Re: PHP Input Checking
- From: Kim André Akerø <kimandre@xxxxxxxxxxxxxxxxxx>
- Date: 27 Apr 2006 17:48:46 GMT
Kingo wrote:
I have a HTML form where the user can type in certain values, but I
only want them to able able to submit integers (0-9). I post to a PHP
page with the following "snippit" of code (all the variables have been
properly assigned):
// Checks for illegal chars
$illegal_chars = array("`", "~", "!", "@", "#", "$", "%", "^", "&",
"*", "(", ")", "-", "_", "=", "+", "q", "w", "e", "r", "t", "y", "u",
"i", "o", "p", "[", "{", "]", "}", "\\", "|", "a", "s", "d", "f", "g",
"h", "j", "k", "l", ";", ":", "'", "\"", "z", "x", "c", "v", "b", "n",
"m", ",", "<", ".", ">", "/", "?");
foreach ($illegal_chars as $value) {
if (stripos($db_mysql, $value)) { $pass1 = "f"; }
elseif (stripos($db_postgre, $value)) { $pass2 = "f"; }
elseif (stripos($db_oracle, $value)) { $pass3 = "f"; }
elseif (stripos($email_basic, $value)) { $pass4 = "f"; }
elseif (stripos($email_exchange, $value)) { $pass5 = "f"; }
elseif (stripos($ftp_users, $value)) { $pass6 = "f"; }
elseif (stripos($domain_subdomains, $value)) { $pass7 = "f"; }
else {}
}
The code will not work, and I can't see why. The variables
$pass1-pass7 aren't set after the foreach() loop, no matter what is
in the input!
Any ideas?
Have you tried using a regex?
Example:
if (preg_match($string,'/\D/') > 0) {
// contains illegal characters
}
Replace $string with the string variable you want to check. The \D
means any character that isn't a decimal digit, which is probably what
you want to check the string for.
http://php.net/preg_match
http://php.net/reference.pcre.pattern.syntax
--
Kim André Akerø
- kimandre@xxxxxxxxxxxxxxxxxx
(remove NOSPAM to contact me directly)
.
- References:
- PHP Input Checking
- From: Kingo
- PHP Input Checking
- Prev by Date: Point script "snif" to different directory?
- Next by Date: Form Data Not Sent by Browser
- Previous by thread: Re: PHP Input Checking
- Next by thread: Get Current Script File Name
- Index(es):
Relevant Pages
|
