| Web News |
Digitale Demonstranten
Jetzt ist es sogar amtlich. Ein Mausklick ist keine Gewalt.
Diese bemerkenswerte Feststellung steht in einem jetzt
veröffentlichten Urteil des Oberlandesgerichts Frankfurt/Main.
Es sprach Andreas Vogel frei und...
Makro-Virus für StarOffice
Die Kaspersky Labs haben laut dem Unternehmensblog einen Makro-Virus für StarOffice entdeckt. Bei Stardust handelt es sich um einen Proof-of-Concept-Schädling, der keine echten Schadroutinen mitbringt...
Größtes Linsenteleskop Deutschlands wieder zugänglich
Deutschlands größtes Linsenteleskop hat wieder für Besucher geöffnet. Ein Blick in den Himmel war jedoch nicht möglich, als der über 100 Jahre alte Große Refraktor auf dem Potsdamer Telegrafenberg nach mehrjähriger Restaurierung am Mittwoch zugänglich wurde: Es regnete in Strömen...
|
|
| Recent Articles |
AJAX - Executive Summary
AJAX (Asynchronous Javascript and XML) is a software platform to build and
deploy Rich Internet Applications.(RIA) Some RIA applications include Flash, Java Applets and ActiveX Controls.
Microsoft Brings Tools To CareerBuilder
Access to Visual Studio Express and SQL Express through the
job search site CareerBuilder.com will be provided by Microsoft in a partnership deal.
How To Use NDoc To Generate XML Documentation In .NET
Documentation of
your system is one of the important tasks that has to be done for any software system or product...
|
|
06.22.06
Form Checking - Verifying Name Using PHP Ereg
 By Bernard Peh
One important use of Regular Expressions (Regex) is to verify fields submitted via a form. In this article, we attempt to write an expression that is able to verify the user's first name, middle name, last name or just names in general.
The expression should allow names such as "Mary", "Mr. James Smith" and "Mrs O'Shea" for example. So the challenge here is to allow spaces, periods and single quotation marks in the name field and reject any other characters.
Elimination Technique
Instead of coming up with a set of rules to specify the possible combination of legal characters, we try to identify and detect all illegal characters in the name field. I came up with the following list:
Punctuations: ~`!@#$%^&*()=+{}|:;"/?,
Numerics: Any digit ranging from 0 to 9
Notice that I left out the empty space ( ), period (.) and single quotation mark (') because we are allowing these 3 characters to pass the verification. In other words, the verification will fail if the name field contains any of the punctuations or numerics above.
The Regular Expression
Are you ready for the hardcore part? The regex pattern I came up with is as follows:
([[:digit:]]|[~`!@#$%^&*()_=+{}|\:;"/?,]|[|]|-)+
Scary? No. Let me briefly explain what this pattern means. The expression can be represented by:
(expression1 | expression2 | expression3 | expression4 | expression5)
What we are trying to do here is to match the name field to the patterns in expression 1, 2, 3, 4 or 5. If you look at the regex closely, you will see that expression1 is actually [[:digit:]].
Expression2 is:
[~`!@#$%^&*()_=+{}|\:;"/?,]
Notice that I added a backslash () before each of the 5 characters "()+|". By backslashing these characters, I am telling the function to treat the characters as it is and not as special built-in characters. For example, the brackets "()" actually means grouping in regex but if I backslash it, ie "()", it simply means that I want to match "(" and ")".
Expression3 is "[", expression 4 is "]" and expression 5 is "-". We left out the 3 characters "[]-" in expression2 just to avoid confusion because we already used "[]" as the outer brackets. As for "-", we left it out because it is normally used as a range within the brackets "[]", like so [A-Z].
Implementation
To implement it in PHP, we write the code as follows:
$pattern = '([[:digit:]]|[~`!@#$%^&*()_=+{}|\:;"/?,]|[|]|-)+';
$name = stripslashes({$_POST['name_field']});
if (ereg($pattern,{$_POST['name_field']})) {
echo "write your error message";
}
We stripslashed the name field just in case you have magic quotes turned on. If magic quotes is turned on, the single quotation mark will be passed as ' instead just '. The ereg function will look for digits and illegal punctuations in the $_POST name field. If an error is found, we can do something such as alerting the user of the error.
Conclusion
Hopefully, this article can give you some insight into regex and save you some time when verifying name fields. You can modify the regex to have stricter rules for example, you may not want the name field to start with a space or a period. That's all for now. Cheers.
About the Author:
Bernard Peh is a Web Developer based in Melbourne. He works with experienced web designers and developers everyday, designing and developing commercial websites. He specialises mainly in SEO and PHP programming. Visit his blog at Melbourne PHP.
|
