Hi guys,
can anyone possibly help me with this?
// Validate the product name
if(empty($product_name)){
$error .= "~ Please enter the product name.<br>";
}
if(!preg_match('/^[a-zA-Z\\'.-\\s]{2,30}$/',$product_name)){
$error .= "~ Invalid product name! (Only letters, spaces, apostrophes and hyphens are allowed)<br>";
}
The validation above wont accept apostrophes, what do I need to change?
Yes. You’re trying to validate (with the regex) user input, but you’ve already changed the input into something else entirely (with mysql_real_escape_string and stripslashes). (:
This works for me
<?php
$error = "Error: ";
$product_name = "Widgets G'lore you-bet";
if(!preg_match('/^[a-zA-Z\\'.-\\s]{2,30}$/',$product_name))
{
$error .= "~ Invalid product name! (Only letters, spaces, apostrophes and hyphens are allowed)<br>";
}
echo $error;
// output = Error:
?>
Are you sure it isn’t the 2 to 30?
Does the variable have escape slashes / enititized quotes it it?
I am using a cleaner function to guard against sql injection?
mysql_real_escape_string
stripslashes
Maybe this is causing me grief?