//get rid of all kinds of spaces $IDs = preg_replace('/s+/', '', $inputIDs); if(!preg_match(''/^\d+$|^(\d+,)+\d+$/'', $IDs)) { echo "Invalid Input"; } |
You could use the validated IDs above in a SQL like the this:
SELECT * FROM t1 WHERE id IN($IDs) |
Disclaimer: I am not going to be responsible for any kind of SQL injection resulting from using the snippet above.
updated 20-Mar-2013