homepage Welcome to WebmasterWorld Guest from 54.227.41.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
preg match
ahmed24

5+ Year Member



 
Msg#: 4042650 posted 10:28 am on Dec 14, 2009 (gmt 0)

i have a preg_match to check to see if value of $id is a digit like this:

(!preg_match('/[[:^digit:]]/', $id))

but i actually need it to check to see if it is a digit that ends with a dollar ($) symbol at the end

Cant seem to figure out how to do this

can anyone please help

thanks

 

ahmed24

5+ Year Member



 
Msg#: 4042650 posted 1:05 pm on Dec 14, 2009 (gmt 0)

anyone?

neiltheblue

5+ Year Member



 
Msg#: 4042650 posted 2:12 pm on Dec 14, 2009 (gmt 0)

dont wish to jump on somebody elses post but been as i need help on the same subject i thought it bes to post in here.

I have a messgae board and am using preg_match to stop users posting random names or characters into the name field. I have it working a treat for words but i get the error message

Warning: preg_match() [function.preg-match]: Compilation failed: nothing to repeat at offset 0

i am using the following code

elseif (preg_match ("/secret/", $name) preg_match ("/SECRET/", $name) preg_match ("/x/", $name) preg_match ("/?/",$name))
{
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";

like i say everything works up until the last ? field is there something different i need to put in the last field for special characters... Looking for any replies to help

Thanks

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4042650 posted 7:58 pm on Dec 14, 2009 (gmt 0)

i have a preg_match to check to see if value of $id is a digit like this:

First, is zero a valid digit in your scenario?

If it's "anything but zero" you don't need a preg. is_numeric() works, but that includes zero.

if ($var > 0) {
// simple enough
}

You can use is_numeric if zero is included, or

Do this first to make sure user hasn't errantly included a space or touched some other key:
$var = preg_replace('/[^\d]+/','',$var);

then

if (preg_match('/^\d+$/',$var)) { begins and ends with any number of digits

if (preg_match('/^\d$/',$var)) { begins and ends with exactly one digit

if (preg_match('/^\d{2}$/',$var)) { begins and ends with exactly two digits

if (preg_match('/^\d{4,7}$/',$var)) { begins and ends with anywhere from four to seven digits

i am using the following code

Try this.

// top of script for ease of use:
$bannedNames = Array (
'secret',
'x',
'spam-boy'
);
// This is anything NOT these characters; that is,
// it will throw away anything NOT in this list.
// No need for a-z, we will use case insensitive modifier.
$allowed_chars = 'A-Z0-9\-_'; // Escape dash, not a range

$isValid=1;
$name=preg_replace("/[^$allowed_chars]+/i",$_POST['new_user_name']); // Do this first!
foreach ($bannedNames as $nm) {
if (preg_match("/^$nm$/i",$name)) { $isValid=0; } // note case insensitive
if ($isValid==0) { break; }
}
if ($isValid==0) {
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";
exit;
}

neiltheblue

5+ Year Member



 
Msg#: 4042650 posted 8:29 am on Dec 15, 2009 (gmt 0)

thankyou for your reply. First off i have no numeric values anywhere but in saying that i would certainly like to stop these being inserted also. I inserted your section of code at the top of my script and received the following error

Warning: Wrong parameter count for preg_replace() in addmessage.php on line 32.

I will post here my exact script so that you can see what i have happening, very basic but works a treat. Would like to stop special characters being inserted and any numbers to the name field.:

<body>
<div align="center">
<img src="christmas/header.jpg">
</div>

Add your Christmas message below:
<p>

<div align="center">
<div class="board">

<?php

if ($_POST["submit"] != "")
{
$ip = $REMOTE_ADDR;
$name = $_POST["name"];
$message = $_POST["message"];
$postedDate = date("H:i:s D dS M Y");

if (!$name !$message $name == "n/a" $name == "N/A")
{
echo "<p><b>Please enter a valid name and message!</b></p>";
}

elseif ($ip == "" $ip == "")
{
echo "You are no longer authorised to post messages.";
exit();
}

elseif (preg_match ("/secret/", $name) preg_match ("/SECRET/", $name) preg_match ("/admirer/", $name) preg_match ("/ADMIRER/", $name) preg_match ("/Secret/", $name) preg_match ("/Admirer/", $name) preg_match ("/x/", $name) preg_match ("/0-9/",$name))
{
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";
exit();
}

else {
$query = "insert into christmas (name,message,ip,postedDate) values ('$name', '$message', '$ip', '$postedDate')";
mysql_query($query, $connection) or die(mysql_error());
echo "<p>Thank you $name, your message has been added to the Christmas Message Board.</p><p>Click <a href=\"index.php?page=christmas/index.php\">here</a> to return to the message board.<hr /></p>";
exit();
}
}
?>

<form method="post" action="index.php?page=christmas/addmessage.php">
Your Name:<br>
<input type="text" name="name" size="40" class="input" value="<?php echo $_POST["name"]?>" ><p />
Your Message:</b><br>
<textarea name="message" rows="10" cols="42" class="input"><?php echo $_POST["message"]?></textarea><p>
<input type="submit" value="Ho Ho Ho" name="submit" class="button">
</form>

</div>
</div>

</body>

neiltheblue

5+ Year Member



 
Msg#: 4042650 posted 3:29 pm on Dec 15, 2009 (gmt 0)

All fixed with a bit of tweaking. Thanks

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4042650 posted 7:02 pm on Dec 15, 2009 (gmt 0)

Yeah, missed the replacement value, which anyone could pick up, I typed it on the fly.

$name=preg_replace("/[^$allowed_chars]+/i",$_POST['new_user_name']);

should be

$name=preg_replace("/[^$allowed_chars]+/i",'',$_POST['new_user_name']);

Or works, but you will find if you want to keep changing that list you will constantly add more or's. The looking approach works fine, allowing you to place your variables in an array at the top of the script or in a config file/database.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved