Hey fella's,

I'm sure I read somewhere that this abs((int) is deprecated



Would this be its replacement?



And things like these, do they need to be protected?

flag ID is an int
The rest are either names or files?



So what's the go - Do they all need to be done with either intval( for integers and either mysql_real_escape_string( for the names and files or is something else more appropriate for the names and files?

If that's related to IP (or phpBB3), you should use request_var.

It uses the second argument's type to coerce the value. For example, `request_var('foo', 0)` will always return an integer, because "0" is an integer

Thank you my friend, but no, it's not for IP or phpBB - It's that games script that I've decided to go back to and clean it up some.

Alright, fair enough -- Then I think you should use some function like that anyway ;-).

With request_var:



Without:



It's just far cleaner throughout the code.

Thank you my friend  

The request_var didn't work (undefined) but the other one works a treat - And now I've got enough to keep me busy for a few days.

And just so that I can complete each page without going back over them, I have but one last question (For Now)  

Would it be wise to at least add mysql_real_escape_string( or something else to these vars  

Right – `request_var` isn't a php function, but you should be able to "steal it" easily.

For your last question, no, I don't think it's wise to mysql_real_escape_string here. I think you should only use that function when you're inserting stuff in the DB.

(and BTW, I'd probably use a function "on top of" `mysql_real_escape_string`, like IP has `$db->sql_escape()`, so that if you need to change the database later it'll be easy. You might want to look into php's PDO)

Quote:

but you should be able to "steal it" easily.

HAHAHA! "Steal?"  Finding it would be something else!  I'd have to load ALL the function files with notepad++ to have any chance.

But this -> `$db->sql_escape()`, I need to have a look at because I'd like to go to PDO and anything I can do a step at a time to get this mess modernised - I'll do it.

And thanks for your help too!  

Because I'm in the position where I'm too old to be reading about everything that I want to do, although I DO read a lot before I ask any questions, but it takes so long to find the right info when someone like your self jumps onto it straight away.

Let's face it - I'm too bloody old to make a future out of knowing everything about php.  

So I just need the bits that I'm stuck on.  

Tell you what I don't want to do though - And that's add stuff that is at the moment strictly used by phpBB - I just want to stick with the stuff that's in general use.