FormHandler problem...
Posted: Sun Mar 28, 2004 6:19 pm
I have a script that validates all my forms, when i try and validate the logon password, it allways errors on the eregi() function, saying I have unsuported characters. I want passwords to be able to have alphebetic characters, numbers, and a hyphen '-'. Here is my code:
(I know the code is not complete, I just need to figure out why it errors on the passwords character string.
Code: Select all
<?php
if (isset($_GET['logon'])) {
//create form array
foreach ($_POST as $varname => $value) {
$formVars[$varname] = trim($value);
}
//validate username field
if (empty($formVars['logon'])) {
echo '<p><b>Username error:</b> No username specified. This field cannot be left blank.</p>';
$errors = 1;
}
elseif (strlen($formVars['logon']) < 6) {
echo '<p><b>Username error:</b> Your username must be at least 6 characters long.</p>';
$errors = 1;
}
elseif (!eregi("^[a-z1-9-]*$", $formVars['logon'])) {
echo '<p><b>Username error:</b> The username field contains unsupported characters. Please only use alphebetic letters, numbers, or "-".</p>';
$errors = 1;
}
elseif (strlen($formVars['logon']) > 50) {
echo '<p><b>Username error:</b> Your username cannot exceed 50 characters.</p>';
$errors = 1;
}
//validate password field
if (empty($formVars['password'])) {
echo '<p><b>Password error:</b> No password specified. This field cannot be left blank.</p>';
$errors = 1;
}
elseif (strlen($formVars['password']) < 6) {
echo '<p><b>Password error:</b> You password must be at least 6 characters long.</p>';
$errors = 1;
}
elseif (!eregi("^[a-z1-9-]*$", $formVars['password'])) {
echo '<p><b>Password error:</b> The password field contains unsupported characters. Please only use alphebetic letters, numbers, or "-".</p>';
$errors = 1;
}
elseif (strlen($formVars['password']) > 50) {
echo '<p><b>Password error:</b> Your password cannot exceed 50 characters.</p>';
$errors = 1;
}
//check for erros and die if any are present
if (isset($errors)) {
die();
}
//encrypt password
$password = $formVars['logon']['0'] . $formVars['password'] . $formVars['logon']['5'];
$password = md5($password);
//connect to database
require('inc/common/mysql_connect.php');
//query databse
$query = "SELECT * WHERE logon = {$formVars['logon']}, password = {$password})";
@ mysql_query($query) or die (mysql_error());
}
elseif (isset($_GET['logoff'])) {
echo 'exicute logoff script';
}
elseif (isset($_GET['register'])) {
echo 'exicute register script';
}
elseif (isset($_GET['updateprofile'])) {
echo 'exicute update profile script';
}
else {
echo 'No action was specified. If you would like to blaim someone, e-mail the webmaster.';
}
?>