Jump to content

Archived

This topic is now archived and is closed to further replies.

Chips

Ensure strings only contain desired characters **solved**

Recommended Posts

Essentially i am trying to check my forms content to ensure that nothing is in the wrong places - eg, telephone numbers are actual numbers, emails are email address etc.

I am having trouble with other fields where i just want to have a-zA-Z0-9... and spaces.
Does anyone know how I allow spaces? I have a text area where strings of non solid text will be entered (ie, strings containing spaces between words!) - but checking them as a-zA-Z means that spaces = error.

Seeing as I am also using mssql as my database, I am concerned about sql injection, and so am wondering how i can "escape" characters that may be troublesome like ', " etc etc. I know addslashes works for mysql - but i am not sure that this escapes characters such as this in mssql - does anyone know?

Many thanks for any suggestions/pointers/help.

Share this post


Link to post
Share on other sites
Add a space to the character class.
[code]|^[a-zA-Z0-9 ]*$|[/code]

Share this post


Link to post
Share on other sites
You can escape spaces in your preg_match with something like this:

[code]
$string = preg_match("/A-Za-z\ /", $text);
[/code]

Share this post


Link to post
Share on other sites
- To allow spaces, include a space within your character class: [A-z0-9 ]
- Construct your SQL as usual, but use the mysql or mysqli _real_escape_string function.

Share this post


Link to post
Share on other sites
Many thanks folks, I did try shoving a space in there - but didn't notice the change at all... however, knowing how sloppy I can get at times, i wouldn't be suprised if I messed up somewhere.,

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.