wrathican Posted April 20, 2008 Share Posted April 20, 2008 hey there. how do i check a string to see if it contains unwanted characters. like characters stored in an array? thanks Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/ Share on other sites More sharing options...
jonsjava Posted April 20, 2008 Share Posted April 20, 2008 <?php $allowed_chars = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0', '!', '@', '$', '.', '+'); $word1 = str_split($_POST['word1']); $is_invalid = array(); foreach ($word1 as $value){ if (!in_array($value, $allowed_chars)){ $invalid_check['0'] = 1; } } if ($is_invalid['0'] = 1){ //boot them or something } //so on and so forth ?> Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521789 Share on other sites More sharing options...
wrathican Posted April 20, 2008 Author Share Posted April 20, 2008 hey thanks for the reply, but im looking for something a little simpler. i tried my hand at this and made this: <?php $string = "Hello!??!?"; $badchars = array( '!', '@', '£', '$', '%', '^', '&', '*', '(', ')', '_', '+', '=', '-', ']', '[', '\\', ';', '/', '.', ',', '`', '~', '<', '>', '?', ':', '"', '|', '{', '}', ' ', ); if (strpos($string, $badchars) === true) { echo "Invalid string"; } ?> in theory it looks like this should work. but it doesn't pick it up. Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521813 Share on other sites More sharing options...
jonsjava Posted April 20, 2008 Share Posted April 20, 2008 This version tested to work. <?php $string = "Hello!??!?"; $string_array = str_split($string); $badchars = array('!','@','£','$','%','^','&','*','(',')','_','+','=','-',']','[','\\',';','/','.',',','`','~','<','>','?',':','"','|','{','}',' '); foreach ($string_array as $value){ if (in_array($value, $badchars) == true) { echo "Invalid string"; exit(); } } ?> Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521818 Share on other sites More sharing options...
wrathican Posted April 20, 2008 Author Share Posted April 20, 2008 perfect, i just realised i could make it a function. silly me Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521828 Share on other sites More sharing options...
GingerRobot Posted April 20, 2008 Share Posted April 20, 2008 Regular expressions would be an awful lot easier... Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521949 Share on other sites More sharing options...
dptr1988 Posted April 20, 2008 Share Posted April 20, 2008 Yes, regular expression might be eaiser for someone that knows them, but strpbrk() would be even easier and would be faster too. http://us.php.net/manual/en/function.strpbrk.php <?php $string = "Hello!??!?"; $badchars = '!@£$%^&*()_+=-][\;/.,`~<>?:"|{} \''; if (strpbrk($string, $badchars) !== false) { echo "Invalid string"; exit(); } ?> Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521957 Share on other sites More sharing options...
GingerRobot Posted April 20, 2008 Share Posted April 20, 2008 That's a new function for me and it would no doubt be quicker, since it doesn't use regex. On the otherhand, i think it's safer to have a whitelist of characters than a blacklist - it would be very easy to forget some of the characters you wanted to disallow. Link to comment https://forums.phpfreaks.com/topic/101957-solved-checking-if-a-string-contains-unwanted-characters/#findComment-521963 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.