whiteboikyle Posted June 23, 2008 Share Posted June 23, 2008 I need help trying to restrict charcters " ' < > / hmm and i dont think i know anymore that i need to.. Its to secruitize my login lol Quote Link to comment Share on other sites More sharing options...
effigy Posted June 23, 2008 Share Posted June 23, 2008 Better yet, do you know what you want to allow? Everything except those characters? Quote Link to comment Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 Uhmm i guess lol.. But i am trying to learn how to do it. So if you can show me both ways? that would be great Quote Link to comment Share on other sites More sharing options...
Jabop Posted June 23, 2008 Share Posted June 23, 2008 <?php $str=preg_replace("/[\hex val] | [\hex val]/","",trim($str)); ?> http://www.asciitable.com/ Quote Link to comment Share on other sites More sharing options...
effigy Posted June 23, 2008 Share Posted June 23, 2008 Two posts, two lols--What's so funny? This will detect those characters: <pre> <?php $data = '<tag>'; if (preg_match('%["\'<>/]%', $data)) { echo 'Invalid character!'; } ?> </pre> Quote Link to comment Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 seems not to be working for my function <?php function add_clan(){ global $config; $editor = $_POST['editor']; $body = $_POST['body']; $URL = $_POST['url']; $name = $_POST['name']; $date = time(); //restricts >< = ; \/ if (preg_match('%["\'<>/]%', $name)) { session_register(short); $_SESSION['short'] = "body contained a charcter that was invalid!<br /> you cant use ><=;/\ as a charcter!"; header("location: view.php?function=addclan"); } if (preg_match('%["\'<>/]%', $body)) { session_register(short); $_SESSION['short'] = "name contained a charcter that was invalid!<br /> you cant use ><=;/\ as a charcter!"; header("location: view.php?function=addclan"); } if (get_magic_quotes_gpc()) { $editor = stripslashes($editor); $body = stripslashes($body); $URL = stripslashes($URL); $name = stripslashes($name); } $editor = mysql_real_escape_string($editor); $body = mysql_real_escape_string($body); $URL = mysql_real_escape_string($URL); $name = mysql_real_escape_string($name); $query = $config->query("SELECT * FROM clans WHERE name='".$name."'"); $count=mysql_num_rows($query); $query1 = $config->query("SELECT * FROM clans WHERE URL='".$URL."'"); $count1=mysql_num_rows($query1); if(strlen($name) < "1" or strlen($name) > "25"){ session_register(short); $_SESSION['short'] = "Name '$name' was to short or to long! It must be greater then 5 charcters long and shorter then 25!"; header("location: view.php?function=addclan"); } elseif($count===1 or $count > 1){ session_register(short); $_SESSION['short'] = "The clan name you chose is already in use! Please choose another name!"; header("location: view.php?function=addclan"); } elseif($count1===1 or $count1 > 1){ session_register(short); $_SESSION['short'] = "The clan URL you chose is already in use!"; header("location: view.php?function=addclan"); } elseif(strlen($URL) < "15" or strlen($URL) > "255"){ session_register(short); $_SESSION['short'] = "URL '$URL' was to short or to long!! It must be greater then 14 and shorter then 255 charcter long!"; header("location: view.php?function=addclan"); } elseif(strlen($body) < "50"){ session_register(short); $_SESSION['short'] = "Body '$body' was to short! it must be greater then 50 charcter long!"; header("location: view.php?function=addclan"); } else{ $query = "INSERT INTO clans (ID, name, body, date, ranking, URL, editor) VALUES (NULL, '$name', '$body', '$date', '1', '$URL', '$editor')"; $result = $config->query($query); session_register(add_clan); $_SESSION['complete'] = "Clan $name has been added to our database! It will start out with a ranking of 1.<br /> Please give this 'link to come' direct link to your members to vote for! <br /> You are limited 1 vote per day per IP!<br /> <a href='main.php'>Countinue</a>"; header("location: view.php?function=addclan"); } } ?> Quote Link to comment Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 hmm whats weird is that is the only function not working. I dont even have a clue why it wouldn't be.. hmm Quote Link to comment Share on other sites More sharing options...
DarkWater Posted June 23, 2008 Share Posted June 23, 2008 Why are you using session_register()? It's deprecated. Quote Link to comment Share on other sites More sharing options...
whiteboikyle Posted June 24, 2008 Author Share Posted June 24, 2008 bump help? or could someone give me the other fucntion.. Like Allow all charcters but this because this wont work at all and i been working at it for 8 hours! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.