HomePHP Page 3 - PHP Programs to Prevent MySQL Injection or HTML Form Abuse
Validating Numeric Input - PHP
It has been known for a while that if a form is unsecured, malicious code in the form of a MySQL injection will be initiated to attack the site. HTML forms such as drop down menus, search boxes and check boxes are all susceptible entry points for this type of abuse. This article will explain what happens in this kind of attack, and how to prevent it.
The script below validates whether the input is a valid number from 0.001 to infinity. It's worth noting, however, that in a PHP program you can even allow a certain range of numbers to be used. Using this validating script ensures that input to that form is a number and nothing else.
Suppose that in your program there are three numeric variables; you will need to validate them, and we will name them num1, num2 and num3: