# [EMAIL PROTECTED] / 2007-01-18 01:48:25 -0800:
> Roman Neuhauser wrote:
> ># [EMAIL PROTECTED] / 2007-01-17 17:02:12 -0800:
> >>Beauford wrote:
> >>> if(!preg_match("/^[-A-Za-z0-9_.' ]+$/", $string)) {
> >>> return "Invalid Characters";
> >>>}
> >
> >>In your regex you have a "." this will match anything
> >>
> >>try this:
> >>
> >><plaintext><?php
> >>
> >>function ValidateString($string) {
> >> if ( preg_match("/[^a-zA-Z0-9\_\.\' -]+/", $string) ) {
> >> return "Invalid Characters";
> >> }
> >> return false;
> >>}
> >
> >That "." is inside a character class where it is a literal character
> >(matches only "."). Why are you backslashing the underscore is beyond
> >me.
> >
> This is fine, is there any harm in escaping them?
> The match will work either way right?
It's misleading. I don't want to be confronted with another legacy
program full of almost-reular expressions whose author didn't understand
the syntax at all, but was so stubborn that he eventually (using the
hit-and-miss method) found whatever garbage worked for him for
completely accidental reasons.
Know your tools.
--
How many Vietnam vets does it take to screw in a light bulb?
You don't know, man. You don't KNOW.
Cause you weren't THERE. http://bash.org/?255991
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
