Roman Neuhauser wrote:
> # jochem@xxxxxxxxxxxxx / 2007-01-17 01:42:09 +0100:
>> Beauford wrote:
>>> Further to my previous email, there is something weird going on here. I just
>>> tried using this:
>>>
>>> if (!ereg('^[A-Za-z0-9]', $strvalue)) {
>>> return "error";
>>> }
>> stop using bleeding ereg*() function - move to preg_*() funcs like the rest of
>> the world did 5+ years ago.
>
> Or even better: how about using the right tool for the job? :)
true, although the function should be spelled correct to avoid fatal errors ;-)
>
> if (!ctype_isalnum($strvalue)) {
> return "error";
> }
>
>> if (!preg_match("#^[A-Z0-9]+\$#i", $s)) {
>
>> (ps the above is a crappy regexp for real world use imho, but it serves
>> the purpose of example)
>
> It's dangerous.
why dangerous?
given that this page: http://php.net/manual/en/function.ctype-alnum.php
says, and I quote:
"Checks if all of the characters in the provided string, text, are alphanumeric. In the standard C locale letters are
just [A-Za-z] and the function is equivalent to preg_match('/^[a-z0-9]+$/iD', $text). "
the 'D' modifier being the only difference in my example regexp and the equilavent given on the
ctype_alnum() page ... I grant that the 'D' modifier might the difference between dangerous and
not dangerous, if that's the case please explain (because I'm not seeing it :-)
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
