MDCode Posted October 24, 2012 Share Posted October 24, 2012 Ok so I've recently added strpos checking. I got username to work, added more names to check, check first name and last name too, etc. Anyways, It's not working anymore <?php $firstname = mysql_real_escape_string(htmlentities($_POST['firstname'])); $lastname = mysql_real_escape_string(htmlentities($_POST['lastname'])); $username = mysql_real_escape_string(htmlentities($_POST['username'])); $password = mysql_real_escape_string(htmlentities($_POST['password'])); $confirm = mysql_real_escape_string(htmlentities($_POST['confirm'])); $email = mysql_real_escape_string(htmlentities($_POST['email'])); // prohibited words $words = array("1", "2", "3", "20 more after this"); // check if username contains prohibited words if(strpos("$username", "$words")) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } // check if first name contains prohibited words if(strpos("$firstname", "$words")) { $errors = "<font color='red'>* First name contains prohibited words</font><br>"; } // check if lastname contains prohibited words if(strpos("$lastname", "$words")) { $errors = "<font color='red'>* Last name contains prohibited words</font><br>"; } ?> No errors but it seems to not be checking right anymore as the errors do not display. I have not touched anywhere below this section of filtering; every other filter is working right, so display isn't an issue Any help would be appreciated! Quote Link to comment Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 (edited) if(strpos($username, $words)) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } Etc, you don't need quotes, otherwise it looks for the string, not the variable. Edited October 24, 2012 by -Karl- Quote Link to comment Share on other sites More sharing options...
MDCode Posted October 24, 2012 Author Share Posted October 24, 2012 Without the quotes I get an error saying it's not a string Quote Link to comment Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 (edited) Okay, just use in_array() instead: if(in_array($username,$words)) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } If that returns an error it must be something to do with what you're passing through to the variables. Edited October 24, 2012 by -Karl- Quote Link to comment Share on other sites More sharing options...
MDCode Posted October 24, 2012 Author Share Posted October 24, 2012 woot, tyvm. Never heard of in_array() major fail on my part it seems Quote Link to comment Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 Aye, that's a lot of useful functions that hide away in the PHP docs! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.