tags:

views:

316

answers:

4
+6  Q: 

PHP Special Characters Test

What's an efficient way of checking if a username contains a number of special characters that I define.

Examples: % # ^ . ! @ & ( ) + / " ? ` ~ < > { } [ ] | = - ;

I need to detect them and return a boolean, not just strip them out.

Probably a super easy question but I need a better way of doing this than a huge list of conditionals or a sloppy loop.

+1  A: 

With regular expressions the \w special characters means "any word characters" and the \d means digits. The ^ in the brackets means negate or basically anything that isn't in the brackets. The code below would echo "true" or a 1 to indicate the string has non-word characters in it.

$string = '% # ^ . ! @ & ( ) + / " ? ` ~ < > { } [ ] | = - ;'
echo preg_match('~[^\w\d]~', $string);
John Conde  2010-04-16 01:11:22
trying to be the fist - you forgot that strings limiting with quotes ;-)
zerkms  2010-04-16 01:13:43
Yeah, I caught that. ;)
John Conde  2010-04-16 01:14:52
+6  A: 

The better is to determine if there are any chars that are not in an allowed list, like:

preg_match('![^a-z0-9]!i', $nickname);
zerkms  2010-04-16 01:12:17
+1: Whitelists are a better security tool than blacklists.
Ben S  2010-04-16 01:59:18
Thanks! Excuse my inexperience with regex's but how can I also allow underscores?
pws5068  2010-04-16 02:28:23
just add _ after char '9'
zerkms  2010-04-16 02:48:03
+3  A: 

Regex is usually the way to go for testing an allowed range, particularly alphanumeric entities such as usernames. However, if the set of disallowed characters is small and/or non-sequential (that is, not easily specified with ranges) you can get better performance with this:

strspn($string,'%#^.!@&()+/"?`~<>{}[]|=-');

This returns the length of the first substring found that is composed of only the disallowed characters (which will be 0 if no disallowed characters are present).

Duncan  2010-04-16 01:38:51
+1  A: 

You can use something like the following to count the number of times a character from a given set of characters appears within a string:

<?php

/**
 * Count the number of times any char from $char is found in $search
 * @param $search   Looks for the chars here
 * @param $chars    The chars to look for
 * @return int
 */
function countChars($search, $chars)
{
    $chars = str_replace(
        array("\\", '[', ']', '^', '-'),
        array("\\\\", '\[', '\]', '\^', '\-'), $chars);

    $results = array();
    preg_match_all("/[$chars]/", $search, $results, PREG_SET_ORDER);
    return count($results);
}

var_dump(countChars("Hello, World", "ol"));
var_dump(countChars("Lorem ipsum...", ".m")); // searches for . and m only
var_dump(countChars("^[]-^\\*", "^[]-\\"));

Hope that helps.

icio  2010-04-16 01:41:27

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases