Jump to content

Archived

This topic is now archived and is closed to further replies.

russia5

Regex my form data

Recommended Posts

From a previous post, I understand the general Regex formula and application.
if (!preg_match("/[a-z0-9]$/i", $id))
{
    die ("incorrect name.");
}

where $id = $_Post('id');

Except, does this only limit small letters?  The post said this included cap letters too.

Also, I need to include:  . and ? and ! and ' and " and :

Another question, is that mysql_real_escape_string() puts in the escapes but they do not change the context of the output ie)  O'Rielly
will not be O/'Rielly.  either in the db or in the output.

Does preg_match do the same thing?  If we input say $DELETE will $DELETE appear on the output (given the above Regex)  If not, what will appear in place of $?

Thanks to all who contemplate my issues.

Share this post


Link to post
Share on other sites
The below regex:
[b]/[a-z0-9]$/i[/b]
Is case-insensitive, it allows upper and lower case letters, as you have the [b]i[/b] syntax mofifier at the end of the regex. It also allows numbers 0-9

If you want to allow the following characters in the expression
. ? ! ' " :
You'll need to add them to them in to the regular expression
/[a-z0-9\.:\?'\"]$/i

About mysql_real_escape_string make sure you [b]are connected[/b] to MySQL before you use mysql_real_escape_string. This function is a mysql specific function and requires a connection to mysql in order to function.

Share this post


Link to post
Share on other sites
Thankyou very much!  I found out about the mysql_real_escape_string() after the connection already and by "the school of hard knocks!"  Does the preg_match() have to be after the database conn too.  Since it is a php function and not a MySQL, I assume not.  Also, is there a way of telling rather preg_match() works.  Can you look in the database, or pull it from the database such as displaying the data in my admin and tell.  You can't in mysql_real_escape_string()  Thanks Greg

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.