homepage Welcome to WebmasterWorld Guest from 23.22.194.120
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Search box for blog entries
only want to allow alpha space and plus sign
Clair




msg:3309218
 10:02 am on Apr 12, 2007 (gmt 0)

Hi --
I am developing a blog system for myself. Right now all a user can do is see a list of blogs (as links which will display the whole blog) and enter a search term in a one-line form to find all blogs with that term.

I want to allow ONLY alpha chars (right now the search is not set up for boolean -- but eventually will be) spaces and a plus sign.

How would I go about this?-- I'm assuming it's pretty simple, but just haven't seen something I could use (that I completely understand-- I don't like employing code I don't fully understand!).

If they enter other stuff, I want to send them a page with a msg. that they screwed up, otherwise, I'll go ahead and do the search.

Thanks much.

Clair

 

phparion




msg:3309224
 10:16 am on Apr 12, 2007 (gmt 0)

do you want users not to enter illegal characters like +,&,# etc etc in search terms?

use regex for this e.g [a-zA-Z0-9] and no other symbol...

if you are afraid of query breaking then you can use mysql_real_escape_string() if your magic quotes are off...

but remember if you have programming related blog then you could use these symbols in your articles and this will prevent users to search for those articles...

Clair




msg:3309237
 10:39 am on Apr 12, 2007 (gmt 0)

Hi ph--

Right now the system only works with one search term (boolean not implemented yet -- so I don't know if I even need to let them use the plus sign.

Which means right now, I ONLY want alpha characters accepted -- anything else and they are out on their ears.

I think I don't know the term(s) to look for in PHP books to find the code that will look at what the form has sent to the PHP and check it for only alpha chars.

If you could tell me the function I need, I would much appreciate it.

I've set up this system and it it is working perfectly; I am now trying to implement security and can't believe this isn't a simple and common thing that I am trying to do.

Thanks again.
Clair

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved