By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,496 Members | 1,527 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,496 IT Pros & Developers. It's quick & easy.

Validating Username

P: 54
i have used the following code to validate the username it is working fine
Expand|Select|Wrap|Line Numbers
  1. if( $username == "" ||  !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) )
  2. {
  3.    $error.="User name cannot be blank or has special characters";
  4. }     
  5.  
it does not accept UNDERSCORE at the beginning or end however while i was testing with different special characters except for # the validation works fine for all other special characters.

for example if i enter the user name as = abc#123

in this case # sign and what comes after # sign is being ignored. so in this case the username is being read as abc ONLY and not abc#123

this is very strange, how can i still validate # sign and tell the user that # sign is not a valid username like i have been doing with any other special characters like = !@$...........

please advice.

thanks.
May 26 '08 #1
Share this Question
Share on Google+
24 Replies


Markus
Expert 5K+
P: 6,050
Cannot understand your problem?

What do you want your regex to accept and not accept?

Maybe we could help you create a new one.
May 26 '08 #2

hsriat
Expert 100+
P: 1,654
in this case # sign and what comes after # sign is being ignored. so in this case the username is being read as abc ONLY and not abc#123
Its not a problem with regexp.

It seems like you are submitting your username with ajax and not doing encodeURIComponent() to it before submitting.
May 26 '08 #3

Atli
Expert 5K+
P: 5,058
Also, if you are submitting your usernames as GET variables, via the URL, the # character and anything that follows it will be parsed as an anchor name by the browser.

If that is the case, try the urlencode and urldecode functions.
May 26 '08 #4

hsriat
Expert 100+
P: 1,654
Also, if you are submitting your usernames as GET variables, via the URL, the # character and anything that follows it will be parsed as an anchor name by the browser.

If that is the case, try the urlencode and urldecode functions.
But I thought the browser in itself always does urlencoding of the from elements before sending them by GET method (except when using Ajax). Don't you think so?

Try this example...
[HTML]<html>
<form action="page_doesnt_exist.htm">
<input name="param" value="">
<input type="submit" value="Check what's the url">
</form>
</html>[/HTML]
Just type in a value containing # in the field and click button to see what's the url. Isn't it already urlencoded?

I typed abc#xyz and got page_doesnt_exist.htm?param=abc%23xyz in the address bar when clicked on submit.
# got encoded to %23
May 26 '08 #5

Atli
Expert 5K+
P: 5,058
But I thought the browser in itself always does urlencoding of the from elements before sending them by GET method (except when using Ajax). Don't you think so?
True. If you submit an actual <form> the browser should take care of this for you.

I was thinking more along the lines of putting them manually in the URL string.
Like if you had made a list of users and wanted each name to link to another script, passing along the username in the URL.

Could have chosen my words more carefully in my previous post. Sorry about that.
May 26 '08 #6

Markus
Expert 5K+
P: 6,050
Where did you get the idea that this is to do with ajax or URLs?
May 26 '08 #7

Markus
Expert 5K+
P: 6,050
Oh, because # marks a placement in the page and what comes after that is looked for in a div id.

I see.

But why submit it through GET?

Makes more sense for POST, right?
May 26 '08 #8

hsriat
Expert 100+
P: 1,654
Where did you get the idea that this is to do with ajax or URLs?
Well, any variable (username in this case) can be posted by 4 ways (according to my knowledge).

1. Simple GET - # won't give any trouble as its already urlencoded by browser.
2. Simple POST - same here...
3. Ajax GET - # could cause a problem, as # in url is for anchors
4. Ajax Post - not sure about this one..

So I thought it could be case 3.
May 26 '08 #9

ronverdonk
Expert 2.5K+
P: 4,258
......because # marks a placement in the page and what comes after that is looked for in a div id.....
Sorry to disagree slightly here.
A destination anchor is not just, or only, a div. The destination anchors in HTML documents may be specified either by the A element (naming it with the name attribute), or by any other element (naming with the id attribute).

Ronald
May 26 '08 #10

hsriat
Expert 100+
P: 1,654
True. If you submit an actual <form> the browser should take care of this for you.

I was thinking more along the lines of putting them manually in the URL string.
Like if you had made a list of users and wanted each name to link to another script, passing along the username in the URL.

