It is not necessary to use here, since it will verify that every character in that string is an integer between 0 and 9, so there isn't a way for non-digits to get in.
However, you're not necessarily checking if something is a number, for that, you should use is_numeric($num)
, and while in this case you don't have to use htmlspecialchars()
, if you're going for consistency, you should use that on all input