How can I make this query strip out any extra form inputs that aren't numbers for the $_POST[price] ? Can I alter the below code or is it better to put something in the form input instead? I just want to make sure they only enter positive numbers, so they can't put . or - $add = doquery("INSERT INTO {{table}} VALUES ('', '$userrow[id]', '$type', '$item', '$_POST[price]'; Code (markup):
Use this PHP code to strip each text except for Numbers: $numbers=ereg_replace("[^0-9]", "", $string); PHP: Thanks, hope it helps!
$numbers=ereg_replace("[^0-9]", "", $_POST['price']); echo '<input type="hidden" name="price" value="'.$numbers.'" />'; PHP:
Thanks, rep added. I couldn't get it to work in the form like that but I used what you showed me like this: $goodcleannumbers=ereg_replace("[^0-9]", "", $_POST['price']); $add = doquery("INSERT INTO {{table}} VALUES ('', '$userrow[id]', '$type', '$item', '.$goodcleannumbers.',... Code (markup): Does that look right, it seems to work?