Jump to content


Photo

Ensure strings only contain desired characters **solved**


  • Please log in to reply
4 replies to this topic

#1 Chips

Chips
  • Members
  • PipPipPip
  • Advanced Member
  • 68 posts

Posted 15 June 2006 - 02:28 PM

Essentially i am trying to check my forms content to ensure that nothing is in the wrong places - eg, telephone numbers are actual numbers, emails are email address etc.

I am having trouble with other fields where i just want to have a-zA-Z0-9... and spaces.
Does anyone know how I allow spaces? I have a text area where strings of non solid text will be entered (ie, strings containing spaces between words!) - but checking them as a-zA-Z means that spaces = error.

Seeing as I am also using mssql as my database, I am concerned about sql injection, and so am wondering how i can "escape" characters that may be troublesome like ', " etc etc. I know addslashes works for mysql - but i am not sure that this escapes characters such as this in mssql - does anyone know?

Many thanks for any suggestions/pointers/help.

#2 poirot

poirot
  • Members
  • PipPipPip
  • Advanced Member
  • 646 posts
  • LocationAustin, TX

Posted 15 June 2006 - 02:36 PM

Add a space to the character class.
|^[a-zA-Z0-9 ]*$|

~ D Kuang

#3 Vorlin

Vorlin
  • Members
  • Pip
  • Newbie
  • 3 posts

Posted 15 June 2006 - 02:36 PM

You can escape spaces in your preg_match with something like this:

$string = preg_match("/A-Za-z\ /", $text);


#4 effigy

effigy
  • Staff Alumni
  • Advanced Member
  • 3,600 posts
  • LocationIL

Posted 15 June 2006 - 02:38 PM

- To allow spaces, include a space within your character class: [A-z0-9 ]
- Construct your SQL as usual, but use the mysql or mysqli _real_escape_string function.
Regexp | Unicode Article | Letter Database
/\A(e)?((1)?ff(?:(?:ig)?y)?|f(?:ig)?)\z/

#5 Chips

Chips
  • Members
  • PipPipPip
  • Advanced Member
  • 68 posts

Posted 15 June 2006 - 02:46 PM

Many thanks folks, I did try shoving a space in there - but didn't notice the change at all... however, knowing how sloppy I can get at times, i wouldn't be suprised if I messed up somewhere.,




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users