Posted by Philip Ronan on 10/09/05 17:43

"rachellara1979@gmail.com" wrote:

> ... Basically want to check that a user and
> password (entered in a previous page) only has characters but the
> result of this is that it only ever goes to wrong!!! please tell me
> why! I cant figure it out and feel so stupid! I even tried with :
>
> if(ereg("[a-z][A-Z][0-9]", $Pword) && ereg("[a-z][A-Z][0-9]", $User)) {
> redirection2();
> }
> else {
> redirection();
> }

You need to learn a bit more about regular expressions.

The expression "[a-z][A-Z][0-9]" matches a single lowercase letter, followed
by a single uppercase letter, followed by a single digit. Any string
containing this combination will pass your test (try "-+= xY2 &/;", for
example -- the sequence "xY2" in the middle is enough to pass your test).

In this case, something like "^[a-zA-Z0-9]+$" would probably work better,
although I don't think it's wise to restrict passwords to alphanumeric
characters only. Why not allow other symbols like /, _, !, @, #, $, %, ^, &,
* as well? And don't names sometimes contain spaces or hyphens?

You can also define minimum and maximum lengths for these strings by
replacing "+" with something like "{4,20}". I'll leave you to figure out how
this all works. The documentation is perfectly clear:

<http://php.net/manual/en/reference.pcre.pattern.syntax.php>

--
phil [dot] ronan @ virgin [dot] net
http://vzone.virgin.net/phil.ronan/

[Back to original message]