whiteboikyle Posted June 23, 2008 Share Posted June 23, 2008 I need help trying to restrict charcters " ' < > / hmm and i dont think i know anymore that i need to.. Its to secruitize my login lol Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/ Share on other sites More sharing options...
effigy Posted June 23, 2008 Share Posted June 23, 2008 Better yet, do you know what you want to allow? Everything except those characters? Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572541 Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 Uhmm i guess lol.. But i am trying to learn how to do it. So if you can show me both ways? that would be great Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572546 Share on other sites More sharing options...
Jabop Posted June 23, 2008 Share Posted June 23, 2008 <?php $str=preg_replace("/[\hex val] | [\hex val]/","",trim($str)); ?> http://www.asciitable.com/ Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572570 Share on other sites More sharing options...
effigy Posted June 23, 2008 Share Posted June 23, 2008 Two posts, two lols--What's so funny? This will detect those characters: <pre> <?php $data = '<tag>'; if (preg_match('%["\'<>/]%', $data)) { echo 'Invalid character!'; } ?> </pre> Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572590 Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 seems not to be working for my function <?php function add_clan(){ global $config; $editor = $_POST['editor']; $body = $_POST['body']; $URL = $_POST['url']; $name = $_POST['name']; $date = time(); //restricts >< = ; \/ if (preg_match('%["\'<>/]%', $name)) { session_register(short); $_SESSION['short'] = "body contained a charcter that was invalid!<br /> you cant use ><=;/\ as a charcter!"; header("location: view.php?function=addclan"); } if (preg_match('%["\'<>/]%', $body)) { session_register(short); $_SESSION['short'] = "name contained a charcter that was invalid!<br /> you cant use ><=;/\ as a charcter!"; header("location: view.php?function=addclan"); } if (get_magic_quotes_gpc()) { $editor = stripslashes($editor); $body = stripslashes($body); $URL = stripslashes($URL); $name = stripslashes($name); } $editor = mysql_real_escape_string($editor); $body = mysql_real_escape_string($body); $URL = mysql_real_escape_string($URL); $name = mysql_real_escape_string($name); $query = $config->query("SELECT * FROM clans WHERE name='".$name."'"); $count=mysql_num_rows($query); $query1 = $config->query("SELECT * FROM clans WHERE URL='".$URL."'"); $count1=mysql_num_rows($query1); if(strlen($name) < "1" or strlen($name) > "25"){ session_register(short); $_SESSION['short'] = "Name '$name' was to short or to long! It must be greater then 5 charcters long and shorter then 25!"; header("location: view.php?function=addclan"); } elseif($count===1 or $count > 1){ session_register(short); $_SESSION['short'] = "The clan name you chose is already in use! Please choose another name!"; header("location: view.php?function=addclan"); } elseif($count1===1 or $count1 > 1){ session_register(short); $_SESSION['short'] = "The clan URL you chose is already in use!"; header("location: view.php?function=addclan"); } elseif(strlen($URL) < "15" or strlen($URL) > "255"){ session_register(short); $_SESSION['short'] = "URL '$URL' was to short or to long!! It must be greater then 14 and shorter then 255 charcter long!"; header("location: view.php?function=addclan"); } elseif(strlen($body) < "50"){ session_register(short); $_SESSION['short'] = "Body '$body' was to short! it must be greater then 50 charcter long!"; header("location: view.php?function=addclan"); } else{ $query = "INSERT INTO clans (ID, name, body, date, ranking, URL, editor) VALUES (NULL, '$name', '$body', '$date', '1', '$URL', '$editor')"; $result = $config->query($query); session_register(add_clan); $_SESSION['complete'] = "Clan $name has been added to our database! It will start out with a ranking of 1.<br /> Please give this 'link to come' direct link to your members to vote for! <br /> You are limited 1 vote per day per IP!<br /> <a href='main.php'>Countinue</a>"; header("location: view.php?function=addclan"); } } ?> Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572638 Share on other sites More sharing options...
whiteboikyle Posted June 23, 2008 Author Share Posted June 23, 2008 hmm whats weird is that is the only function not working. I dont even have a clue why it wouldn't be.. hmm Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572695 Share on other sites More sharing options...
DarkWater Posted June 23, 2008 Share Posted June 23, 2008 Why are you using session_register()? It's deprecated. Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572714 Share on other sites More sharing options...
whiteboikyle Posted June 24, 2008 Author Share Posted June 24, 2008 bump help? or could someone give me the other fucntion.. Like Allow all charcters but this because this wont work at all and i been working at it for 8 hours! Link to comment https://forums.phpfreaks.com/topic/111548-blocking-charcters/#findComment-572959 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.