: Numbers

You want to make sure a number is entered.

Use ctype_digit() if the integer is larger than or equal to zero. This is good to validate values that consist of digits. It won't help if you want to check for negative or decimal numbers. 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>PHP</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
function display_form() {
echo <<<HTML
<form action = "$_SERVER[SCRIPT_NAME]" method="post">
Enter your age
<input type="text" name="age" />
<input type="submit" value="Submit" />
</form>
HTML;
}

// validating a number with ctype_digit()
if (ctype_digit($_POST['age'])) {
	echo 'Hello, '.$_POST['age'];
}
else {
	echo "Your age must be bigger than or equal to zero.";
	display_form();
}
?>
</p>
</body>
</html>

View the effect

If you're looking for a positive or negative integer, compare the submitted value to what you get when casting it to an integer and then back to a string. 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>PHP</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
function display_form() {
echo <<<HTML
<form action = "$_SERVER[SCRIPT_NAME]" method="post">
Enter your rating
<input type="text" name="rating" />
<input type="submit" value="Submit" />
</form>
HTML;
}

// validating an integer with typecasting
if ($_POST['rating'] == strval(intval($_POST['rating']))) {
	echo 'Your rating is '.$_POST['rating'];
}
else {
	echo "Your rating must be an integer.";
	display_form();
}
?>
</p>
</body>
</html>

View the effect

If you're looking for a positive and negative decimal number, compare the submitted value to what you get when casting it to a floating point number and then back to a string. 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>PHP</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
function display_form() {
echo <<<HTML
<form action = "$_SERVER[SCRIPT_NAME]" method="post">
Enter your temperature
<input type="text" name="temperature" />
<input type="submit" value="Submit" />
</form>
HTML;
}

// validating a decimal number with typecasting
if ($_POST['temperature'] == strval(floatval($_POST['temperature']))) {
	echo 'Your temperature is '.$_POST['temperature'];
}
else {
	echo "Your temperature must be a number.";
	display_form();
}
?>
</p>
</body>
</html>

View the effect


Forms | Introduction | Creating a Form | Superglobals | Processing Form Input | Required Fields | Numbers | Drop-Down Menus | Radio Buttons | Checkboxes | Periods in Their Names | Preventing Cross-Site Scripting | Stripping out Slashes | Redirecting the User | Server Information | Determining Browser Type | Sticky Forms
© 2008: Hann So
email: hso@voyager.deanza.edu