MDCode Posted October 24, 2012 Share Posted October 24, 2012 Ok so I've recently added strpos checking. I got username to work, added more names to check, check first name and last name too, etc. Anyways, It's not working anymore <?php $firstname = mysql_real_escape_string(htmlentities($_POST['firstname'])); $lastname = mysql_real_escape_string(htmlentities($_POST['lastname'])); $username = mysql_real_escape_string(htmlentities($_POST['username'])); $password = mysql_real_escape_string(htmlentities($_POST['password'])); $confirm = mysql_real_escape_string(htmlentities($_POST['confirm'])); $email = mysql_real_escape_string(htmlentities($_POST['email'])); // prohibited words $words = array("1", "2", "3", "20 more after this"); // check if username contains prohibited words if(strpos("$username", "$words")) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } // check if first name contains prohibited words if(strpos("$firstname", "$words")) { $errors = "<font color='red'>* First name contains prohibited words</font><br>"; } // check if lastname contains prohibited words if(strpos("$lastname", "$words")) { $errors = "<font color='red'>* Last name contains prohibited words</font><br>"; } ?> No errors but it seems to not be checking right anymore as the errors do not display. I have not touched anywhere below this section of filtering; every other filter is working right, so display isn't an issue Any help would be appreciated! Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/ Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 if(strpos($username, $words)) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } Etc, you don't need quotes, otherwise it looks for the string, not the variable. Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/#findComment-1387571 Share on other sites More sharing options...
MDCode Posted October 24, 2012 Author Share Posted October 24, 2012 Without the quotes I get an error saying it's not a string Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/#findComment-1387572 Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 Okay, just use in_array() instead: if(in_array($username,$words)) { $errors = "<font color='red'>* Username contains prohibited words</font><br>"; } If that returns an error it must be something to do with what you're passing through to the variables. Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/#findComment-1387574 Share on other sites More sharing options...
MDCode Posted October 24, 2012 Author Share Posted October 24, 2012 woot, tyvm. Never heard of in_array() major fail on my part it seems Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/#findComment-1387576 Share on other sites More sharing options...
-Karl- Posted October 24, 2012 Share Posted October 24, 2012 Aye, that's a lot of useful functions that hide away in the PHP docs! Link to comment https://forums.phpfreaks.com/topic/269875-major-strpos-failure/#findComment-1387577 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.