siwelis Posted May 18, 2007 Share Posted May 18, 2007 I'm trying to figure out how to do this while hoping it's the right way to do it; The part that determines if user inputs "ANY IRREGULAR CHARACTERS OR CODE" (sql/php) what I don't know how to do. $inputerrors = "You've had some inputting problems, dude." if($_POST['article_title'] HAS ANY IRREGULAR CHARACTERS OR CODE) //then return; $inputerrors .= "It seems as though you're trying to pass code into our servers. Your IP address is $gosun and your ISP is $goto. A likely photo and address of you may be $crossreferenced. If this happens more than 3 times, you will be banned and $goto will be informed of any malicious conduct. If you would just like to hack please go to my hacking server and have some educational malicious fun there."; echo $inputerrors; exit(); Thank you for all of your help. I try to answer questions on here if I can so I can give back too... And once I'm making money from my site of course, I will still be coming here for help most likely and definitely donating to show my appreciation. Thank you! Any suggestions? Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/ Share on other sites More sharing options...
warewolfe Posted May 18, 2007 Share Posted May 18, 2007 What characters to you want to permit? Only Alphanumerics? Or some others like hyphen and single quotes? Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256667 Share on other sites More sharing options...
siwelis Posted May 18, 2007 Author Share Posted May 18, 2007 I want to accept anything that can't be executed as code... If that's too general then alphanumerics would do. Thank you for your response! Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256676 Share on other sites More sharing options...
warewolfe Posted May 18, 2007 Share Posted May 18, 2007 function checkInput($string) { return preg_match('/^[a-z0-9\s]*$/i', $string); } This will accept letters, number and spaces. If you want full stops and other punctuation just escape the character and add within the square brackets. eg [a-z09\s\.] will let people add a full stop at the end of a sentence. Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256701 Share on other sites More sharing options...
warewolfe Posted May 18, 2007 Share Posted May 18, 2007 also it may be a good idea to put to following in as well $input = htmlentities($_POST['article_title'],ENT_QUOTES,UTF-; if(checkInput($input)) { echo"accepted<br />"; } else { echo"rejected<br />"; } Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256707 Share on other sites More sharing options...
siwelis Posted May 18, 2007 Author Share Posted May 18, 2007 Thank you. You have led me in the right direction! Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256720 Share on other sites More sharing options...
siwelis Posted May 19, 2007 Author Share Posted May 19, 2007 function checkInput($string) { return preg_match('/^[a-z0-9\s]*$/i', $string); } This will accept letters, number and spaces. If you want full stops and other punctuation just escape the character and add within the square brackets. eg [a-z09\s\.] will let people add a full stop at the end of a sentence. I'm actually still trying to figure out where to use this code... Quote Link to comment https://forums.phpfreaks.com/topic/52062-solved-figuring-out-secure-form-input/#findComment-256776 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.