PREG_MATCH ?? &*(%^^%#$(%^(*%$^%#^#$

PREG_MATCH ?? &(%^^%#$(%^(%$^%#^#$

davo666

Hi,

im working on a form validation method, i have gotten so much done today in the way of organising and starting off how im gonna do my form.

i came to a conclusion to submit form to PHP_SELF and if process was sent then it starts processing the form if thigs are good it Location header's to the confirmed page. (there is a lot of kerfuffle over HTTP spec relating to this so if theres an easier way, and more by the book way could you please tell me)

Any way, i got to preg_match and i just dont understand!

if(preg_match(&^{#$&%#^%(&^{(&%&^{#^&%$}&^(),}} felid 1)
{WRONG
} esle{
put into db
}

i dont get the &^(%&(&%%^&()* part, what does it all mean,

i need to validate:

email addresses

password

and allow every thing into a username - but stopping injecting

and stopping injecting on all

sorry this is a LOT of info but

thanks in advance

PS, should the errors be in one big if statement or put into an array and at the end if(array_empty( ADD INFO TO D😎

thanks

NogDog

Here is a function for validating email addresses:

/*
*  bool validEmail(str $email)
*  verify email is valid format
*/
function validEmail($email)
{
   // email address validation function
   // kudos to http://iamcal.com/publish/articles/php/parsing_email/
   $qtext = '[^\\x0d\\x22\\x5c\\xa6-\\xff]';
   $dtext = '[^\\x0d\\x5b-\\x5d\\xa6-\\xff]';
   $atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c'.
   '\\x3e\\x40\\x5b-\\x5d\\xa6-\\xff]+';
   $quoted_pair = '\\x5c[\\x00-\\xa5]';
   $domain_literal = "\\x5b($dtext|$quoted_pair)*\\x5d";
   $quoted_string = "\\x22($qtext|$quoted_pair)*\\x22";
   $domain_ref = $atom;
   $sub_domain = "($domain_ref|$domain_literal)";
   $word = "($atom|$quoted_string)";
   $domain = "$sub_domain(\\x2e$sub_domain)*";
   $local_part = "$word(\\x2e$word)*";
   $addr_spec = "$local_part\\x40$domain";
   return (preg_match("!^$addr_spec$!", $email));
}

// sample usage:
if(validEmail($_POST['email']))
{
   // it is a valid email format
}
else
{
   // it is NOT a valid email format
}

As a general example for simpler things, here's a way to verify that a string only contains letters, numbers, or spaces, begins and ends with a letter or number, and is 8-16 characters long:

if(preg_match('/^[a-zA-Z0-9][a-zA-Z0-9 ]{6,14}[a-zA-Z0-9]$/', $string))
{
   // it's OK
}
else
{
   // it's not OK
}

Lots more info at http://www.php.net/manual/en/reference.pcre.pattern.syntax.php

davo666

Thanks for replying, but im confused, i read the article but why is it talking about hex, im just gonna use the "normal" one (i never thought ide be callingn &$^%$, normal

thanks

bradgrafelman

It's simple regular expression syntax. More info can be found here.