How do you filter non numerical values

How do you filter or sanitize non numeric values to be safe from attacks and hacks like sql injection,cross script injection etc

for eg,if number i usually type cast (int)
but for values like say name,may be title etc which can be anything ..

what do you do now

i disallow html and use some php function for now

 

you can try using is_numeric($var)
http://php.net/manual/en/function.is-numeric.php

or maybe is_int($var), both return bool value, the latter gives true only if the variable is integer

hope this helps,
regards

 

did u really say the word NON there in front of numeric

 

I just pointed out the function you can use. Use it as you want

 

then may be you don't understand what that function does....
is_numeric checks either value is numeric or not numeric...

and just non numeric doesnt mean that it is all attacks safe....

so what i want is something different...

 

mysql_real_escape_string();
maybe you can use it as a post test for the is_numeric() function

 

take a look at the filter_var() function