PHP 4.3.3 and MYSQL

I am constructing a site for gamers that has a member registration form with field 
'Game Handle'.  

Gamers are funny in that their game alias can include just about any character you can 
imagine.  Setting up an ereg for this would be quite difficult.  However, I *do* want 
to protect my site from any malicious data entry.

I have tried to strip_tags this field, but many gamers put their team tags in their 
handle or use < and > characters within the name, so an input like "<team9>Jester" 
results in the team being taken out and only Jester being left.  While that is not so 
bad, if the user inputs a name like G<o>D, it changes the name signficantly.

Anyone have any suggestions on how I can format the game handle variable so that it 
allows these characters while not leaving my site subject to malicious input?


Reply via email to