validating user input

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tiresome
Forum Newbie
Posts: 16
Joined: Sun Apr 18, 2004 9:45 am

validating user input

Post by tiresome »

I am using the following to validate the field where the user inputs his/her email address...

Code: Select all

<?php
if ( !checkString( $email) || !eregi( "^[A-Za-z0-9\_-]+@[A-Za-z0-9\_-]+.[A-Za-z0-9\_-]+.*", $email)) {
    echo "You have entered an <b>invalid email</b>.<br> Please go back and try again.";
    exit;
  }

?>
If I wanted to restrict the user from inputting malicious code such as <script> alert("boo");<script> could I still use the eregi function? I mean I just can't figure out what the syntax would be to not allow the user to input, for instance, '<' or '>' sign.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

a period (not escaped) matches any character.

what you have already excludes < and >
tiresome
Forum Newbie
Posts: 16
Joined: Sun Apr 18, 2004 9:45 am

Post by tiresome »

lol thanks for that! I must have left my brains at home. I am at Starbucks sipping some coffee and chilling. I actually was busting my brains out trying to come up with a way of solving that. Anyway, I appreciate your help in this one.
User avatar
mudkicker
Forum Contributor
Posts: 479
Joined: Wed Jul 09, 2003 6:11 pm
Location: Istanbul, TR
Contact:

Post by mudkicker »

can you write the latest code for me please? :)
Post Reply