thebigbraindm
asked on
Preg_match whole form
I wrote the scirpt below to validate just the password
Just to be sure users don't use these characters ? < > " ; { } [ ] ( )^ &
but I would like to do it to the whole <form> instead of individual textbox/ field
I like to allow user the put any character but seem like too hard to do it if any body had any idea how to allow user to enter any character without mess up the server, please show me how.
Seem like the htmlentities might do it but it's converting to a different character, I don't understand much about htmlentities yet.
Please make it simple a little bit.
Thanks in advance!
<?php
//Prevent hacking
//don't want to user the crack around
// preg_match example can be found at http://us3.php.net/preg_match
//If user enter the double qoute and the question mark or combination of those then script will mess up
if (preg_match("/^[ ? < >\"\;\{\}\[\]\(\)^& ]$/",$_POST['password'])) {
?>
You can't use these special character ? < > " ; { } [ ] ( )^ &
<?
}
else { echo "not special character found";}
?>
Just to be sure users don't use these characters ? < > " ; { } [ ] ( )^ &
but I would like to do it to the whole <form> instead of individual textbox/ field
I like to allow user the put any character but seem like too hard to do it if any body had any idea how to allow user to enter any character without mess up the server, please show me how.
Seem like the htmlentities might do it but it's converting to a different character, I don't understand much about htmlentities yet.
Please make it simple a little bit.
Thanks in advance!
<?php
//Prevent hacking
//don't want to user the crack around
// preg_match example can be found at http://us3.php.net/preg_match
//If user enter the double qoute and the question mark or combination of those then script will mess up
if (preg_match("/^[ ? < >\"\;\{\}\[\]\(\)^& ]$/",$_POST['password'])) {
?>
You can't use these special character ? < > " ; { } [ ] ( )^ &
<?
}
else { echo "not special character found";}
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Form doesn't exist.
When you fill in a form, the individual fields are sent to PHP and become elements of an array in $_POST or $_GET. Each one is effectively a separate variable.
When you fill in a form, the individual fields are sent to PHP and become elements of an array in $_POST or $_GET. Each one is effectively a separate variable.
ASKER
if (preg_match <form>
well I guess php is not capable with checking the whole form then.
Thank you