Could have chosen my words more carefully in my previous post. Sorry about that.
Nothing to sorry about dude. :)

Yeah, in the case you said, one should do urlencode in PHP before sending the HTML to the browser.

Regards
May 27 '08 #11

P: 54
my question is about validation using php. i am validating a username which a user would enter and clicks on a image to find

if that username is available. example if a user enters abc#123 php file is reading this value as abc ONLY which i do not

want instead the php file should read as abc#123. follow is the sequence of pages. please advice the solution.

first page = register.php here a user enters a username and clicks on an image to find out if the username is available or

not. using a javascript function of onclick i am reading the value entered in the form in javascript as
Expand|Select|Wrap|Line Numbers
  1. var useri = document.registrationform.username
  2. var valueofuseri = document.registrationform.username.value
  3.  
  4. var recui = /^\s{1,}$/g;
  5.  
  6. if ((useri.value==null) || (useri.value=="") || (useri.length=="") || (useri.value.search(recui))> -1)
  7. {
  8. alert("Please Enter a User Name")
  9. return false
  10. }
  11.  
  12. window.open("checkusernamei.php?theusernameis="+valueofuseri, "titleforavailabilityi", "width=680,  height=275, status=1, 
  13.  
  14. scrollbars=1, resizeable=yes");
  15.  
second page = checkusernamei.php = this file uses GET to read what was entered in the form.
Expand|Select|Wrap|Line Numbers
  1. $username = $_GET["theusernameis"];
  2.  
  3. if( $username == "" ||  !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) )
  4. {
  5. echo "username is blank or has special characters";
  6. }
  7.  
the # sign is being ignored only if the image is clicked in order to check the username, if the user enters abc#123 and

clicks the submit button without clicking on the checkuser image button then my php validation for username shows an error

message.

Expand|Select|Wrap|Line Numbers
  1. if( $username == "" ||  !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) )
  2. { echo "display error message for username"; }
  3.  
now the problem is with clicking the image only and passing using GET method how can i fix this problem.

please advice.

thanks.
May 27 '08 #12

hsriat
Expert 100+
P: 1,654
Expand|Select|Wrap|Line Numbers
  1. var valueofuseri=encodeURLComponent(document.registrationform.username.value);
Dude, this is what I suggested you in the other thread on same problem.
I guess you could not locate that thread in the long list of threads.

PS: Use [CODE] Tags.
May 27 '08 #13

Atli
Expert 5K+
P: 5,058
Please do not double post your questions.
That only serves to cause confusion, waste the time of our fellow members and make us moderators mad!

And use [code] tags when posting your code examples.

Seeing as you have over 40 posts already, I expect you to know this by now.
Take a look at our Posting Guidelines if you haven't already.
I will not be happy if I need to repeat this warning!

I have merged the other thread into this one.

Moderator
May 27 '08 #14

pbmods
Expert 5K+
P: 5,821
Heya, Runway.

What is the value of $username when the User inputs 'abc#123'?
May 27 '08 #15

dlite922
Expert 100+
P: 1,584
Heya, Runway.

What is the value of $username when the User inputs 'abc#123'?
HEY YOUR BACK!!

*goes to cafe/lounce to see announcement*

I think he said the value is only "abc", the rest is truncated.

he needs url_encoding i believe, as every body here posted (some more than once)

PS: glad to see you back,

Dan
May 27 '08 #16

P: 54
my question is about validation using php. i am validating a username which a user would

enter and clicks on a image to find if that username is available. example if a user enters

abc#123 php file is reading this value as abc ONLY which i do not want instead the php file

should read as abc#123. following is the sequence of pages. please advice the solution.

first page = register.php here a user enters a username and clicks on an image to find out

if the username is available or not. using a javascript function of onclick i am reading the

value entered in the form in javascript as
=============================================
var useri = document.registrationform.username
var valueofuseri = document.registrationform.username.value

var recui = /^\s{1,}$/g;

if ((useri.value==null) || (useri.value=="") || (useri.length=="") ||

(useri.value.search(recui))> -1)
{
alert("Please Enter a User Name")
return false
}

window.open("checkusernamei.php?theusernameis="+va lueofuseri, "titleforavailabilityi",

"width=680, height=275, status=1, scrollbars=1, resizeable=yes");

============================================

i have used a alert message in javascript to display the value, javascript is able to

capture all the characters entered which is abc#123

second page = checkusernamei.php = this file uses GET to read what was entered in the form.
============================================
$username = $_GET["theusernameis"];

if( $username == "" || !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) )
{
echo "username is blank or has special characters";
}
============================================
the # sign is being ignored only if the image is clicked in order to check the username, if

the user enters abc#123 and clicks the submit button without clicking on the checkuser image

button then my php validation for username shows an error message.

