I'm using url parameters to search my database with. For security reasons I need to make sure that these parameters are valid and not trying to do things like inject code. I've never been able to come up with a bulletproof and not over-thought way to do this simple task. I think one of the problems is values taken from the parameters are automatically treated as strings. Feedback is greatly appreciated.
$set can be 1, 2, 3, 4, or 5.
$lat can be any number between -90 and 90, for example: -90.0000, -87, 0, 45.454545, 89.999999
$lng can be any number between -180 and 180
If any of the values is outside of expected behavior I'd like to kill the script.