Not Allowing Symbols In A String

[galexcd 0]

I was looking for a quick solution so i could check a string for any symbols and stuff (basically anything that isnt numbers and letters) in it. One of the first google searches that came up were for a forum called "sitepoint". The thread was talking about the same thing I was trying to do.

This was their solution:

if (ereg("[a-zA-Z0-9]+", $username)) {    echo 'OK.'; } else {    echo 'Invalid characters.'; }

So i tried it out. Didn't work. I played with the code and i still couldn't get it to work... So I did what i didn't want to do: do it my way. Heres what i coded:

$allowed="q,w,e,r,t,y,u,i,o,p,a,s,d,f,g,h,j,k,l,z,x,c,v,b,n,m,Q,W,E,R,T,Y,U,I,O,P,A,S,D,F,G,H,J,K,L,Z,X,C,V,B,N,M,1,2,3,4,5,6,7,8,9,0,-,_";if(str_replace(explode(",",$allowed),"",$username)==""){//OK}else{//contains symbols}

Almost everything I code is very crude and I'm sure this could have been done with 1 simple function, but oh well. My way works fine.
---------
Heres the link to the thread if anybody is interested: http://www.sitepoint.com/forums/showthread.php?65200-Check-for-SYMBOLS-in-a-string
--------
So why did i post this?
Basically The only reason i posted it here is for input. Even though i dont really need it now, anybody know why the original code didn't work? How about some input for the code i came up with! hehe . Maby sombody could use my code?
I donno. Since i just signed up to that forum just to make that one reply, I wont be visiting them again for a responce, so i just moved the whole issue over here, so I could get other people's oppinion.... Ok I think i should stop talking now.
Edited July 26, 2006 by qwertyiscool (see edit history)

[truefusion 3]

Well, the first code provided wouldn't have worked if there was an underscore, or a hyphen in the username. But it should have worked if it only contained letters and/or numbers.

But the simpler way to go about it for your second code would have been:

if (ereg('[\\w-]+', $username)) {echo "OK";} else {echo "Invalid Characters, or no username provided.";}

Edited July 26, 2006 by truefusion (see edit history)

[galexcd 0]

Well, the first code provided wouldn't have worked if there was an underscore, or a hyphen in the username. But it should have worked if it only contained letters and/or numbers.
But the simpler way to go about it for your second code would have been:

if (ereg('[\\w-]+', $username)) {echo "OK";} else {echo "Invalid Characters, or no username provided.";}

the first one din't work though, it was compleatly screwed up. $*%username said "invalid characters" but username$*% was allowed. Thats what made me finaly break down and drop the ereg function

[Spectre 0]

Try inversing the original regular expression, so that it scans for any characters which are not in the given set (in this case, anything that is not alphanumeric):

 

if (ereg('[^a-zA-Z0-9]', $username)) {    echo 'Invalid characters.'; } else {    echo 'OK.'; }

You can always add to the set to include other characters you want to allow, such as hyphens/dashes and underscores:

 

[^a-zA-Z0-9\-_]

The problem with the original expression is that it was matching any string that contained a consecutive set of alphanumeric characters at the start of the string. If any other characters followed, it simply ignored them, but still matched the expression.
Edited July 30, 2006 by Spectre (see edit history)