Re: [PHP] How can I check for characters in a $_POST[] variable?
[Redirecting thread back to the list for the benefit of others.]
On 9/22/11 13:38, "Eric" wrote:
>So is $_POST["username"][0] appropriate or does that only work
>with normal variables?
As far as this sort of manipulation goes, $_POST is just like any other
variable. Referencing the 0th element of any string will give you the
first character, if there is one. (If there isn't one, you'll generate a
PHP warning or notice for trying to read out-of-bounds.)
>and would this be valid,
>$i = 0;
>while($_POST["username"][$i] != "\0")
It looks like you're trying to treat the string as a C-style string. That
won't work in PHP because PHP's strings are not null-terminated. Thus,
this will lead to an infinite loop with any strings that don't happen to
have the null character somewhere within (and most strings won't).
>{
>if($_POST["username"][$i] == "." || $_POST["username"][$i] == "..")
This line is not wrong per-se, but nor does it entirely make sense. When
you access a string as an array, each element contains one character.
Here, you're checking whether each character in turn is a period (fine) or
two periods (makes no sense, since one character cannot represent two
period characters). What you'd probably want to do is simply remove the
second condition, since a check for one period will work just as well if
the name contains two periods. That is:
if($_POST["username"][$i] == ".")
Incidentally, another tip: when comparing against a constant, as you are
in both your while() and your if(), place the constant on the left side if
the expression rather than the right. That is, write the previous if()
like this:
if ('.' == $_POST['username'])
It might look a little funny, but I assure you, someday, it'll save you a
bunch of frustrating debugging time. The reason is that if you mistype the
'==' as '=', you'll do an assignment, the value of which is then returned.
This has the net effect of 1) quietly changing your variable's value, and
2) making the overall expression always evaluate to true, sending you into
the the true part of the conditional branch, well, unconditionally.
--
Robert E. Williams, Jr.
Associate Vice President of Software Development
Newtek Businesss Services, Inc. -- The Small Business Authority
https://www.newtekreferrals.com/rewjr
http://www.thesba.com/
Notice: This communication, including attachments, may contain information that
is confidential. It constitutes non-public information intended to be conveyed
only to the designated recipient(s). If the reader or recipient of this
communication is not the intended recipient, an employee or agent of the
intended recipient who is responsible for delivering it to the intended
recipient, or if you believe that you have received this communication in
error, please notify the sender immediately by return e-mail and promptly
delete this e-mail, including attachments without reading or saving them in any
manner. The unauthorized use, dissemination, distribution, or reproduction of
this e-mail, including attachments, is prohibited and may be unlawful. If you
have received this email in error, please notify us immediately by e-mail or
telephone and delete the e-mail and the attachments (if any).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can I check for characters in a $_POST[] variable?
On 09/22/2011 10:36 PM, Robert Williams wrote:
> As an alternative to the regular expression approaches already provided by
> others, you could also use ctype_alnum():
>
> if (ctyp_alnum($_POST['username'])) {
>//username contains only letters and numbers
> } else {
>//username contains characters other than letters and numbers
> } //if-else
>
> Docs:
>
>
> As a bonus, this will likely be quite a bit quicker than the regex-based
> approaches. That said, you'd have to be making many calls (e.g., inside a
> loop) for the difference to reach the point of being noticeable. For
> something like a one-time validation on page-load, use whichever you find
> most comfortable.
>
> In your original question, you also mentioned looping through a variable
> to check for non-alphanumeric characters. The regex approach or the
> approach I outlined above is much better in this case, but as a learning
> exercise, you could do the looping like this:
>
> $validCharacters = array('a', 'e', 'i', 'o', 'u');
> for ($i = 0; $i < count($_POST['username']); $i++) {
>if (in_array($_POST['username'][$i], $validCharacters)) {
> echo 'Pass!';
> } else {
> echo 'Fail!';
>} //if-else
> } //for i
>
> The key thing to note there is that you can treat the string like it's an
> array to loop through it. For more information about this, go here:
>
>
>
> and search the page for the phrase "String access and modification by
> character".
>
>
And if you want to go the loop way, you could use range() to fill values
in $validCharacters.
