i want to save my website from url injection for that purpose i am using the following line to call another page with an integer id as an parameter here's the code
'<button onclick=window.location.href="admin_leadbox2.php?id=' + alert(typeof(parseInt(data[i].client_id))) + '">VIEW DETAILS</button>';
A URL is a string. A URL, or query parameters within it, has no types. Here, this is what your URL looks like:
This is all the information that the computer has too. There's no hidden flag to mark "
42" as an integer. It's just the characters
2. In a string. No different from "
42foo", which would quite obviously be a string.