validating user input
Posted: Mon Apr 19, 2004 8:13 am
I am using the following to validate the field where the user inputs his/her email address...
If I wanted to restrict the user from inputting malicious code such as <script> alert("boo");<script> could I still use the eregi function? I mean I just can't figure out what the syntax would be to not allow the user to input, for instance, '<' or '>' sign.
Code: Select all
<?php
if ( !checkString( $email) || !eregi( "^[A-Za-z0-9\_-]+@[A-Za-z0-9\_-]+.[A-Za-z0-9\_-]+.*", $email)) {
echo "You have entered an <b>invalid email</b>.<br> Please go back and try again.";
exit;
}
?>