Regex Validation in PHP

Regex Validation in PHP Posted in PHP | 0 Comments Validation is a common concern for webmasters everywhere. If someone is entering information into your form, you need to validate it! But what is the simplest way to do so? Well, whenever dealing with large amounts of text patterns that need to be followed, I always turn to Regular Expressions. Regular Expressions are a way of following a pattern you define.

While I won’t teach you Regex, I will tell you about Regex in PHP. PHP predominantly uses the flavor of Regex that Perl does. This is why the function to perform a regular expression in PHP is preg_match. Perform a PERL Regular Expression Match, get it? Anyway, there are certain modifiers that can be added to the pattern in PHP to affect how it performs.

For example, adding “i” makes it case insensitive. I had to do this for the Email address pattern, because it shortens the regex pattern for readability in the assumption that you use it with case insensitivity. Then, there is the “m” modifier which will treat a multiple line subject as actually multiple lined. Otherwise, newlines (n) are ignored and the anchors (^ and $) will assume you mean the beginning and end of the entire subject. “s” is useful if you are constantly using a regex pattern that does not start with ^ and does not have a consistent starting character.

In order to determine if the username, password, and verification password are correct, I assume that only alphanumeric characters are allowed. Therefore, instead of searching for everything that could be a potential wrong character, I search for characters that are not alphanumeric. This is indicated by the ^ character in the character class [^A-Za-z0-9]. Then, later on, if there is a match, I know that there is an invalid character in the field.

Also keep in mind that there are metacharacters that need escaped in regex. I recommend preg_quote for this.

The email and URL values are more difficult, especially because these are standards that are hard to define. For example, on regular-expressions.info, quite a lengthy debate has gone into the email regex. Technically, a valid email address can contain apostrophes. For the majority of email addresses, what is listed will be valid. URLs contain a similar problem. Top-level domains are numerous, and a list is hard to aggregate. People also have a tendency to just say “phpjabbers.com” instead of “http://phpjabbers.com”. There are also situations where the top-level domain contains a value for the country as well, like “google.co.uk”.

I can not advise attempting to include as much as you can. If you try to cater to everyone, you end up spending so much time on validation that it is no longer feasible. Validate user input according to what is expedient in your code, not according to what they will enter.

Also, regex is not the solution to every problem (though it is for most). If you are validating something that has many exceptions or is extremely complicated, it becomes a chore. I can’t even imagine trying to format dates and times. Is 12:00 noon or midnight? Is 12:60 valid? What about 17:00? Do you require AM and PM to be entered? Does 3 mean the same as 3:00? These things are better left to either humans or some other method you can devise.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
$un = $_POST["user"];
$pw = $_POST["pass"];
$pw2 = $_POST["pass2"];
$em = $_POST["email"];
$url = $_POST["url"];
$info = array($un, $pw, $pw2, $em, $url);
foreach ($info as $idx => $unit) {
        switch ($idx) {
                case 4:
$rgx = "/^((ftp|http|https)://(w+:{0,1}w*@)?)?(S+)(:[0-9]+)?(/|/([w#!:.?+=&%@!-/]))?$/";
                break;
                case 3:
                        $rgx = "/^[A-Z0-9._%+-]+@[A-Z0-9.-]+.[A-Z]{2,4}$/i";
                break;
                case 2:
                        //read below
                        $rgx = "/[^A-Za-z0-9]+/";
                break;
                case 1:
                        //read below
                        $rgx = "/[^A-Za-z0-9]+/";
                break;
                case 0:
                        //if characters are NOT normal
                        $rgx = "/[^A-Za-z0-9]+/";
                break;
                default:
                        echo "???";
                        die("$unit ?");
                break;
        }
        $n = preg_match($rgx, $unit, $matches);
        if ( ($idx == 0) || ($idx == 1) || ($idx == 2) ){
                if ($n) {
                        echo "Bad Characters in $unit; Alphanumeric only";
                }
        } else {
                if ($n == 0) {
                        echo "Incorrect Format in $unit; Enter Valid Info";
                }
        }
}
?>
Advertisements
By Rz Rasel Posted in Php

17 comments on “Regex Validation in PHP

  1. My companion and I really enjoyed reading this blog publish, I used to be just itching to know do you trade featured posts? I am all the time trying to find somebody to make trades with and merely thought I would ask.

  2. I feel this is one of the most significant info for me. And i’m satisfied reading your article. But wanna observation on few common issues, The web site style is perfect, the articles is in reality great : D. Excellent job, cheers

  3. I have been exploring for a little for any high quality articles or blog posts on this sort of area . Exploring in Yahoo I at last stumbled upon this site. Reading this info So i’m happy to convey that I have a very good uncanny feeling I discovered just what I needed. I most certainly will make certain to don’t forget this site and give it a look regularly.

  4. Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You obviously know what youre talking about, why waste your intelligence on just posting videos to your weblog when you could be giving us something informative to read?

  5. Pretty section of content. I just stumbled upon your website and in accession capital to assert that I acquire in fact enjoyed account your blog posts. Anyway I will be subscribing to your augment and even I achievement you access consistently rapidly.

  6. Thank you for the auspicious writeup. It if truth be told was a leisure account it. Glance complicated to far added agreeable from you! By the way, how could we be in contact?

  7. Nice post. I waas checking constantly this blog and
    I’m impressed! Very hellful information specially the last part 🙂
    I care for suxh info a lot. I was seeking this certain information forr a long time.
    Thank you and good luck.

  8. Thanks for another informative website. Where else could
    I get that type of info written in such an ideal way? I have a project that
    I am just now working on, and I’ve been on the look out for such info.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s