Weird issue: alphabetical values ignored in queries

#1
[eluser]cyberjunkie[/eluser]
I'm tremendously baffled and annoyed by this.

I'm passing a third URL segment that is a user id.

e.g.
Quote:http://mysite.com/index.php/profile/user/63

The 3rd segment is captured by my function:

Code:
function user($user_id)
    {    
        if ($user_id && valid_user($user_id)) //if segment passed and user exists
        {        
            //get user's profile data
            $data['row'] = $this->Profile_model->profile_read($user_id);            
            $this->load->view('profile/public/user_view', $data);

        }
        else
        {
            redirect('home');
        }

So the function above returns data for user 63. If I type a user id that does not exists, e.g. 6347267, it redirects home. However if I add letters to a valid user id, e.g. 63ghjfs it somehow gets the right data. It seems to somehow ignore the letters.

The query looks like this:

Code:
SELECT * FROM (`users`) WHERE `user_id` = '62ghjfs' LIMIT 1

User ids are strictly integers. How in the world is it returning the right data when id "62ghjfs" does not exist! This is so confusing..

#2
[eluser]Eric Barnes[/eluser]
My first advice is to cast $user_id to an int so that you are 100% positive you are in fact with the expected data type.
Code:
$user_id = (int) $user_id;

#3
[eluser]cyberjunkie[/eluser]
Thanks for the advice Eric! I will definitely do that.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.