Reading your other post, I think what you REALLY want to do is throw away an
variable that contains non-numeric values... Since you only want numbers,
then everything else must be a mistake, or an attack.
take the URL blah.php?foo=45bah=hekygu
if(in_numeric($_GET['foo']))
{
// do stuff
}
else
{
unset($_GET['foo'])
}
if(in_numeric($_GET['bah']))
{
// do stuff
}
else
{
unset($_GET['bah'])
}
A LOT quicker than regexp, and you're changing the question from i want to
strip this stuff out to i want to keep this stuff in, which is a lot
safer than trying to imagine everything a hacker might try... a good rule to
live by, even if it's not totally needed in this case.
Justin French
on 15/11/02 1:32 AM, CJ ([EMAIL PROTECTED]) wrote:
I want to scan the variables passed from teh url of my script for non alpha
characters. The variables should only consist of a-z A-Z 0-9 and spaces,
full stops and commas (Basically I don't want scripts to be passed via the
variable to the server)
I've used perl a long time ago and its regular expressions seemed ideal for
this kind of thing. Can enybody suggest a scrip to remove unwanted
characters from my variable?
Justin French
http://Indent.com.au
Web Developent
Graphic Design
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php