Ereg_replace alternative

[EATON106]

I have the following code in my register.php file and it all seems to work fine.

 

However, I have been led to believe that ereg_replace is not suitable anymore so I was wondering what are the alternatives for my situation?

 

<?php
$cleanun = ereg_replace("[^A-Za-z0-9]", "", $_POST['username']);
if(strlen($cleanun)<'8' || strlen($cleanun)>'15')
  {
  print "<b>Register</b> - Please enter a username of between 8 and 15 letters and/or numbers.<br /><br />";
  print "Already have an account? Click <a href='signin.php' target='_self'>Sign in</a>.<br /><br />";
  print "<form name='registerform' action='register.php' method='post'>";
  print "<label>Username:</label><input type='text' name='username' maxlength='15'></input><br /><br />";
  print "<b>NOTE: Anything other than letters and numbers will be stripped from the username.</b><br /><br />";
  print "<input class='bttn' type='submit' value='Next >>'></input>";
  print "</form>";
  }
else
  {
  $con = mysql_connect("localhost","root","password");
   if (!$con)
    {
    die('Could not connect: ' . mysql_error());
    }
   mysql_select_db("hiddenbid", $con);
   $username = mysql_real_escape_string($cleanun);
   $mysql = mysql_query("SELECT username FROM users WHERE username = '$username'");
    if(mysql_num_rows($mysql)==0)
     {
     print "Congratulations, your username is available.";
     print "<br /><br />";
     print "<form name='registerform2' action='register2.php' method='post'>";
     print "<label>Username:</label><input class='hide' type='text' name='username' value='" . $cleanun . "' disabled></input>";
     print "<br /><br />";
     print "<input class='bttn' type='submit' value='Next >>'></input>";
     print "</form>";
     }
    else
     {
     print "<b>Register</b> - Please enter a username of between 8 and 15 letters and/or numbers.<br /><br />";
     print "Already have an account? Click <a href='signin.php' target='_self'>Sign in</a>.<br /><br />";
     print "Sorry, but the username " . $cleanun . " is already taken.<br /><br />";
     print "<form name='registerform' action='register.php' method='post'>";
     print "<label>Username:</label><input type='text' name='username' maxlength='15'></input><br /><br />";
     print "<b>NOTE: Anything other than letters and numbers will be stripped from the username.</b><br /><br />";
     print "<input class='bttn' type='submit' value='Next >>'></input>";
     print "</form>";
     }
  }
?>

 

Thanks in advance.

[Psycho]

From the manual for ereg_replace():

Tip

preg_replace(), which uses a Perl-compatible regular expression syntax, is often a faster alternative to ereg_replace().

 

preg_replace()

[MadTechie]

as a note your regex will need to change from

[^A-Za-z0-9]

to

/[^A-Za-z0-9]/

or

/[^A-Za-z0-9]/i

for case insensitive

[EATON106]

From the manual for ereg_replace():

Tip

preg_replace(), which uses a Perl-compatible regular expression syntax, is often a faster alternative to ereg_replace().

 

preg_replace()

 

Thanks, I did spot this but can't seem to get it to work for what I need.

 

They suggest:

 

<?php

$string = 'April 15, 2003';

$pattern = '/(\w+) (\d+), (\d+)/i';

$replacement = '${1}1,$3';

echo preg_replace($pattern, $replacement, $string);

?>

 

so I assumed this would be for me:

 

<?php

$string = '$_POST['username']';

$pattern = '[^A-Za-z0-9]';

$replacement = '';

echo preg_replace($pattern, $replacement, $string);

?>

 

or

 

<?php

$string = '$_POST['username']';

$pattern = array('[^A-Za-z0-9]');

$replacement = '';

echo preg_replace($pattern, $replacement, $string);

?>

 

However, this doesnt work. Any ideas why?

[EATON106]

as a note your regex will need to change from

[^A-Za-z0-9]

to

/[^A-Za-z0-9]/

or

/[^A-Za-z0-9]/i

for case insensitive

 

Thank you, that works nicely now!