On Tue, 10 Nov 2009 09:34:52 -0800, Haig Davis wrote:

>         foreach($_POST as $keyTemp => $valueTemp){
>             $key = mysqlclean($keyTemp);
>             $value = mysqlclean($valueTemp);

Mysql and form validation are totally unrelated.
In my mind, this seems spectacularly misguided.

>             if($key = ("$customerServiceEmail") || ("$billingEmail")){
> if(preg_match("/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/",
> $value)){

Just as almost every other email validation regexp
I have seen, this has a few imperfections:

* It does not allow some valid email addresses (mail!...@example.com)
* It does not allow some valid domains (*.museum)
* It allows invalid email addresses (....@example.com)
* It allows invalid domains (example..com)

>                     $style = "yellow";
>                     $formMsg = "Invalid Characters";
>                     $bad = $key;

Personally, I'd put the invalid keys in an array and
mark all the problematic fields at once.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to