homepage Welcome to WebmasterWorld Guest from 54.204.215.209
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Sanitizing
If else statement
Adam5000




msg:4211282
 11:03 pm on Oct 4, 2010 (gmt 0)

I'm trying to sterilize my PHP code and I'm exploring options. The trim and other functions are good and I plan to use those too, and another idea I've got is to use an if / else statement to exclude certain characters.

What I've got so far is below.

Help!

<html>
<head>
<title>Registration form</title>
</head>


<body>

<form action="test.php" method="post">

<input type="text" name="user_name">
<br>
<input type="text" name="psword">
<br>
<input type="submit" value="Submit">

</form>

<?php

if ($_POST["user_name"] || $_POST["psword"] contains \ or/ or*)

{
echo "Field contains at least one invalid character";
}

else
{
echo "All characters are valid";
}

?>

</body>
</head>

 

Matthew1980




msg:4211446
 7:49 am on Oct 5, 2010 (gmt 0)

Hi there Adam5000,

This is where you need to have the preg_match("\\", $input) function in use so that you can 'filter' out any chars that you don't want. So:-

if ((preg_match("/^[\/*]+$/m", $_POST['user_name']) || (preg_match("/^[\/*]+$/m", $_POST['psword']))){
//pattern has matched
}
else{
//pattern not matched
}

Right, I'll call this pseudo code, as regex patterns are NOT my strong suite, you may need to play with it (I guess as Rocknbil would point out the error's in my patterns ;-)) Hopefully you get the idea of what I am trying to convey.

I would suggest as you decide what you would want to call *allowed* chars then tweak the pattern from that..

Hope that makes sense anyway.

Cheers,
MRb

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved