We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

getQuery return string instead of a integer

Good evening. Why the line $this->request->getQuery('param', 'int', null) in the query ?param=-- returns string --. Why?

$di = new Phalcon\Di\FactoryDefault();
$request = new \Phalcon\Http\Request();
$request->setDI($di);

$_GET["param"] = "--";
var_dump($request->getQuery('param')); // --
var_dump($request->getQuery('param', 'int')); // --
var_dump($request->getQuery('param', 'int!')); // 0

$_GET["param"] = "*(^#%[email protected]&";
var_dump($request->getQuery('param')); // *(^#%[email protected]&
var_dump($request->getQuery('param', 'int')); // 0
var_dump($request->getQuery('param', 'int!')) // 0


5.8k

Then what's the point to write 'int' if the hard equation of type occurs when recording 'int!' ?

because -- is minus minus :)

var_dump(filter_var("--", FILTER_SANITIZE_NUMBER_INT)); // --

var_dump(filter_var("*(^#%[email protected]&", FILTER_SANITIZE_NUMBER_INT)); // 0

https://docs.phalcon.io/pl/latest/reference/filter.html

int Remove all characters except digits, plus and minus sign.

edited Nov '16

Yeah, this is odd if you really want to filter out input to be integer / numeric only. In that case, you'd need to use multiple filters:

 $num = (int) $this->filter->sanitize($num, ['myCustomFilter', 'alphanum', 'int']);

Source of this custom filter:

 //clean %20 URL encoded bytes
    $filter->add('myCustomFilter', function ($dat = null){
        return rawurldecode($dat);
    });