Tryangled Solutions web designing tips tricks

I came to a point where I needed to filter the user input (not just tell the user something like : “The username isn’t in the right format” or “Please choose a valid name for your username”), I mean let him to input in the form anything he wanted too but in the end what we store in the database is his processed input (only A-Z, a-z and 0-9).
I had the Visual Basic and C++ thinking .. I must do that and that and that to get rid of unwanted characters. It was a little time consuming and I was in hurry so I googled and I reached the ereg_replace help page on PHP.net website. Suddenly all became much much easier :D, just write a regular expression (ohh, by the way .. if someone asks I can write a small tutorial on regular expressions) like this : “[^A-Za-z0-9]” and that was it :).

Below is a small example on how to filter (remove all characters except uppercase/lowercase letters and numbers)

1. <?php
2. //our string
3. $str = “nek#$#hbet|20&&07″;
4. $filtered = ereg_replace(”[^A-Za-z0-9]“, “”, $str);
5. print $filtered; // will print ‘nekhbet2007′
6. ?>

PHP is a strong language with a lot of functions that help us to decrease the development time. So before thinking how to do a certain thing just take a look first at www.php.net and see if what you need isn’t already done

<form>
<p>
This program lets to find out what mysql version your current hosting is running on.
You need to enter correct databaes parameters in order to get desired info.
</p>
<b>db host: <b/>
<input type=”text” name=”db_host” value=”localhost”>
<hr size=1 width=”25%” align=left>
<b>db username: <b/>
<input type=”text” name=”db_user” value=”">
<hr size=1 width=”25%” align=left>
<b>db password: <b/>
<input type=”text” name=”db_pass” value=”">
<hr size=1 width=”25%” align=left>
<hr size=1 width=”25%” align=left>
<input type=”submit” name=”submit” value=”submit”>
</form>
<?php
/*
1) enter db user/pass: host = localhost
2) view results
scenario:
1) show form
2) try to login
3) if OK -> show version
4) otherwise tell incorrect db user/pass combination
Freeware for comercial or non-commercial use.
no warranties!
*/
$submit = empty($_REQUEST['submit']) ? 0:1;
if ($submit) {
$db_host = empty($_REQUEST['db_host']) ? “localhost” : $_REQUEST['db_host'];
$db_user = empty($_REQUEST['db_user']) ? “” : $_REQUEST['db_user'];
$db_pass = empty($_REQUEST['db_pass']) ? “” : $_REQUEST['db_pass'];;
if (         empty($db_host)
|| empty($db_host)
|| empty($db_host) ) {
die(”<font color=’red’>Missing fields.</font>”);
}
$link = @mysql_connect($db_host, $db_user, $db_pass);
if (!$link)
die(”<font color=’red’>Can’t connect.
Please check your data.</font>”);
$qry = “SELECT VERSION()”;
$result = @mysql_query($qry);
if (!$result) {
die(”<font color=’red’>Query error: ” . mysql_error() . “</font>”);
}
$ver = @mysql_result($result, 0);
print “<font color=’green’>MySQL version: <b>$ver</b></font>”;
@mysql_free_result($result);
}
?>

[mail function]
SMTP = YOUR_PROVIDER
smtp_port = 25
username = USERNAME
password = YOUR_PASSWORD

<?
$username = “someuser”;
$password = “somepassword”;

if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {?>
<h1>Login</h1>
<form name=”form” method=”post” action=”<?php echo $_SERVER['PHP_SELF']; ?>”>
<p><label for=”txtUsername”>Username:</label>
<br><input type=”text” title=”Enter your Username” name=”txtUsername”></p>

<p><label for=”txtpassword”>Password:</label>
<br><input type=”password” title=”Enter your password” name=”txtPassword”></p>
<p><input type=”submit” name=”Submit” value=”Login”></p>
</form>
<?} else {?>
<p>This is the protected page. Your private content goes here.</p>
<?}?>