468,247 Members | 1,317 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,247 developers. It's quick & easy.

PHP Input Checking

I have a HTML form where the user can type in certain values, but I
only want them to able able to submit integers (0-9). I post to a PHP
page with the following "snippit" of code (all the variables have been
properly assigned):

// Checks for illegal chars
$illegal_chars = array("`", "~", "!", "@", "#", "$", "%", "^", "&",
"*", "(", ")", "-", "_", "=", "+", "q", "w", "e", "r", "t", "y", "u",
"i", "o", "p", "[", "{", "]", "}", "\\", "|", "a", "s", "d", "f", "g",
"h", "j", "k", "l", ";", ":", "'", "\"", "z", "x", "c", "v", "b", "n",
"m", ",", "<", ".", ">", "/", "?");
foreach ($illegal_chars as $value) {
if (stripos($db_mysql, $value)) { $pass1 = "f"; }
elseif (stripos($db_postgre, $value)) { $pass2 = "f"; }
elseif (stripos($db_oracle, $value)) { $pass3 = "f"; }
elseif (stripos($email_basic, $value)) { $pass4 = "f"; }
elseif (stripos($email_exchange, $value)) { $pass5 = "f"; }
elseif (stripos($ftp_users, $value)) { $pass6 = "f"; }
elseif (stripos($domain_subdomains, $value)) { $pass7 = "f"; }
else {}
}

The code will not work, and I can't see why. The variables $pass1-pass7
aren't set after the foreach() loop, no matter what is in the input!

Any ideas?

Kingo

Apr 26 '06 #1
5 1894
Kingo said the following on 26/04/2006 23:13:
I have a HTML form where the user can type in certain values, but I
only want them to able able to submit integers (0-9). I post to a PHP
page with the following "snippit" of code (all the variables have been
properly assigned):

// Checks for illegal chars
$illegal_chars = array("`", "~", "!", "@", "#", "$", "%", "^", "&",
"*", "(", ")", "-", "_", "=", "+", "q", "w", "e", "r", "t", "y", "u",
"i", "o", "p", "[", "{", "]", "}", "\\", "|", "a", "s", "d", "f", "g",
"h", "j", "k", "l", ";", ":", "'", "\"", "z", "x", "c", "v", "b", "n",
"m", ",", "<", ".", ">", "/", "?");
foreach ($illegal_chars as $value) {
if (stripos($db_mysql, $value)) { $pass1 = "f"; }
elseif (stripos($db_postgre, $value)) { $pass2 = "f"; }
elseif (stripos($db_oracle, $value)) { $pass3 = "f"; }
elseif (stripos($email_basic, $value)) { $pass4 = "f"; }
elseif (stripos($email_exchange, $value)) { $pass5 = "f"; }
elseif (stripos($ftp_users, $value)) { $pass6 = "f"; }
elseif (stripos($domain_subdomains, $value)) { $pass7 = "f"; }
else {}
}


Arrgh!

There's a whole host of simple one-liners that will achieve this.
Casting the variable to an int would be one way to guarantee that the
result is an integer. Use of is_numeric() would be a way to check
whether the value is an integer. ctype_digit() would be another.
NOTE: Although I don't know how you're using $pass1 -> $pass7, you're
probably much better off using an array, i.e. $pass[1] -> $pass[7], and
setting them to boolean FALSE rather than "f".

--
Oli
Apr 26 '06 #2
I tried to use is_numeric(), but it supports more than just 0-9. All I
want to check is if the input has only the characters 0-9 in it. I'm
guessing from the examples in the PHP manual that ctype_digit() would
be the best way to go here?

Apr 26 '06 #3
function my_integer_check($data, $length = 1)
{

if(strten($data) > $length){

return false;

}

return is_numeric($data);

}

Apr 26 '06 #4
Okay, I've got it working using is_numeric(), and then a conditional
test.

Thanks for your inputs!

Excuse my shocking PHP knowledge!!

Kingo

Apr 26 '06 #5
Kingo wrote:
I have a HTML form where the user can type in certain values, but I
only want them to able able to submit integers (0-9). I post to a PHP
page with the following "snippit" of code (all the variables have been
properly assigned):

// Checks for illegal chars
$illegal_chars = array("`", "~", "!", "@", "#", "$", "%", "^", "&",
"*", "(", ")", "-", "_", "=", "+", "q", "w", "e", "r", "t", "y", "u",
"i", "o", "p", "[", "{", "]", "}", "\\", "|", "a", "s", "d", "f", "g",
"h", "j", "k", "l", ";", ":", "'", "\"", "z", "x", "c", "v", "b", "n",
"m", ",", "<", ".", ">", "/", "?");
foreach ($illegal_chars as $value) {
if (stripos($db_mysql, $value)) { $pass1 = "f"; }
elseif (stripos($db_postgre, $value)) { $pass2 = "f"; }
elseif (stripos($db_oracle, $value)) { $pass3 = "f"; }
elseif (stripos($email_basic, $value)) { $pass4 = "f"; }
elseif (stripos($email_exchange, $value)) { $pass5 = "f"; }
elseif (stripos($ftp_users, $value)) { $pass6 = "f"; }
elseif (stripos($domain_subdomains, $value)) { $pass7 = "f"; }
else {}
}

The code will not work, and I can't see why. The variables
$pass1-pass7 aren't set after the foreach() loop, no matter what is
in the input!

Any ideas?


Have you tried using a regex?

Example:
if (preg_match($string,'/\D/') > 0) {
// contains illegal characters
}

Replace $string with the string variable you want to check. The \D
means any character that isn't a decimal digit, which is probably what
you want to check the string for.

http://php.net/preg_match
http://php.net/reference.pcre.pattern.syntax

--
Kim André Akerĝ
- ki******@NOSPAMbetadome.com
(remove NOSPAM to contact me directly)
Apr 27 '06 #6

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by Oeln | last post: by
3 posts views Thread by Antoni | last post: by
1 post views Thread by Tonta | last post: by
7 posts views Thread by JR | last post: by
2 posts views Thread by headware | last post: by
48 posts views Thread by Michel Rouzic | last post: by
2 posts views Thread by MadMike42 | last post: by
reply views Thread by kermitthefrogpy | last post: by
reply views Thread by zattat | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.