================================================== ============
if( $username == "" || !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) )
{ echo "display error message for username"; }
================================================== ============
now the problem is with clicking the image only and passing the value to checkusernamei.php

using GET method
i have also used an echo statement in checkusernamei.php as
echo "value of username is ". $username; = this displays abc and not abc#123

how can i fix this problem wherein checkusernamei.php will be able to read abc#123. also in

this checkusernamei.php file i have a select query which will read if the username already

exists in the table. presently as checkusernamei.php is reading abc ONLY the select query is

also passing abc and not abc#123

$select = "Select username from table where username = '$username'";

please advice.

thanks.
May 29 '08 #17

hsriat
Expert 100+
P: 1,654
Dear runway27,

When # goes in the URL, the text after the # is considered as anchor by the browser. When you are opening a new window with this code:
Expand|Select|Wrap|Line Numbers
  1. window.open("checkusernamei.php?theusernameis="+valueofuseri, "titleforavailabilityi", "width=680, height=275, status=1, scrollbars=1, resizeable=yes");
The URL is "checkusernamei.php?theusernameis="+valueofuse ri

And when your user name is abc#123, your URL becomes:
checkusernamei.php?theusernameis=abc#123

So what happens is, #123 is considered as an anchor bookmark(see point 2 here) in the page.

With this, the value of your $_GET['theusernameis'] remains abc only.

To escape this, you should use encodeURIComponent in JavaScript.
So just change the second like of your JavaScript as
Expand|Select|Wrap|Line Numbers
  1. var valueofuseri = encodeURIComponent(document.registrationform.username.value)
If you want to encode it in PHP, after you click on the page and its opened in PHP, then that would be too late. As by that time your browser would have already considered text after # as anchor.

I apologize that I answered you twice on the same question but could not make you understand why is it so.

Hope you will get this this time.

Regards
May 30 '08 #18

Markus
Expert 5K+
P: 6,050
Deja-vu.

Hasn't this been asked like 3 times (and answered)?
May 30 '08 #19

hsriat
Expert 100+
P: 1,654
Deja-vu.

Hasn't this been asked like 3 times (and answered)?
I too think so... ;)
May 30 '08 #20

Atli
Expert 5K+
P: 5,058
Deja-vu.

Hasn't this been asked like 3 times (and answered)?
Indeed. This will be the second time I merge a duplicate thread with the original thread.

runway27, you have been warned twice before about double-posting and using [code] tags, and you just keep ignoring us.

This behavior is not acceptable and has just earned you a 1 week ban.
I suggest you take that time to familiarize yourself with the Posting Guidelines.

The next time you ignore the guidelines, the ban will be permanent.

Moderator
May 30 '08 #21

hsriat
Expert 100+
P: 1,654
This behavior is not acceptable and has just earned you a 1 week ban.
aww.. this is gonna be harsh. But rules are rules.


I didn't get one thing though... he never replied in the already started thread. He got many replies, but he didn't give a damn.

What did he think about us?.....
May 30 '08 #22

Markus
Expert 5K+
P: 6,050
Sorry to disagree slightly here.
A destination anchor is not just, or only, a div. The destination anchors in HTML documents may be specified either by the A element (naming it with the name attribute), or by any other element (naming with the id attribute).

Ronald
I wasn't being specific to only divs.
May 30 '08 #23

Markus
Expert 5K+
P: 6,050
aww.. this is gonna be harsh. But rules are rules.


I didn't get one thing though... he never replied in the already started thread. He got many replies, but he didn't give a damn.

What did he think about us?.....
I just don't understand some people..

Could it've been a bot?
May 30 '08 #24

hsriat
Expert 100+
P: 1,654
I just don't understand some people..

Could it've been a bot?
LOL!... and that bot has just got to ask a technical question in bytes?... not a good utility bot.
May 30 '08 #25

Post your reply

Sign in to post your reply or Sign up for a free account.