0





372
1



I am working in yii1. I want to edit a record on the based of id(primary key), and passes id inf the form of query string from one page to another. Now I want to sanitize that id on controller where I receive id.
I use filter_input() but it cant work.

public function actionEditStudentById()
{
    try
    {
        $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
        echo $id;
        die();

        $id = $_GET['id'];
        $model = StudentDetail::getStudentById($id);

        if (!$model) throw new Exception;

        if(isset($_POST['StudentDetail']))
        {
            $model->attributes = $_POST['StudentDetail'];
            if($model->validate())
            {
                $model->save(FALSE);
                Yii::app()->user->setFlash('update', "Record updated successfully!");
                $this->redirect(['student/list']);
            }
        }
        $this->render('_form',array('model'=>$model));
    }
    catch(Exception $e)
    {
        echo 'Invalid user id: user not available';
    }
}

Here die() is just used to stop the code. Just before die() id is always null. I want that id is always be a number and not any symbol allows in url

Question author Palash-gupta | Source

0


1

Hi Why don't you use int before your id

Cast your string to an integer explicitly

 $id = (int)$_GET['id'];
Answer author User1234

Ask about this question here!