I'm developing (what I thought would be) a fairly straightforward user registration system, and have encountered a small roadblock. I need to check the desired username and password for illegal characters (basically anything non-alphanumeric except underscore). The brute force method of strstr'ing for each individual undesireable character is obviously unappealling.
Can anyone offer a more elegant solution?
A simple regexp will do the trick I think:
if (preg_match("/[A-Z0-9_]+$/i", $myusername)) print "Legal name"; else print "Illegal name";
I use this, but it's very much the same as Thor supplied:
if ( !ereg("[a-z0-9]+$", $login) ) { [wrong!] } else { [good!] }
You could expand this with this strlen($login) to check if it's long enough so users don't call themselves "a" ;-)
