PHP is_numeric 或 preg_match 0-9 验证
这对我来说不是一个大问题(据我所知),这更多的是我感兴趣的事情。但是,使用 is_numeric 和 preg_match(反之亦然)来验证用户输入值的主要区别是什么(如果有的话)。
示例一:
<?php
$id = $_GET['id'];
if (!preg_match('/^[0-9]*$/', $id)) {
// Error
} else {
// Continue
}
?>
示例二:
<?php
$id = $_GET['id'];
if (!is_numeric($id)) {
// Error
} else {
// Continue
}
?>
我假设两者的作用完全相同,但是是否存在任何可能在以后以某种方式导致问题的具体差异?是否有“最好的方法”或我没有看到的东西使它们与众不同。
This isn't a big issue for me (as far as I'm aware), it's more of something that's interested me. But what is the main difference, if any, of using is_numeric over preg_match (or vice versa) to validate user input values.
Example One:
<?php
$id = $_GET['id'];
if (!preg_match('/^[0-9]*$/', $id)) {
// Error
} else {
// Continue
}
?>
Example Two:
<?php
$id = $_GET['id'];
if (!is_numeric($id)) {
// Error
} else {
// Continue
}
?>
I assume both do exactly the same but is there any specific differences which could cause problems later somehow? Is there a "best way" or something I'm not seeing which makes them different.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(12)
is_numeric()测试值是否为数字。但它不一定必须是整数 - 它可以是十进制数或科学记数法中的数字。您给出的
preg_match()示例仅检查值是否包含数字 0 到 9;其中任意数量且以任意顺序。请注意,您给出的正则表达式也不是完美的整数检查器,就像您编写的方式一样。它不允许负面的东西;它确实允许零长度字符串(即根本没有数字,这可能不应该是有效的?),并且它允许数字具有任意数量的前导零,这也可能不是预期的。
[编辑]
根据您的评论,更好的正则表达式可能如下所示:
这强制第一个数字只能在 1 和 9 之间,因此不能有前导零。它还强制它的长度至少为一位数字,因此解决了零长度字符串问题。
你不担心负面影响,所以这不是问题。
您可能想要限制位数,因为就目前情况而言,它将允许太大而无法存储为整数的字符串。为了限制这一点,您可以将星号更改为长度限制,如下所示:
这将允许字符串的长度在 1 到 16 位数字之间(即第一个数字加上 0-15 个数字)。请随意调整花括号中的数字以满足您自己的需要。如果你想要一个固定长度的字符串,那么你只需要在大括号中指定一个数字。
is_numeric()tests whether a value is a number. It doesn't necessarily have to be an integer though - it could a decimal number or a number in scientific notation.The
preg_match()example you've given only checks that a value contains the digits zero to nine; any number of them, and in any sequence.Note that the regular expression you've given also isn't a perfect integer checker, the way you've written it. It doesn't allow for negatives; it does allow for a zero-length string (ie with no digits at all, which presumably shouldn't be valid?), and it allows the number to have any number of leading zeros, which again may not be the intended.
[EDIT]
As per your comment, a better regular expression might look like this:
This forces the first digit to only be between 1 and 9, so you can't have leading zeros. It also forces it to be at least one digit long, so solves the zero-length string issue.
You're not worried about negatives, so that's not an issue.
You might want to restrict the number of digits, because as things stand, it will allow strings that are too big to be stored as integers. To restrict this, you would change the star into a length restriction like so:
This would allow the string to be between 1 and 16 digits long (ie the first digit plus 0-15 further digits). Feel free to adjust the numbers in the curly braces to suit your own needs. If you want a fixed length string, then you only need to specify one number in the braces.
根据 http://www.php.net/manual/en/function .is-numeric.php,is_numeric 允许类似“+0123.45e6”或“0xFF”的内容。我认为这不是你所期望的。
preg_match 可能会很慢,你可以使用 0000 或 0051 之类的值。
我更喜欢使用 ctype_digit (仅适用于字符串,使用 $_GET 也可以)。
According to http://www.php.net/manual/en/function.is-numeric.php, is_numeric alows something like "+0123.45e6" or "0xFF". I think this not what you expect.
preg_match can be slow, and you can have something like 0000 or 0051.
I prefer using ctype_digit (works only with strings, it's ok with $_GET).
is_numeric() 允许任何形式的数字。因此
1、3.14159265、2.71828e10都是“数字”,而您的正则表达式可归结为相当于is_int()< /代码>is_numeric() allows any form of number. so
1,3.14159265,2.71828e10are all "numeric", while your regex boils down to the equivalent ofis_int()is_numeric 接受“-0.5e+12”作为有效 ID。
is_numeric would accept "-0.5e+12" as a valid ID.
