[uk.php.net...]

Check out some of the other funtions if that does not do exactly what you want.

You can use the character class if you wish:

$password = $_POST['password'];
if (!eregi("^[[:digit:]]+$", $password)) {
echo "password must be numerical"; } else
{
password ok;
}

java script maybe....

function ValidateRegister()

if (document.FORMNAME.FIELDNAME.value.indexOf('1',0) ==-1 ¦¦ (document.FORMANE.FIELDNAME.value.indexOf('2',0) ==-1)) // continue this up to number 9

{
alert(\"INSERT ERROR MESSAGE HERE!\"); //show error
document.FORMNAME.FIELDNAME.select(); //move cursor to field
return false; //go no further
}
else
return true //else carry on
}

</script>

call this function with an onclick handler

EDIT... the way I've wrote this code is slightly wrong, it would produce and error if the number 1 or 2 was not present, you simply need to edit it slightly

Javascript is a good idea, but you should not rely on it. Do client and server side checks for security.

i don't want to use JavaScript because i want the php to do the work - its the php that has to pass the form result from one page back to itself and it's just easier to keep all the form validating within the php.

i found the is_numerical action from the link posted above
it works good for what i'm doing
thanks for all the help :)

BTW, i've heard if you can do it in PHP, cut the javascript down to the minimum because it will increase compatibility with really old browsers like Netscape 4 that knew a little javascript but weren't that good at it.

Its always best to do server side checking. However, using javascript can cut down on your server resources if the browser supports it. Remember that client side checking sends no data to the server, so this can help prevent any malicious code actually being executed in the first place.

I do both client side and server side. If the client side isnt a browser option, the server side check backs it up.