[SOLVED] validation to not allow russian, hebrew, chinese, and other non-english chars

[sKunKbad]

PHP 5.2.5

I'm trying to validate some post vars so that the only thing that gets through is standard english keyboard type characters. So far I've added some Russian and Hebrew characters, but I'd expect that at some time I may encounter Chinese, Japanese, and many other characters. Here is what I have so far:

 

<?php
$badWord = array(
//phpfreaks converts the Russian and Hebrew chars, so I can't show you the chars, but they are just standard Russian and Hebrew chars.
);
foreach ($_POST as $dirtyString){
	foreach ($badWord as $unwanted){
		$testedString = strpos($dirtyString,$unwanted);
		if ($testedString){
			die();
		}
	}
}
?>

 

Is there a better way, and more complete way of doing what I want to do for all non-english chars?

[DarkWater]

Just use a regex.

[Adam]

not too sure if this helps but i found this...

 

preg_replace('/[^\x09\x0A\x0D\x20-\x7F\xC0-\xFF]/', '', $string);

 

at: http://www.sitepoint.com/blogs/2005/04/19/character-encodings-and-input/

 

... which says that will strip out any characters not in ISO-8859-1.

 

Also if you have the ability to enable functions with your PHP config look into "mbstring()" ...

 

 

Adam

[sKunKbad]

I ended up using some simple regex that I created with regexbuddy. It seems to work, so I'm pleased, but hoping it doesn't somehow backfire on me later:

 

foreach ($_POST as $dirtyString){
	if (preg_match('/[^-\s A-Z0-9~!@#$%^&*()_+`=;:\'",<.>?|}{[\]\/\\\\]/i', $dirtyString)) {
		die();
	}
}