1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:35 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Sanitizing

If else statement

         

Adam5000

11:03 pm on Oct 4, 2010 (gmt 0)

10+ Year Member



I'm trying to sterilize my PHP code and I'm exploring options. The trim and other functions are good and I plan to use those too, and another idea I've got is to use an if / else statement to exclude certain characters.

What I've got so far is below.

Help!

<html>
<head>
<title>Registration form</title>
</head>


<body>

<form action="test.php" method="post">

<input type="text" name="user_name">
<br>
<input type="text" name="psword">
<br>
<input type="submit" value="Submit">

</form>

<?php

if ($_POST["user_name"] || $_POST["psword"] contains \ or/ or*)

{
echo "Field contains at least one invalid character";
}

else
{
echo "All characters are valid";
}

?>

</body>
</head>

Matthew1980

7:49 am on Oct 5, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi there Adam5000,

This is where you need to have the preg_match("\\", $input) function in use so that you can 'filter' out any chars that you don't want. So:-

if ((preg_match("/^[\/*]+$/m", $_POST['user_name']) || (preg_match("/^[\/*]+$/m", $_POST['psword']))){
//pattern has matched
}
else{
//pattern not matched
}

Right, I'll call this pseudo code, as regex patterns are NOT my strong suite, you may need to play with it (I guess as Rocknbil would point out the error's in my patterns ;-)) Hopefully you get the idea of what I am trying to convey.

I would suggest as you decide what you would want to call *allowed* chars then tweak the pattern from that..

Hope that makes sense anyway.

Cheers,
MRb
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 10:35 am Apr 28, 2026