Andre,
> Thanks DL,
=a pleasure
> I've read that part of the manual. My original syntax was as you
> suggested [^a-zA-Z-'], but the PostgreSQl query barfed on the apostrophe.
=these are two quite separate things (1) and (4):
1 accept input ($_POST)
2 validate input
3 prepare input for storage
4 store the input data
> The preg_match works, but the db refuses to accept the apostrophe. Reading
> the postgresql docs, they suggest escaping the character, but since the
> variable is contained in $_POST['ssname'] I don't know how to get the
escaped
> character inserted into this POST'd variable.
>
> After the validation check :
>
> if (!preg_match("^[a-zA-Z-/\'/]^", $_POST['ssname'])) die . . . . .
>
> the POST'd variable is transformed:
>
> $_POST['ssname'] = ucwords("{$_POST['ssname']}");
> $_SESSION['ssname'] = $_POST['ssname'];
> $_SESSION['ssname'] = ucwords("{$_SESSION['ssname']}");
>
> and then inserted into the db:
>
> "INSERT INTO sponsor (sid, sfname, ssname, . . . '{$_SESSION['ssname']}',
. .
> . .
>
> So, how would I get this escaped character into the db?
>
> Any further help would be greatly appreciated. I'm stumped on this one.
> Perhaps, I'll have to exclude apostrophes, but there must be a way??
=with PHP there's usually a way...
=throw 'escape database' (apostrophe will work too) at the PHP manual's
search facility (the manual is really v.good!) and it will respond with a
reference to ADDSLASHES(), which will do as you ask - there is also a
reference to a PG function (I'm not a PostGres user so can't assess if that
might hold some advantage in your situation).
=hope that helps,
=dn
> On Wednesday 28 August 2002 06:16 am, DL Neil wrote:
> > > I'm trying to get an apostrophe (and a dash, as well) to be
> > > included in a preg_match expression, but I don't know how to escape
the
> > > characters.
> >
> > The manual discusses which characters need escaping and how to escape
> > characters: http://www.php.net/manual/en/pcre.pattern.syntax.php
> >
> > > <?php
> > > if (preg_match("^[!a-zA-Z-/\\\'/]^", $_POST['ssname'])) die
> > > ("<h5>Numbers and special characters not allowed in 'Surname'<br><br>
> > > Click 'Back' on your browser to re-enter
> > > information.</h5>");
> > >
> > > ?>
> > > Any help will be greatly appreciated.
> >
> > Keep it simple: [^a-zA-Z-']
> >
> > Regards,
> > =dn
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
