Re: [PHP] Validating user input
Try this:
if (is_numeric($txt1) && (float)$txt1<24 &&
(strlen($txt1)-strpos($txt1,"."))<=3) {
echo "True";
}
else {
echo "False";
};
Misha
PHP Genie
"Electroteque" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> is_numeric and strlen ?
>
> -Original Message-
> From: Shaun [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 03, 2003 7:21 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Validating user input
>
>
> Hi,
>
> I am creating a timesheet application, how can I make sure that a user has
> entered a number, and that the number is a whole number or a decimal up to
2
> places, and that the number is less than 24?
>
> Thanks for your help
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating user input
On Tue, 2003-06-03 at 02:46, Sichta Daniel wrote: > Another way is to do it on client side (javascript) > > DS Indeed, but then you have to be prepared for it not to work if the user doesn't have js enabled. Torben > -Original Message- > From: Shaun [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 03, 2003 11:21 AM > To: [EMAIL PROTECTED] > Subject: [PHP] Validating user input > > > Hi, > > I am creating a timesheet application, how can I make sure that a user has > entered a number, and that the number is a whole number or a decimal up to 2 > places, and that the number is less than 24? > > Thanks for your help > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- Torben Wilson <[EMAIL PROTECTED]>+1.604.709.0506 http://www.thebuttlesschaps.com http://www.inflatableeye.com http://www.hybrid17.com http://www.themainonmain.com - Boycott Starbucks! http://www.haidabuckscafe.com - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating user input
> -Original Message-
> From: Shaun [mailto:[EMAIL PROTECTED]
> Sent: 03 June 2003 10:21
>
> I am creating a timesheet application, how can I make sure
> that a user has
> entered a number, and that the number is a whole number or a
> decimal up to 2
> places, and that the number is less than 24?
I'd probably do this with a regex plus a quick test for in-range values -- something
like (untested):
if ($number>0 && $number<24
&& preg_match('^[0-9]{1-2}(\.[0-9]{1,2})?$', $number))
do_stuff;
You could also tweak the regex to filter out out-of-range values and dispense with the
range checks -- something like (again untested):
if (preg_match('^(1?[0-9]|2[0-4])(\.[0-9]{1,2})?$', $number))
do_stuff;
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating user input
Another way is to do it on client side (javascript) DS -Original Message- From: Shaun [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 11:21 AM To: [EMAIL PROTECTED] Subject: [PHP] Validating user input Hi, I am creating a timesheet application, how can I make sure that a user has entered a number, and that the number is a whole number or a decimal up to 2 places, and that the number is less than 24? Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Validating user input
Try this... I don't know if this will suit your needs but it'll give you
an idea:
0 && $a < 24) {
$time = number_format($a, 2, '.', '');
echo "Time: $time\n\n";
} else {
echo "Invaild Time.\n\n";
}
?>
Regards,
John
--
-~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~-
John Coggeshall
john at coggeshall dot org http://www.coggeshall.org/
-~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~-
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating user input
is_numeric and strlen ? -Original Message- From: Shaun [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 7:21 PM To: [EMAIL PROTECTED] Subject: [PHP] Validating user input Hi, I am creating a timesheet application, how can I make sure that a user has entered a number, and that the number is a whole number or a decimal up to 2 places, and that the number is less than 24? Thanks for your help -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] validating user input
Hi Drouet, I've been asking about this too and here's what I've been working
on. It checks for letters, numbers, puncuation, and max and min length. I
was told any of the puncation was safe as long as you addslashes before you
put it into the database.
function check_input($user_input, $min=0, $max=0, $text=false,
$number=false, $special=false)
{
$pattern = "";
if ($text) $pattern .= "a-zA-Z";
if ($number) $pattern .= "0-9";
if ($special) $pattern .=
'À-ÖØ-öø-ÿ[:space:]\~\!\[\]\`\@\#\$\%\^\&\*\(\)\_\+\-\={\}\|\:\"\;\'\<\>
\?\,\.\/';
$regexp = '/^['.$pattern.']*$/i';
if( preg_match($regexp, $user_input) && strlen($user_input) <= $max &&
strlen($user_input) >= $min )
echo "it passes";
else
echo "didn't pass";
}
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: April 24, 2002 3:49 AM
To: [EMAIL PROTECTED]
Subject: [PHP] validating user input
Hi the M.L.
