Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Question about Regex in preg_match

Status
Not open for further replies.
SetoKaiba

SetoKaiba

Programmer
Jun 16, 2004
28
US
I'm trying to write a preg_match function that matches invalid characters in an input (in this case, a username). Here is the function:

if ( preg_match('/[^A-Za-z0-9]/', $username) ) { error; }
Based on the regex, the if-statement should return true when it matches a character other than A-Z, a-z and 0-9 meaning that it found at least one match of an invalid character.

However, when I set $username equal to "ABCD&" or "ABCD+" excluding quotes, the if-statement never becomes true (no matches found), when it should match the & and + characters. Of course, "ABCD" also will not yield and error.

I am unsure of what the error is, but I presume I am missing a flag. The input comes from $_POST, and I do not apply any functions (such as addslashes or htmlspecialchars) to the input when I run that if-statement on it.
 
Sort by date Sort by votes
I can't duplicate your script's behavior. With an HTML file that reads:

Code: 
<html>
	<body>
		<form method="post" action="test_foo.php">
			<input type="text" name="foo">
			<input type="submit">
		</form>
	</body>
</html>

and a PHP script that reads:

Code: 
<?php
if ( preg_match('/[^A-Za-z0-9]/', $_POST['foo']) )
{
	print "no good";
}
else
{
	print "good";
}

?>

I get "good" for "ABCD" and "no good" for "ABCD&" and "ABCD+"



Want the best answers? Ask the best questions! TANSTAAFL!
 
Upvote 0 Downvote
I'm a dumdum, I should have just forced input. I didn't think my scripts were physically changing input, as for some reason the + and & characters are being converted to whitespace. I'll have to look into it more.

Out of curiosity, do you have to escape the '-' character in '/[^A-Za-z0-9]/'?

ie. '/[^A-Za-z0-9/-]/' or '/[^A-Za-z0-9-]/'
 
Upvote 0 Downvote
Ignore last post. If I could edit posts here I would have.

-> Turns out it was indeed the input being messed with. I was using an AJAX script to pass the username to the server, and I was using encodeURI and not encodeURIcomponent which seems to have fixed the bug. Thanks for your help sleipnir214, woke me up more than anything.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

W
  • Question
how to send checked row data in php
Replies
0
Views
72
wiltang2004
W
SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
398
SashaBuilder3
SashaBuilder3
EdLentz
  • Locked
  • Question
Partial link in email
Replies
1
Views
220
spamjim
spamjim
SPYDERIX
  • Locked
  • Question
I suck at RegEx 1
Replies
2
Views
190
SPYDERIX
SPYDERIX
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
339
PeDa
PeDa

Part and Inventory Search

Sponsor

Back
Top