preg match

Forum Moderators: coopster

Message Too Old, No Replies

preg match

ahmed24

10:28 am on Dec 14, 2009 (gmt 0)

i have a preg_match to check to see if value of $id is a digit like this:

(!preg_match('/[[:^digit:]]/', $id))

but i actually need it to check to see if it is a digit that ends with a dollar ($) symbol at the end

Cant seem to figure out how to do this

can anyone please help

thanks

ahmed24

1:05 pm on Dec 14, 2009 (gmt 0)

anyone?

neiltheblue

2:12 pm on Dec 14, 2009 (gmt 0)

dont wish to jump on somebody elses post but been as i need help on the same subject i thought it bes to post in here.

I have a messgae board and am using preg_match to stop users posting random names or characters into the name field. I have it working a treat for words but i get the error message

Warning: preg_match() [function.preg-match]: Compilation failed: nothing to repeat at offset 0

i am using the following code

elseif (preg_match ("/secret/", $name) ŚŚ preg_match ("/SECRET/", $name) ŚŚ preg_match ("/x/", $name) ŚŚ preg_match ("/?/",$name))
{
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";

like i say everything works up until the last ? field is there something different i need to put in the last field for special characters... Looking for any replies to help

Thanks

rocknbil

7:58 pm on Dec 14, 2009 (gmt 0)

i have a preg_match to check to see if value of $id is a digit like this:

First, is zero a valid digit in your scenario?

If it's "anything but zero" you don't need a preg. is_numeric() works, but that includes zero.

if ($var > 0) {
// simple enough
}

You can use is_numeric if zero is included, or

Do this first to make sure user hasn't errantly included a space or touched some other key:
$var = preg_replace('/[^\d]+/','',$var);

then

if (preg_match('/^\d+$/',$var)) { begins and ends with any number of digits

if (preg_match('/^\d$/',$var)) { begins and ends with exactly one digit

if (preg_match('/^\d{2}$/',$var)) { begins and ends with exactly two digits

if (preg_match('/^\d{4,7}$/',$var)) { begins and ends with anywhere from four to seven digits

i am using the following code

Try this.

// top of script for ease of use:
$bannedNames = Array (
'secret',
'x',
'spam-boy'
);
// This is anything NOT these characters; that is,
// it will throw away anything NOT in this list.
// No need for a-z, we will use case insensitive modifier.
$allowed_chars = 'A-Z0-9\-_'; // Escape dash, not a range

$isValid=1;
$name=preg_replace("/[^$allowed_chars]+/i",$_POST['new_user_name']); // Do this first!
foreach ($bannedNames as $nm) {
if (preg_match("/^$nm$/i",$name)) { $isValid=0; } // note case insensitive
if ($isValid==0) { break; }
}
if ($isValid==0) {
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";
exit;
}

neiltheblue

8:29 am on Dec 15, 2009 (gmt 0)

thankyou for your reply. First off i have no numeric values anywhere but in saying that i would certainly like to stop these being inserted also. I inserted your section of code at the top of my script and received the following error

Warning: Wrong parameter count for preg_replace() in addmessage.php on line 32.

I will post here my exact script so that you can see what i have happening, very basic but works a treat. Would like to stop special characters being inserted and any numbers to the name field.:

Add your Christmas message below:
<p>

<?php

if ($_POST["submit"] != "")
{
$ip = $REMOTE_ADDR;
$name = $_POST["name"];
$message = $_POST["message"];
$postedDate = date("H:i:s D dS M Y");

if (!$name ŚŚ !$message ŚŚ $name == "n/a" ŚŚ $name == "N/A")
{
echo "<p><b>Please enter a valid name and message!</b></p>";
}

elseif ($ip == "" ŚŚ $ip == "")
{
echo "You are no longer authorised to post messages.";
exit();
}

elseif (preg_match ("/secret/", $name) ŚŚ preg_match ("/SECRET/", $name) ŚŚ preg_match ("/admirer/", $name) ŚŚ preg_match ("/ADMIRER/", $name) ŚŚ preg_match ("/Secret/", $name) ŚŚ preg_match ("/Admirer/", $name) ŚŚ preg_match ("/x/", $name) ŚŚ preg_match ("/0-9/",$name))
{
echo "Please use the message board properly and enter a valid name. Inappropriate use will result in a ban. ";
exit();
}

else {
$query = "insert into christmas (name,message,ip,postedDate) values ('$name', '$message', '$ip', '$postedDate')";
mysql_query($query, $connection) or die(mysql_error());
echo "<p>Thank you $name, your message has been added to the Christmas Message Board.</p><p>Click <a href=\"index.php?page=christmas/index.php\">here</a> to return to the message board.<hr /></p>";
exit();
}
}
?>

<form method="post" action="index.php?page=christmas/addmessage.php">
Your Name:<br>
<input type="text" name="name" size="40" class="input" value="<?php echo $_POST["name"]?>" ><p />
Your Message:</b><br>
<textarea name="message" rows="10" cols="42" class="input"><?php echo $_POST["message"]?></textarea><p>
<input type="submit" value="Ho Ho Ho" name="submit" class="button">
</form>

</div>
</div>

</body>

neiltheblue

3:29 pm on Dec 15, 2009 (gmt 0)

All fixed with a bit of tweaking. Thanks

rocknbil

7:02 pm on Dec 15, 2009 (gmt 0)

Yeah, missed the replacement value, which anyone could pick up, I typed it on the fly.

$name=preg_replace("/[^$allowed_chars]+/i",$_POST['new_user_name']);

should be

$name=preg_replace("/[^$allowed_chars]+/i",'',$_POST['new_user_name']);

Or works, but you will find if you want to keep changing that list you will constantly add more or's. The looking approach works fine, allowing you to place your variables in an array at the top of the script or in a config file/database.

preg match

ahmed24

ahmed24

neiltheblue

rocknbil

neiltheblue

neiltheblue

rocknbil

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week