$validCharacters = array_merge(range('A', 'Z'), range('a', 'z'));
--
Nilesh Govindarajan
http://nileshgr.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can I check for characters in a $_POST[] variable?
As an alternative to the regular expression approaches already provided by
others, you could also use ctype_alnum():
if (ctyp_alnum($_POST['username'])) {
//username contains only letters and numbers
} else {
//username contains characters other than letters and numbers
} //if-else
Docs:
As a bonus, this will likely be quite a bit quicker than the regex-based
approaches. That said, you'd have to be making many calls (e.g., inside a
loop) for the difference to reach the point of being noticeable. For
something like a one-time validation on page-load, use whichever you find
most comfortable.
In your original question, you also mentioned looping through a variable
to check for non-alphanumeric characters. The regex approach or the
approach I outlined above is much better in this case, but as a learning
exercise, you could do the looping like this:
$validCharacters = array('a', 'e', 'i', 'o', 'u');
for ($i = 0; $i < count($_POST['username']); $i++) {
if (in_array($_POST['username'][$i], $validCharacters)) {
echo 'Pass!';
} else {
echo 'Fail!';
} //if-else
} //for i
The key thing to note there is that you can treat the string like it's an
array to loop through it. For more information about this, go here:
and search the page for the phrase "String access and modification by
character".
Regards,
--
Robert E. Williams, Jr.
Associate Vice President of Software Development
Newtek Businesss Services, Inc. -- The Small Business Authority
https://www.newtekreferrals.com/rewjr
http://www.thesba.com/
Notice: This communication, including attachments, may contain information that
is confidential. It constitutes non-public information intended to be conveyed
only to the designated recipient(s). If the reader or recipient of this
communication is not the intended recipient, an employee or agent of the
intended recipient who is responsible for delivering it to the intended
recipient, or if you believe that you have received this communication in
error, please notify the sender immediately by return e-mail and promptly
delete this e-mail, including attachments without reading or saving them in any
manner. The unauthorized use, dissemination, distribution, or reproduction of
this e-mail, including attachments, is prohibited and may be unlawful. If you
have received this email in error, please notify us immediately by e-mail or
telephone and delete the e-mail and the attachments (if any).
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How can I check for characters in a $_POST[] variable?
Or... just use:
if(preg_match('/^[A-Za-z0-9]+$/', $_POST['username']) !== 0) {
// string contains other characters, write the code
}
You can see this regex in action here: http://regexpal.com/?flags=®ex=
^%5BA-Za-z0-9%5D%2B%24&input=myusername01
If you put anything different of A-Za-z0-9 the regex will not match.
Regards,
Igor Escobar
*Software Engineer
*
+ http://blog.igorescobar.com
+ http://www.igorescobar.com
+ @igorescobar
On Thu, Sep 22, 2011 at 10:03 AM, Igor Escobar wrote:
> Use this regex:
> if(preg_match('/[[:punct:]]/', $_POST['username']) !== 0) {
>
> // string contains other characters, write the code
> }
>
> The POSIX class [:punct:] means matches any punctuation and symbols in
> your string and that includes [!"#$%&'()*+,\-./:;<=>?@[\\\]^_`{|}~]
>
>
> Regards,
> Igor Escobar
> *Software Engineer
> *
> + http://blog.igorescobar.com
> + http://www.igorescobar.com
> + @igorescobar
>
>
>
>
>
>
> On Thu, Sep 22, 2011 at 9:17 AM, Nilesh Govindarajan > wrote:
>
>> On Thu 22 Sep 2011 08:25:29 PM IST, Eric wrote:
>> > I have this problem when using php because my computer recognizes
>> > the characters "." and ".." as an existing file when I use file_exists.
>> Also
>> > I want to check $_POST["username"] for characters other then A-Z a-z and
>> 0-9.
>> > If it contains anything other then, I would like to prompt the user but
>> > I can't seam to use foreach properly and I don't know how to itterate
>> > through the post variable with a for loop while loop or do while loop.
>>
>> file_exists() for . and .. would always return true, because they
>> really exist! . is an alias for the current directory and .. for the
>> parent directory. This is irrespective of OS.
