# [EMAIL PROTECTED] / 2007-01-18 01:48:25 -0800:
> Roman Neuhauser wrote:
> ># [EMAIL PROTECTED] / 2007-01-17 17:02:12 -0800:
> >>Beauford wrote:
> >>>   if(!preg_match("/^[-A-Za-z0-9_.' ]+$/", $string)) {
> >>>   return "Invalid Characters";
> >>>}  
> >
> >>In your regex you have a "."  this will match anything
> >>
> >>try this:
> >>
> >><plaintext><?php
> >>
> >>function ValidateString($string) {
> >>    if ( preg_match("/[^a-zA-Z0-9\_\.\' -]+/", $string) ) {
> >>            return "Invalid Characters";
> >>    }
> >>    return false;
> >>}
> >
> >That "." is inside a character class where it is a literal character
> >(matches only ".").  Why are you backslashing the underscore is beyond
> >me.
> >
> This is fine, is there any harm in escaping them?
> The match will work either way right?

It's misleading.  I don't want to be confronted with another legacy
program full of almost-reular expressions whose author didn't understand
the syntax at all, but was so stubborn that he eventually (using the
hit-and-miss method) found whatever garbage worked for him for
completely accidental reasons.

Know your tools.

-- 
How many Vietnam vets does it take to screw in a light bulb?
You don't know, man.  You don't KNOW.
Cause you weren't THERE.             http://bash.org/?255991

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to