I have to validate forms user inputs before the construction of my query to
my Oracle DB
Does anybody know the list of characters that should be rejected (for
example ;) ?
Do you have a function to validate it ?
regards
Laurent Drouet
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating User Input
On Fri, 19 Apr 2002, SP wrote:
> Now should I include all those special characters? I want it to be hack
> proof so I don't want to add the user input into my database and have
> something bad happen.
>
> Which ones are safe?
> ~ ` ! @ # $ % ^ & * ( ) _ + - = [ ] \ { } | : " ; ' < > ? , . /
All characters are safe for database use as long as they're handled
properly.
Basically that means escaping ' " and \ which should be taken care of
automatically by addslashes (or by the abominable magic_quotes_gpc if you
happen to have it on).
Now, when you're dealing with path/file names and arguments to external
programs, you need to be more careful...
miguel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Validating User Input
Thanks Danny, that worked!
Now should I include all those special characters? I want it to be hack
proof so I don't want to add the user input into my database and have
something bad happen.
Which ones are safe?
~ ` ! @ # $ % ^ & * ( ) _ + - = [ ] \ { } | : " ; ' < > ? , . /
-Original Message-
From: Danny Shepherd [mailto:[EMAIL PROTECTED]]
Sent: April 19, 2002 9:32 AM
To: Php
Subject: Re: [PHP] Validating User Input
Hi,
\?\,\.
\/';
$regexp='^['.$pattern.']{'.$min.','.$max.'}$';
if (ereg($regexp,$user_input))
return $user_input;
else
return $default;
}
?>
That should take care of everything except the square brackets - not sure
how to go about getting them (escaping them didn't seem to work).
HTH
Danny.
- Original Message -
From: "SP" <[EMAIL PROTECTED]>
To: "Php" <[EMAIL PROTECTED]>
Sent: Friday, April 19, 2002 1:57 PM
Subject: [PHP] Validating User Input
> I am trying to validate an user's input. I can get the ereg function to
> work if I just type in the pattern I'm searching for but my problem is I
> want to build the pattern through a variable first and then use that
> variable in the ereg function.
>
> For example, I want to check an input that's only text and only between 5
to
> 20 characters in length. Is this possible?
>
> function check_input($user_input, $min=0, $max=0, $text=false,
> $number=false, $special=false, $default="")
> {
> if ($text) $pattern .= "a-zA-Z";
> if ($number) $pattern .= "0-9";
> if ($special) $pattern .= "[:space:]";
>
> if (ereg("^[$pattern]{$min,$max}$", $user_input))
> return $user_input;
> else
> return $default;
> }
>
> Also, which of the following special characters is considered safe to
> accept? I am just allowing spaces now but would like as many of the below
> characters to be included.
>
> ~ ` ! @ # $ % ^ & * ( ) _ + - = [ ] \ { } | : " ; ' < > ? , . /
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Validating User Input
Hi,
\?\,\.
\/';
$regexp='^['.$pattern.']{'.$min.','.$max.'}$';
if (ereg($regexp,$user_input))
return $user_input;
else
return $default;
}
?>
That should take care of everything except the square brackets - not sure
how to go about getting them (escaping them didn't seem to work).
HTH
Danny.
- Original Message -
From: "SP" <[EMAIL PROTECTED]>
To: "Php" <[EMAIL PROTECTED]>
Sent: Friday, April 19, 2002 1:57 PM
Subject: [PHP] Validating User Input
> I am trying to validate an user's input. I can get the ereg function to
> work if I just type in the pattern I'm searching for but my problem is I
> want to build the pattern through a variable first and then use that
> variable in the ereg function.
>
> For example, I want to check an input that's only text and only between 5
to
> 20 characters in length. Is this possible?
>
> function check_input($user_input, $min=0, $max=0, $text=false,
> $number=false, $special=false, $default="")
> {
> if ($text) $pattern .= "a-zA-Z";
> if ($number) $pattern .= "0-9";
> if ($special) $pattern .= "[:space:]";
>
> if (ereg("^[$pattern]{$min,$max}$", $user_input))
> return $user_input;
> else
> return $default;
> }
>
> Also, which of the following special characters is considered safe to
> accept? I am just allowing spaces now but would like as many of the below
> characters to be included.
>
> ~ ` ! @ # $ % ^ & * ( ) _ + - = [ ] \ { } | : " ; ' < > ? , . /
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
