$temp = $_GET['password'];
is_numeric($temp)?die("no numeric"):NULL;
if($temp>1336){
echo $flag;
is_numeric
同样可以用数组绕过、%00截断、添加其他字符
http://123.206.87.240:9009/22.php?password[]=1
http://123.206.87.240:9009/22.php?password=9999a
http://123.206.87.240:9009/22.php?password=9999%00
flag{bugku_null_numeric}