>>
>> To search $_POST["username"] for characters other than A-Z, a-z, 0-9,
>> you can use preg_match something like this (there's an alpha class as
>> well, but I'm not sure about it):
>>
>> if(preg_match('(.*)^[A-Za-z0-9]+', $_POST['username']) !== 0) {
>> // string contains other characters, write the code
>> }
>>
>> --
>> Nilesh Govindarajan
>> http://nileshgr.com
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
Re: [PHP] How can I check for characters in a $_POST[] variable?
Use this regex:
if(preg_match('/[[:punct:]]/', $_POST['username']) !== 0) {
// string contains other characters, write the code
}
The POSIX class [:punct:] means matches any punctuation and symbols in your
string and that includes [!"#$%&'()*+,\-./:;<=>?@[\\\]^_`{|}~]
Regards,
Igor Escobar
*Software Engineer
*
+ http://blog.igorescobar.com
+ http://www.igorescobar.com
+ @igorescobar
On Thu, Sep 22, 2011 at 9:17 AM, Nilesh Govindarajan
wrote:
> On Thu 22 Sep 2011 08:25:29 PM IST, Eric wrote:
> > I have this problem when using php because my computer recognizes
> > the characters "." and ".." as an existing file when I use file_exists.
> Also
> > I want to check $_POST["username"] for characters other then A-Z a-z and
> 0-9.
> > If it contains anything other then, I would like to prompt the user but
> > I can't seam to use foreach properly and I don't know how to itterate
> > through the post variable with a for loop while loop or do while loop.
>
> file_exists() for . and .. would always return true, because they
> really exist! . is an alias for the current directory and .. for the
> parent directory. This is irrespective of OS.
>
> To search $_POST["username"] for characters other than A-Z, a-z, 0-9,
> you can use preg_match something like this (there's an alpha class as
> well, but I'm not sure about it):
>
> if(preg_match('(.*)^[A-Za-z0-9]+', $_POST['username']) !== 0) {
> // string contains other characters, write the code
> }
>
> --
> Nilesh Govindarajan
> http://nileshgr.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Re: [PHP] How can I check for characters in a $_POST[] variable?
On Thu, Sep 22, 2011 at 7:55 AM, Eric wrote:
> I have this problem when using php because my computer recognizes
> the characters "." and ".." as an existing file when I use file_exists.
> Also
> I want to check $_POST["username"] for characters other then A-Z a-z and
> 0-9.
> If it contains anything other then, I would like to prompt the user but
> I can't seam to use foreach properly and I don't know how to itterate
> through the post variable with a for loop while loop or do while loop.
$pattern = '/^[A-Za-z0-9]/';
/* http://php.net/control-structures.foreach */
foreach ($_POST as $key => $value)
{
/* http://php.net/function.preg-match */
if (preg_match($pattern, $value) > 0)
{
/* prompt user */
}
}
Re: [PHP] How can I check for characters in a $_POST[] variable?
On Thu 22 Sep 2011 08:25:29 PM IST, Eric wrote:
> I have this problem when using php because my computer recognizes
> the characters "." and ".." as an existing file when I use file_exists. Also
> I want to check $_POST["username"] for characters other then A-Z a-z and 0-9.
> If it contains anything other then, I would like to prompt the user but
> I can't seam to use foreach properly and I don't know how to itterate
> through the post variable with a for loop while loop or do while loop.
file_exists() for . and .. would always return true, because they
really exist! . is an alias for the current directory and .. for the
parent directory. This is irrespective of OS.
To search $_POST["username"] for characters other than A-Z, a-z, 0-9,
you can use preg_match something like this (there's an alpha class as
well, but I'm not sure about it):
if(preg_match('(.*)^[A-Za-z0-9]+', $_POST['username']) !== 0) {
// string contains other characters, write the code
}
--
Nilesh Govindarajan
http://nileshgr.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] How can I check for characters in a $_POST[] variable?
I have this problem when using php because my computer recognizes the characters "." and ".." as an existing file when I use file_exists. Also I want to check $_POST["username"] for characters other then A-Z a-z and 0-9. If it contains anything other then, I would like to prompt the user but I can't seam to use foreach properly and I don't know how to itterate through the post variable with a for loop while loop or do while loop.
