Trapfall in using PHP’s is_int() function
When processing data, especially from formulars or general user input, it is sometimes necessary to determine if a given value is of a certain type. In case of IDs for example there might be the need to check if a given id is of type Integer or not.
Since PHP does not require (or support) explicit type definition in variable declaration functions that checks for a certain type are a tricky topic. I saw a lot of code where people tried to use the PHP function called is_int() in that case. However is_int() should be used with great care. This function only returns true if a given value ($val) is initiated like the following:
$val = 1; // Without quotation marks
Processing form data
I did some research on it and found out that is_int() seems to work only with variables which are initialized in above’s way. However, the major domain where PHP coders might want to use the is_int() function is in
validating user- or form-data. For example have a look at the following URL:
http://localhost/index.php?id=1
If you validate the id in index.php with is_int() it will always return false:
That is because PHP seems to consider every user data passed from forms or simply via GET parameters as strings. So, do keep this in mind using the is_int() function.
Processing database data
In addition I ran a test to determine the types of the fields of simple mysql result sets. Although a field is defined in the mysql database as an Integer field is_int() will not work with it. Have a look at the following code snippet.
1 2 3 4 5 6 7 8 9 10 | $res = mysql_query($sql); $row = mysql_fetch_row($res); // First field is of type Integer in mysql (is_int($row[0])) ? print("int") : print("No int"); print (gettype($row[0])); print (mysql_field_type($res, 0)); // This program outputs: // No int // string // int |
In line 1 and 2 I get the data of a row. Assuming that the first field is set to hold only Integer values in the database table, line 4 prints out No Integer. Line 6 prints out why. PHP treats this value as a String again. However, line 6 assures us that the mysql field type is of type Integer. So, again - the use of is_int() function is rather useless in such a case.
I saw some people that tried a work-around with casting values to integers, but casting a value to an integer always ends up in a valid integer value. That means casting e.g. (int)”Test” will result in 0, which is of course a valid integer value. So, casting in that case totally misses the point.
Conclusion
In summary, I recommend not to use the is_int() function to process and validate form data. Personally I use the is_numeric() instead, although they are not identically. If you deal with data which come from databases there are two possible solutions I can think of. The first one would be also the usage of is_numeric() instead of is_int(). The second one would be a little bit more complex work-around. You could always check the mysql_field_type() if it is an integer and assume that all data from that field are of that type. If you place such a general check at a central place in your database abstraction layer, this might be a good solution.
In the end, I really wonder what the purpose of is_int() is. The only use I could think of would be in the following context:
$val = 10; if ( is_int($val) ) echo "It's an integer";
Use the results of my research at your own risk. Maybe I overlooked something in this issue. Well, this is open for discussion 
