Page 1 of 1
Filter input to only letters and numbers
Posted: Wed Jan 31, 2007 5:10 pm
by tarja311
Hello all.
I have an input form that sends data to my database. This is fine, the problem is my extremely basic filtering. I am trying to make it so only letters ( a-z A-Z ) and numbers are allowed through. I think i am using preg_match incorrectly because it only checks if the first digit is valid or invalid. It does not validate the whole string.
example
valid : abc123
invalid : abc_#123
Code: Select all
if(!preg_match('/a-z A-Z 0-9 {1, 20}/', $input){
// exit ...
}else{
// continue ...
}
Any ideas?
Thanks
-- tarja
Posted: Wed Jan 31, 2007 5:39 pm
by superdezign
Firstly, you forgot the parentheses (which I assume was from the way you wrote it to the board hopefully), but yeah:
Code: Select all
if(!preg_match('/[a-zA-Z0-9]{1, 20}/', $input))
Posted: Wed Jan 31, 2007 6:04 pm
by tarja311
typo'd.
Maybe i don't understand how preg_match works. With the code you provided, if i type in #, it says it's invalid, which is good. but if i type #a it says it's valid. I don't get it.
Posted: Wed Jan 31, 2007 6:07 pm
by RobertGonzalez
Posted: Wed Jan 31, 2007 6:31 pm
by tarja311
Thanks that is exactly what i'm looking for.
Posted: Wed Jan 31, 2007 6:36 pm
by RobertGonzalez
Glad I could help.
Posted: Wed Jan 31, 2007 8:12 pm
by Ollie Saunders
The reason why the regex allowed #a is because it only have to find a match somewhere inside the string. For instance
Regex: /abc/
you should learn your abcs - match found
To prevent this you should use the start (^) and end ($) assertions. Which basically say there should be nothing before and nothing after, respectively.
Regex: /^abc$/
you should learn your abcs - no match found
abc - match found
Posted: Wed Jan 31, 2007 8:23 pm
by tarja311
Thanks for that info. noted.

Posted: Wed Jan 31, 2007 10:04 pm
by superdezign
Silly me. \b is an alternative right? That's what I use.
Posted: Thu Feb 01, 2007 12:58 am
by feyd
\b is for word boundaries. Symbols and spaces are boundaries..

Posted: Thu Feb 01, 2007 1:05 am
by superdezign
I always wondered why anyone would use ^$... \b is so much neater in my opinion.

Posted: Thu Feb 01, 2007 2:39 am
by onion2k
I've never noticed the ctype functions before. Crazy useful.
Posted: Thu Feb 01, 2007 8:35 am
by Z3RO21
ole wrote:The reason why the regex allowed #a is because it only have to find a match somewhere inside the string. For instance
Regex: /abc/
you should learn your abcs - match found
To prevent this you should use the start (^) and end ($) assertions. Which basically say there should be nothing before and nothing after, respectively.
Regex: /^abc$/
you should learn your abcs - no match found
abc - match found
Noted as well, thanks ole!
Posted: Thu Feb 01, 2007 10:21 am
by RobertGonzalez
onion2k wrote:
I've never noticed the ctype functions before. Crazy useful.
Dude, these are way useful. All of them. As soon as I found out about them I started using them. They are very nice.
