need help with a regular expression

escanive

Hi,

I'm currently creating my own forum "from skratch" (reason: I want features that other free forum solutions can't offer me, and don't need all of their features).

I'm now working on the "generate new password" part and I need a little help to use regular expressions to check that the validation code is in the correct format (in order to protect the forum from SQL injections).

The validationcode consists of 16 characters - (lower caps) letters and numbers. For example "d7c2xqz5tw1bj00v" or "4m3sh0bqkr1285gt"

In order to do this, I'm using:

$code = $_GET['code'];
if (!preg_match("/^{[a-z0-9]{16}$/",$code))} die ("Invalid validationcode");

It seems to be working for validationcodes consisting of BOTH letters and numbers, however, I believe that the function generating the code (http://www.laughing-buddha.net/jon/php/password/) will sooner or later generate a code with only letters (as it contains 20 of them, each of which it will only use once in a code). Therefore, I also want the regular expression to accept a validation code consisting of only lower caps letters.

Your help is much appreciated. Best regards,

escanive

Weedpacket

It already does.

But personally I'd check the length separately, and then check that there aren't any invalid characters.

if(strlen($code)!=16 || preg_match('/[^0-9a-z]/', $code)

escanive

Weedpacket;10887213 wrote:
It already does.

But personally I'd check the length separately, and then check that there aren't any invalid characters.
if(strlen($code)!=16 || preg_match('/[^0-9a-z]/', $code)

1) Yes, I realised that a while after posting ^{^;} - must have done some error while testing.
2) I will consider that. Thanks 🙂