I have a URL that looks like this:
beta.test.com/vb/runlib.php?do=cars&model=cobalt&fsec=6,13,19,30&for=federal%20express

I am concerned with checking the fsec variable. If I use TYPE_INT, it truncates
all but the first number. If I use TYPE_STR, that doesn't really help. Could someone
point me in the right direction?

Thank you!

How do you want to check it? You can use TYPE_STR then do your own checking. I assume you want to check to avoid vulnerabilities? Then it depends on how you intend to use the value.

What about TYPE_UNIT ?

Set as string and you could do something like this:

$fsec = '56,56,56';
$num = explode(",", $fsec);
foreach($num as $key=>$val){
if(!ctype_digit($val)){
unset($num[$key]);
}
}
$fsec = implode(",", $num);

Thank you, This looks doable.
In answer to the others, this is pretty much what I would need to do if I used
TYPE_NOHTML (TYPE_STR). TYPE_UINT also returns just the first number.

Thank you all!

You indeed want to use TYPE_NOHTML unless you actually make use of HTML in certain strings.

Try TYPE_ARRAY_INT (for numbers) or TYPE_ARRAY_STR (for strings)

EDIT: Try the article below. Is superior and it helped me a lot to start coding for vB
https://vborg.vbsupport.ru/showthread.php?t=98047&highlight=Variables

I tried TYPE_ARRAY_INT and it would appear that I got an empty array as a result...
I used fsec=51,71,68,88,93,90 from the URL. I tried print_r and var_dump and they
seem to confirm the results. It definitely wasn't a string anymore. explode croaked... 8-)

--------------- Added 1412704140 at 1412704140 ---------------

I thing that I have noticed is that isset() is not working as expected with $vbulletin->GPC['xx']
It seems to resolve to always true which is not what it says in class_core.php.

I tried TYPE_ARRAY_INT and it would appear that I got an empty array as a result...

I've used this code so many times and works fine, but I'm currently out of my base to post a real example. Even if TYPE_ARRAY_... is more secure as it add one more level of security on what type of data to receive, you can also use TYPE_ARRAY without setting if it's number or text string.

--------------- Added 07 Oct 2014 at 21:44 ---------------

Also, because as I seen you're collecting the values from URL, you must use the syntax:

$vbulletin->input->clean_array_gpc('r', array(
'fsec' => TYPE_ARRAY_INT
));
r = Request
p = Post
g = Get

[QUOTE=NickTheGreek;2518036]
Also, because as I seen you're collecting the values from URL, you must use the syntax:

$vbulletin->input->clean_array_gpc('r', array(
'fsec' => TYPE_ARRAY_INT
));


That is exactly what I have and I get an empty array. Not to be too obvious
but fsec looks like a string.. "1,2,4" I was getting the impression that
TYPE_ARRAY_INT would do the conversion? It definitely sets the type.

If I use TYPE_STR, that doesn't really help.

Why are you saying it? The code below works fine:

// ##### REQUIRE BACK-END #####
require_once('./global.php');
// ##### TESTING ARRAY REQUEST #####
if ($_REQUEST['do'] == 'testarray')
{
$fsec = $vbulletin->input->clean_gpc('r', 'fsec', TYPE_STR);
$fsec_data = explode(',', $fsec);
print_r($fsec_data);
}


You can check it:
http://www.christeris.net/vb422/testarray.php?do=testarray&fsec=6,13,19,30

--------------- Added 1412711489 at 1412711489 ---------------

Not to be too obvious
but fsec looks like a string.. "1,2,4" I was getting the impression that
TYPE_ARRAY_INT would do the conversion? It definitely sets the type.

TYPE_ARRAY_INT should never works as you're sending the data as string and not as Array. Further more I don't even know if you can send Array in a URL. But as form element you can do, and guarantee that TYPE_ARRAY_INT and TYPE_ARRAY_STR works. But as form element.

yes, I do realize that and that method works. I was further interested
in if TYPE_ARRAY_INT would work... However, looking at the class,
TYPE_ARRAY_INT is defined as '102' but never used as far as I can tell.

yes, I do realize that and that method works. I was further interested
in if TYPE_ARRAY_INT would work... However, looking at the class,
TYPE_ARRAY_INT is defined as '102' but never used as far as I can tell.

We can continue with more tests tomorrow. It's 23:00pm for me, and my bed is calling me :)

Thank you for the help!