« For the GUI Freaks
Gathered PHP snippets »

Form Validation Call for help

My scriptygoddess crown to the first person that can give me the PHP code to validate a form field so that no special characters are allowed…

(well, okay it’s not really a crown; more like a plastic tiara… how about lots of plugs here, and the good feeling that you’ve helped out a friend in need?) :D
UPDATE: Nevermind! I got it! (YAY! I get to keep my tiara!!) ;-P
(Update again: Actually, Amy saw my function and raised it… her’s is better/quicker/easier, etc.)
Amy is the grand champion Tiara holder!! ;-)
Here’s a php function that will return true if the character is alphanumeric, and false if it’s anything else:

Here’s mine (Amy’s is better though…)
function noSpecialChars($string) {
$validate = true;
for ($i=0; $i < strlen($string); $i++) {
if (!ereg("[a-zA-Z0-9]", $string{$i})) {
$validate = false;
}
}
return $validate;
}

(so simple… yet, I will never admit to how many hours it took me to figure that damn thing out!!!)

Of course, what this function is doing is checking every single character… probably a bit of “server overhead” so if you have a simpler option… I’m all ears… well, eyes. ;-)
Here’s Amy’s:

function is_alphanumeric($test) {
return (preg_match(”/^[a-z0-9 ]+$/i”, $test));
}

This entry was posted on Monday, September 16th, 2002 at 11:05 pm and is filed under Scripts. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

10 Responses to “Form Validation Call for help”

  1. kristine Says:
    September 16th, 2002 at 11:15 pm

    (I’m not sure if this is helpful or not, but here’s what google found me!)
    form validation

  2. kristine Says:
    September 16th, 2002 at 11:17 pm

    Oh, and maybe something to do with htmlspecialchars() ?
    php.net - htmlspecialchars

  3. Jennifer Says:
    September 16th, 2002 at 11:18 pm

    Yeah, I saw that… and what he has there will validate that the string contains at least 1 alpha numeric character… but it could be mixed with special characters… I want to have it reject any and all special characters…

  4. Jennifer Says:
    September 16th, 2002 at 11:22 pm

    htmlscpecialchars() will translate special charcaters…

    It’s probalby going to be some form of this function:
    ereg() but the question is what do I put in there to deny all special characters…

  5. Amy Says:
    September 17th, 2002 at 10:02 am

    Oooh! Something I can help with!

    function is_alphanumeric($test) {
    return (preg_match(”/^[a-z0-9 ]+$/i”, $test));
    }

    Run it like this:

    if ( !is_alphanumeric($submitted_variable) ) {
      # fire error stuff
    }

  6. jennifer Says:
    September 17th, 2002 at 10:14 am

    Ok, when I tried those types of functions… it seemed to not catch it when it was a special character in the MIDDLE of alphanumeric characters.. it would only catch if it began or ended with a special character:
    so:
    3%2 would be acceptable
    %32 would not be
    32% would not be…

    That’s why I got into the whole check every character thing…

  7. Jennifer Says:
    September 17th, 2002 at 10:20 am

    nope… my mistake. Yours works. Okay, you win the tiara! ;-)
    But you have to explain to me why it works…

    the difference between what you were doing with the preg_match, and what I was doing… is the last part… the “+$/i”… I had been using “+$/s” (which didn’t catch special charcters in the middle)

    Can you tell me whats going on there? What does the “i” or “s” mean?

  8. Amy Says:
    September 17th, 2002 at 10:53 am

    I’d hang on to the tiara, Jenn. I didn’t write the function - many, many months ago I handed my first effort at it to Gareth, who patted me on the head and sent me back what you see here.

    I pinged him and asked for an explanation that’s readable in English, and here’s his response:

    “The $ matches the end of the line. The i is a flag meaning ‘case insensitive match.’ Likewise, the ^ at the beginning matches the beginning of the line. It won’t match (allow) any strings that contain spaces or whatever at the beginning/end.

    “One could argue that you could use /^\w+$/ instead, but then it’d match (allow) the underscore character as well.”

    Personally, I hate regexes. They drive me insane on a regular basis. I bribe Gareth with Reese’s Pieces (which are hard to get and expensive in Britain) to get help for regex issues like this. :)

  9. Jennifer Says:
    September 17th, 2002 at 11:08 am

    =sigh=
    I still don’t get it…
    Why would case have anything to do with it…
    the only difference is that “i” vs. “s”

    with “s”
    3#3 is allowed

    with “i”
    3#3 is not

    …duh… I’m so lost.
    I’ll send you some Reese’s Pieces to give to your friend… :) (Does he like Tiaras? LOL!)

  10. casey Says:
    December 8th, 2002 at 9:14 pm

    I’ve been trying to figure this out forever too, and its really annoying, but here’s a function that seems to work perfectly, I got it from the user comments at php.net
    http://www.php.net/manual/en/function.ereg.php

    if (ereg(’^[[:alnum:]]+$’, $data)) {
    echo ‘$data contains only letters and/or numbers’;
    } else {
    echo ‘$data contains characters other than letters and /or numbers.’;
    }

    and if you want to add characters to allow, like an underscore for instance, add a pipe and the _ after the [:alnum:], like so:

    if (ereg(’^[[:alnum:]|_]+$’, $data)) {
    echo ‘$data contains only letters and/or numbers’;
    } else {
    echo ‘$data contains characters other than letters and /or numbers.’;
    }

    hope that helps