Tracy R Reed wrote:
>
> Anyone know of a better way to do this? I did some PHP between 1998 and
> 2000 and haven't touched it since so I am way out of date on PHP.
If you know that you are expecting a name, validate that all characters
are valid for names. I would tend to think that would be something like
[A-Za-z ."]+
I. Lewis "Scooter" Libby
(of course, in the real world, you want to allow for fancier
characters, like accents and tildes)
If you know you are looking for a telephone number,
[0-9. -]+
Lather, rinse, repeat.
It is better to whitelist what you expect than to try to blacklist what
is bad.
-john
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
