John Comerford wrote:
Hi Folks,
I am new to php.
I want to accept a character string which I will use as a unique user
id. I want to check the string to ensure the user has not typed
characters that I consider to be invalid as part of a user id. I was
thinking of doing something along the lines of:
if (strpbrk($userid, '[EMAIL PROTECTED]&*()_+=-{}[]\\|;\':"<>?,./`') <> null) {
blah, blah, blah......
it is always better to know what you want to allow and only allow those.
this will catch anything that is not a letter of the alphabet.
if ( preg_match('!^[^a-zA-Z]+$!', $userid) == 1 ) {
die('Found something other then a letter.');
}
if ( preg_match('!^[^a-zA-Z0-9]+$!', $userid) == 1 ) {
die('Found something other then a number or letter.');
}
this returns an (int) either 0 or 1
0 = it did not match anything
1 = it matched at least on char that is invalid.
check out the function here http://us2.php.net/preg_match
check out its big brother http://us2.php.net/preg_match_all
The big difference is that preg_match will only look until it finds the
first match, then it stops looking and returns.
preg_match_all finds all possible matches in the input string.
Jim
but I think that would still leave me open to control characters. I am
thinking maybe I should loop through the string character by character
and check it's ascii value (using ord) is within the range of a-z and A-Z ?
Is this the best way of achieving this ? Is there a php command to do
something similar ? I have done a few web searches and haven't come up
with much.
TIA,
JC
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
