Jump to content

preg_match Check for Special Characters

mfleming

By mfleming
in Regex Help

Recommended Posts

mfleming Member

mfleming

Posted
Posted

Hi.

 

I'm trying to create a simple function that checks my text strings (ie. firstname & lastnames ect) for illigal characters.

 

I'm using:

 

trim()

strip_tags()

as well as preg_match

 

I keep getting an echo of True if if I put in valid values.  ie.  Joe

 

From my understanding the below statement will check for the following characters:

/

^

Numbers 0 TO 9

+

:

Uppercase X TO Z letters

$/D

if(preg_match("/^[0-9]+:[X-Z]+$/D",$str))

 

Is my understanding correct or am I way off.  Not really sure about the "+$/D" or the "+:" values??

 

 

My PHP Code:

<?php
$submit = $_POST['submit'];
$firstname = strip_tags($_POST['firstname']);
if ($_POST[submit]){
	if(!checkStringText($firstname)) {
		echo "TRUE";
	} else {
		echo "FALSE";
	}
}
?>
<?php

function checkStringText($str) {
// checks proper syntax
//if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) {
//Removes white space, null, tabs, new lines from both sides
trim($str);
// Strips HTML Tags
strip_tags($str);
if(preg_match("/^[0-9]+:[X-Z]+$/D",$str)) {
	echo "special char found!";
}
}
?>

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/216680-preg_match-check-for-special-characters/
Share on other sites
.josh Advanced Member

.josh

Posted
Posted

if(preg_match("/^[0-9]+:[X-Z]+$/D",$str))

 

that pattern will return true if it finds..

 

starting at the beginning of the string, there are 1 or more numbers, followed by a literal colon, followed by one or more X,Y or Z characters followed by end of string. So for instance:

 

"323234:YXYXY" true

"1:A" false

"blah" false

 

also, you make a call to your function but don't actually return true or false, so by default it will always return true, so you will always get that "TRUE" echoing.

btherl Member

btherl

Posted
Posted

Also, when using a function like trim(), you need to assign the result into a variable.  There are some exceptions to this rule, such as the sorting functions, but usually you need to assign the result.

 

function checkStringText($str) {
// checks proper syntax
//if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) {
//Removes white space, null, tabs, new lines from both sides
$str = trim($str);
// Strips HTML Tags
$str = strip_tags($str);
if (preg_match("/^[0-9]+:[X-Z]+$/D",$str)) {
	return true;
}
        return false;
}

mfleming Member

mfleming

Posted
  • Author
Posted

I want to return TRUE if the letters a to z are entered.  But it's still always returning true.  What is wrong with the code?

 

<?php
$submit = $_POST['submit'];
$firstname = strip_tags($_POST['firstname']);

if ($_POST[submit]){
	if(!checkStringText($firstname)) {
		echo "TRUE";
	} else {
		echo "FALSE";
	}
}
?>
<?php

function checkStringText($str) {
// checks proper syntax
//if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $firstname)) {
//Removes white space, null, tabs, new lines from both sides
// /^[0-9]+:[X-Z]+$/D
$str = trim($str);
// Strips HTML Tags
$str = strip_tags($str);
if(preg_match("[a-z]",$str)) {
	return true;
} else {
	return false;
}
}
?>

mfleming Member

mfleming

Posted
  • Author
Posted

Ok, now I'm right confused. 

I updated my code and now if I enter "aa" it returns FALSE.

According to the code shouldn't it return TRUE because the letters aa are there?

 

New Code:

<?php
$submit = $_POST['submit'];
$firstname = strip_tags($_POST['firstname']);
if ($_POST[submit]){
	if(!checkStringText($firstname)) {
		echo "TRUE";
	} else {
		echo "FALSE";
	}
}
?>
<?php
function checkStringText($str) {
// checks proper syntax
$str = trim($str);
// Strips HTML Tags
$str = strip_tags($str);
if(preg_match("/aa/",$str)) {
	return true;
} else {
	return false;
}
}
?>

mfleming Member

mfleming

Posted
  • Author
Posted

Switched the returns True false and it works fine.

 

Is the following the proper format to remove special characters and unwanted characters by using  [specialchar1] | [specialchar2]...

 

(preg_match("/[0-9]|[#]|[@]|[$]/",$str))

Or is there an easier way to do this?

btherl Member

btherl

Posted
Posted

From your post where it was always returning true:

 

if(preg_match("[a-z]",$str)) {

 

That should be

 

if(preg_match("/[a-z]/",$str)) {

 

I find the best way to remove unwanted characters is to list the ones you DO want, and invert that.  For example:

 

$filtered_str = preg_replace('/[^a-zA-Z]/', '', $str);

 

That will remove anything which is NOT in the ranges a-z or A-Z.

.josh Advanced Member

.josh

Posted
Posted

okay I think you probably need to step back a minute and figure out what exactly you want to actually do here.  You've gone from checking if the string is valid to replacing invalid chars. Those are 2 different things.  And you've also randomly changed what you do and do not want to allow...

 

So you have a form field someone fills out:

 

a) what are the accepted values - only letters? letters and numbers? letters, numbers, underscore, space? anything else? minimum and maximum amount of chars allowed? give a full list.

 

b) do you want to kick back an error message if someone enters in invalid chars, or do you want to remove invalid chars? (advice: if you should probably kick back an error message if this is supposed to be for allowing a user to pick a user name - straight up removing invalid chars should only be done for sanitizing purposes).

 

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.