不完全一样。
来自 is_numeric 的 PHP 文档:
使用正则表达式,您只检查“基本”数值。
另外
is_numeric()应该更快。Not exactly the same.
From the PHP docs of is_numeric:
With your regex you only check for 'basic' numeric values.
Also
is_numeric()should be faster.is_numeric 检查它是否是任何类型的数字,而您的正则表达式检查它是否是整数(可能带有前导 0)。对于存储为整数的 id,我们很可能不希望有前导 0。按照 Spudley 的回答,我们可以这样做:
但是,正如 Spudley 指出的那样,生成的字符串可能太大而无法存储为 32 位或 64 位整数值。有符号 32 位整数的最大值为 2,147,483,647(10 位),有符号 64 位整数的最大值为 9,223,372,036,854,775,807(19 位)。然而,许多 10 位和 19 位整数分别大于最大 32 位和 64 位整数。一个简单的仅限正则表达式的解决方案分别是:
或
,但不幸的是,这些“解决方案”将每个解决方案限制为 9 和 19 位整数;很难得到令人满意的结果。更好的解决方案可能是这样的:
is_numeric checks whether it is any sort of number, while your regex checks whether it is an integer, possibly with leading 0s. For an id, stored as an integer, it is quite likely that we will want to not have leading 0s. Following Spudley's answer, we can do:
However, as Spudley notes, the resulting string may be too large to be stored as a 32-bit or 64-bit integer value. The maximum value of an signed 32-bit integer is 2,147,483,647 (10 digits), and the maximum value of an signed 64-bit integer is 9,223,372,036,854,775,807 (19 digits). However, many 10 and 19 digit integers are larger than the maximum 32-bit and 64-bit integers respectively. A simple regex-only solution would be:
or
respectively, but these "solutions" unhappily restrict each to 9 and 19 digit integers; hardly a satisfying result. A better solution might be something like:
is_numeric检查更多:is_numericchecks more:您可以使用此代码进行号码验证:
You can use this code for number validation:
如果您仅检查它是否是一个数字,那么
is_numeric()在这里要要好得多。它比正则表达式更具可读性并且速度更快。这里的正则表达式的问题是它不允许十进制值,所以本质上您刚刚在正则表达式中编写了
is_int()。仅当输入中存在非标准数据格式时才应使用正则表达式; PHP 有大量内置验证函数,甚至是没有正则表达式的电子邮件验证器。If you're only checking if it's a number,
is_numeric()is much much better here. It's more readable and a bit quicker than regex.The issue with your regex here is that it won't allow decimal values, so essentially you've just written
is_int()in regex. Regular expressions should only be used when there is a non-standard data format in your input; PHP has plenty of built in validation functions, even an email validator without regex.PHP 的 is_numeric 函数允许浮点数和整数。同时,如果您想验证表单数据(仅限字符串),则 is_int 函数过于严格。因此,您通常最好为此使用正则表达式。
严格来说,整数是正整数和负整数,也包括零。这是一个正则表达式:
或者,如果您想允许前导零:
请注意,这将允许使用诸如 -0000 之类的值,但这不会在 PHP 中引起问题。 (MySQL 也会将此类值转换为 0。)
出于考虑 32/64 位 PHP 平台功能 和/或数据库兼容性。例如,要将整数的长度限制为 9 位(不包括可选的 - 符号),您可以使用:
PHP's is_numeric function allows for floats as well as integers. At the same time, the is_int function is too strict if you want to validate form data (strings only). Therefore, you had usually best use regular expressions for this.
Strictly speaking, integers are whole numbers positive and negative, and also including zero. Here is a regular expression for this:
OR, if you want to allow leading zeros:
Note that this will allow for values such as -0000, which does not cause problems in PHP, however. (MySQL will also cast such values as 0.)
You may also want to confine the length of your integer for considerations of 32/64-bit PHP platform features and/or database compatibility. For instance, to limit the length of your integer to 9 digits (excluding the optional - sign), you could use:
同时,以上所有值仅限制为整数,
所以我
也用来允许浮点值。
Meanwhile, all the values above will only restrict the values to integer,
so i use
to allow float values too.
您可以使用filter_var()来检查字符串中的整数
You can use filter_var() to check for integers in strings