Character Whitelist

[chrisprse]

Hi there

 

I am currently building a text message [sMS] application and I accept a user's input from a textarea.

 

This input will be submitted to the text message [sMS] gateway.

 

I can only allow the following characters:

 

@£$¥èéùìòÇØøÅåΔ_ΦΓΛΩΠΨΣΘΞÆæßÉ !"#¤%&'()*+,-./0123456789:;<=>?¡ABCDEFGHIJKLMNOPQRSTUVWXYZÄÖÑܧ¿abcdefghijklmnopqrstuvwxyzäöñüà^}{\[~]|€

 

If the string contains ANY OTHER character, such as the copyright symbol, etc it should return false.

 

I am running into trouble with the following function:

 

function illegal_characters_check($string) {
return !preg_match('#[^' . preg_quote('@£$¥èéùìòÇØøÅåΔ_ΦΓΛΩΠΨΣΘΞÆæßÉ !"#¤%&\'()*+,-./:;<=>?¡ÄÖÑܧ¿äöñüà^}{\[~]|€', '#') . 'a-z0-9]#i', $string);
}

 

I ran into a problem earlier when trying to calculate the string length. I couldn't use strlen() so I had to use mb_strlen() instead.

 

I don't believe it's performing the check correct because of utf-8/unicode/multi-byte characters. I don't understand the encoding side of things.

 

I have seen mb_ereg() but I wouldn't know how to modify the above function.

 

Is anyone able to shed some light as to why the function is not returning FALSE if it contains any other character apart from the ones allowed?

 

Many thanks in advance - I've spent 10 solid hours on this and I'm pulling my hair out!

 

Regards

Chris

[RussellReal]

<?php
$max_length = 240;
$allowed = <<<ALLOWED
@£$¥èéùìòÇØøÅåΔ_ΦΓΛΩΠΨΣΘΞÆæßÉ !"#¤%&'()*+,-./0123456789:;<=>?¡ABCDEFGHIJKLMNOPQRSTUVWXYZÄÖÑܧ¿abcdefghijklmnopqrstuvwxyzäöñüà^}{\[~]|€
ALLOWED;
$allowed = preg_quote($allowed);
if (preg_match("/^[".$allowed."]{0,".$max_length."}$/i",$text_msg)) {
//go
} else {
//fail
}
?>