Checking a string to see if a specific grouping exist (PHP)?

Question

situation: A user inputs a user name and password. now the user enters a user name called Game_Admin. Thus tries to imitate being a head power of the site and scam others.

At the moment My log in script check for Length Characteristics, and to see if it already exist. My question how do I go about checking to see if a player enters a specific grouping of characters in our example the grouping i am trying to stop duplication of is "Admin". So If the word Admin ever appears whether it is (myAdminaccount ,pizzaAdmin, GreatestAdmin). I am wondering would I use a loop of some sort to search through each user name character by character or is their another easier way?

Than you everyone for your suggestions Indeed there are many ways to go about this situation. I hope this topic can be a good reference for others who decide to use type if check. I am putting them all to the test and weighing out my options but I believe I have found the solution that works best for me :)

Answer 1

Have a look at stristr for case-insensitive string matching:

<?php
  $string = 'TehAdmin';
  if(stristr($string, 'admin') === FALSE) {
    echo '"admin" not found in string';
  } else {
    echo '"admin" found in string';
  }
  // outputs: "admin" found in string
?>

For extra entertainment, you can use str_ireplace to replace occurrences of admin with the empty string:

<?php
$string = str_ireplace("admin", "", $string);
?>

http://www.php.net/manual/en/function.str-ireplace.php

Answer 2

There are lots of ways to do this. I would use stripos (case-insensitive):

$findme    = 'admin';
$mystring = 'This is a fake string';

$pos1 = stripos($mystring, $findme);

// Nope, 'admin' is not in $mystring
if ($pos1 === false) {
    echo "The string '$findme' was not found in the string '$mystring'";
}

Answer 3

well, you can use one of several functions to determine if one string contains another, stristr() and preg_match() are common ones to use.

$input = 'Game_Admin';

if ( FALSE !== stristr( $input, 'admin' ) )
{
  // whatever
}

if ( preg_match( "/admin/i", $input ) )
{
  // whatever
}

Although I'm concerned that you appear to be assigned roles to users based on substrings of their username. That's not a great way to about this. It's better to have roles and permissions defined in the database.

Answer 4

I'd suggest when a user signs up, check the username against a blacklist before accepting form submission. If you're using off-the-shelf software it probably supports this.

Test on PHP strpos() when form validation takes place:

$badlist = Array(
  'admin',
  'staff',
  'official'
);

foreach($badlist as $badword){
  if (strpos(strtolower($_POST['username']), $badword)!==FALSE)
    die('fail');
}

Hope that helps :)