By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
429,045 Members | 1,305 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 429,045 IT Pros & Developers. It's quick & easy.

Validating input

P: n/a
What is the most efficient way to validate an input to conform to your
needs?

I need to make sure an input is a contiguous string with only printable
characters (english alphabet+numbers only) and no whitespace or
punctuation marks.

Thanks
Jun 18 '06 #1
Share this Question
Share on Google+
6 Replies


P: n/a
J Huntley Palmer wrote:
What is the most efficient way to validate an input to conform to your
needs?

I need to make sure an input is a contiguous string with only printable
characters (english alphabet+numbers only) and no whitespace or
punctuation marks.

Thanks


http://ca.php.net/manual/en/function.ctype-alnum.php

-david-

Jun 18 '06 #2

P: n/a
On 2006-06-18, J Huntley Palmer <jh*@dontspam.spam> wrote:
I need to make sure an input is a contiguous string with only printable
characters (english alphabet+numbers only) and no whitespace or
punctuation marks.


I would use a regular expression for that. Since it's the weekend you
still have time to come up with such a RE.

Hint: lookup the meaning(s) of '^' , '\w+' and '$' in regular expressions.

--
Met vriendelijke groeten,
Tim Van Wassenhove <http://timvw.madoka.be>
Jun 18 '06 #3

P: n/a
In addition to the RegEx note made before, I would give you a slight
example (rather common) in case you're not already done:

check out the
preg_match(http://php.net/manual/en/function.preg-match.php) with some
RegExp like "/[a-zA-Z0-9 ]+/", which would give you true only of case
of digits and letters and blank space. The + will assure that there is
at least one letter/digit.

For more info check the user-contributed notes in the link above. It's
not a big deal...

Good day.

Jun 18 '06 #4

P: n/a
You might want to consider validating your inputs before submitting to
the server.
J Huntley Palmer wrote:
What is the most efficient way to validate an input to conform to your
needs?

I need to make sure an input is a contiguous string with only printable
characters (english alphabet+numbers only) and no whitespace or
punctuation marks.

Thanks


Jun 19 '06 #5

P: n/a
>You might want to consider validating your inputs before submitting to
the server.


Validating inputs ONLY before submitting to the server is
worse than no validation at all. In this case, the attacker
gets to do his own validation.

Gordon L. Burditt
Jun 19 '06 #6

P: n/a
Argh. The intent of my reply was lost due to lack of caffeine. Now
that I had a few cups, let me rephrase:

You might want to consider validating before you post IN ADDITION TO
validating once the request hits the server. You should always try to
pre-format requests to your server whenever possible (unless the
overhead is too expensive or you might reveal some sort of algorithm or
data format you wish to keep secret)...WHILST KEEPING IN MIND that once
on the server, you should never trust the request until the appropriate
security measures have been taken.

Thank you for forcing me to clarify. I shall never post again until I
am certain my stimulant level is appropriate.

Cheers,

Gordon Burditt wrote:
You might want to consider validating your inputs before submitting to
the server.


Validating inputs ONLY before submitting to the server is
worse than no validation at all. In this case, the attacker
gets to do his own validation.

Gordon L. Burditt


Jun 19 '06 #7

This discussion thread is closed

Replies have been disabled for this discussion.