Purpose: In order to prevent sql injection, tid and goods_id are both positive integer types to prevent people from appending statements like ?tid=1 or 1 at the end.
Principle: No matter how sinister your parameters are, they will all become numerical types after +0
For example '?tid=1 or 1' , the value becomes 1 after $_GET['tid']+0;
Some students asked why you don’t use (int) to force conversion or intval to convert.
1: Whichever way you use, the purpose is the same
2: Use +0, Only 2 characters need to be typed, 5 characters need to be typed with (int), and 8 characters need to be typed with intval().
3: For +0, I don’t need to care whether $tid is an integer, a floating point type, or greater than 2 The long integer type of ^32 (such as bigint obtained in mysql) and +0 can be adapted.
But if you use forced conversion, overflow will occur. Of course, you can say that I use float to convert, but there is no difference in scoring. ?.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
