SitePoint Sponsor

User Tag List

Results 1 to 13 of 13
  1. #1
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    preg_match problem

    I have built a form for adding new members. In the form, I have a line that reads:
    HTML Code:
    	<p><b>Roll:</b> <input type="text" name="roll" size="10" maxlength="10" /> <small>either "user" or "admin"</small></p>
    I then verify that the data is correct using:
    PHP Code:
        if (preg_match ('%^(admin|user])$%'stripslashes(trim($_POST['roll'])))) {
            
    $rl escape_data($_POST['roll']);
        } else {
            
    $rl FALSE;
            echo 
    '<p><font color="red" size="+1">Please enter a valid roll!</font></p>';
            } 
    I am not getting past this check, and I have tried several different approaches.

    Is this a good way to test that the roll is correct?

    Why
    Each day is a learning experience.

  2. #2
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,401
    Mentioned
    147 Post(s)
    Tagged
    4 Thread(s)
    Your regex works fine for 'admin'. To make it work for 'user' as well, get rid of the ] after 'user'.

    In this case (a limited number of acceptable values) you could also put them in an array and then check with the in_array() function.

  3. #3
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks. That fixed this problem.

    I will read the information at that link and may get back to you with more questions.
    Each day is a learning experience.

  4. #4
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have been using preg_match to filter the input as a means of slowing hackers.

    If I use the in_array() function, do I need the preg_match to screen stray unwanted characters from the input data?
    Each day is a learning experience.

  5. #5
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    64 Post(s)
    Tagged
    0 Thread(s)
    Well, firstly, 'Roll' is the wrong word. (You're looking for 'Role' )

    In_array will look specifically for that item - "admin" does not match "admine", and vice versa. as a side note, though, in_array is case sensitive.
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  6. #6
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Then, I will correct everything to use the 'role' and eliminate the preg_match.

    Will this do what I am trying to accomplish?
    PHP Code:
    $t_rl escape_data($_POST['role']);  // get the posted role for testing
    $a_role = array("admin""user"); // put allowed roles in the array
    if (in_array("$t_rl$a_tole)) { // test the posted role  and if it works set $rl to the correct role
        
    $rl=$t_rl;
    } else {
        
    $rl = FALSE;
        echo '<p><font color="
    red" size="+1">Please enter a valid role!</font></p>'; 
    Each day is a learning experience.

  7. #7
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    64 Post(s)
    Tagged
    0 Thread(s)
    Well, the coloration should tell you something's not right there... (Hint: You've got an extra double-quote...) but other than that, looks about right.

    Incidentally, since everyone has to either be an admin or a user, why use a text box for inputting this?
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  8. #8
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I see the error with the double-quote, and will fix that.

    I use a text box because that is about the extent of my knowledge.

    I suppose a drop-down selector would be better, but I haven't tried doing anything like that other than using a program that produces a flash form.

    Another way might be to have both options available with a check box, but again, a flash form builder program is the only way I have done that in the past.

    I suspect that somewhere in the future, I will have to add a role of editor. That is something I know will be easy once I get the current form working, by adding editor to the array.
    Each day is a learning experience.

  9. #9
    SitePoint Member
    Join Date
    Oct 2011
    Posts
    9
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    why dont you use regex?? its simpler than that..

  10. #10
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I will search for that and see what it does.
    Each day is a learning experience.

  11. #11
    Keeper of the SFL StarLion's Avatar
    Join Date
    Feb 2006
    Location
    Atlanta, GA, USA
    Posts
    3,747
    Mentioned
    64 Post(s)
    Tagged
    0 Thread(s)
    Because regex is rather wasteful if you've got a known, fixed pattern.

    Bill: Regex was what you were using to begin with.
    Never grow up. The instant you do, you lose all ability to imagine great things, for fear of reality crashing in.

  12. #12
    SitePoint Wizard bronze trophy Immerse's Avatar
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    1,661
    Mentioned
    7 Post(s)
    Tagged
    1 Thread(s)
    You shouldn't really be using a text field for this, as this is exactly the kind of data the SELECT element was designed for.
    Here's your HTML updated to use a select instead of the text input. You can probably see how easily you can add a new option to the drop down list

    Changing this has no effect on your PHP code, the selected value is still sent to PHP as $_POST['role'].

    PHP Code:
    <p>
        <
    label>
            
    Role:
            <
    select id="role" name="role">
                <
    option value="user">User</option>
                <
    option value="admin">Admin</option>
            </
    select>
        </
    label>
    </
    p

  13. #13
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nice.

    I will work on that tomorrow (today is meetings at work all morning, half the afternoon, and most of the evening is dinner).
    Each day is a learning experience.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •