One Bad Omen Posted September 17, 2006 Share Posted September 17, 2006 Hi, I've got my forms working and it goes into the database all fine but I don't know how to make it where they can only enter a-z, 0-9 and spaces. Anybody know of a simple way to validate a form with these conditions? I'm already using the mysql_real_escape_string() and strip_tags() for security but it doesn't stop people from puting in other things like *,$,!., and so on. Any help will be greatly appriciated! Link to comment Share on other sites More sharing options...
murfitUK Posted September 18, 2006 Share Posted September 18, 2006 Probably need to use the ereg or eregi functions. Have a look at this page:http://uk2.php.net/manual/en/function.eregi.phpCan't help more as haven't yet plucked up the courage to use it! Link to comment Share on other sites More sharing options...
justsomeguy Posted September 18, 2006 Share Posted September 18, 2006 It looks like you can use the strcspn function to accomplish this:http://www.php.net/manual/en/function.strcspn.php $allowed = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ";if (strcspn($input_string, $allowed) != 0){ //contains characters other than those in the $allowed string}else{ //only contains characters in the $allowed string} Link to comment Share on other sites More sharing options...
MoZo1 Posted September 19, 2006 Share Posted September 19, 2006 1 more thing: with mysql_real_escape_string() and strip_tags() you can use that characters (and even the ' character) safely. They're unnecessary with this check (because the allowed characters can't be used for attack), but still recommended as double check. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now