Member Avatar for RLS0812

I am attempting to use preg_replace to purge everything except letters and numbers in the $_POST, however is seems to be failing to work.
Sample code below demonstrating the problem.

<html>
<?php
 if( isset($_POST["name"]) || isset($_POST["age"]) )
  {
     $x1 = preg_replace('[^A-Za-z0-9]', "", $_POST['name'] );
     $x2 = preg_replace('[^A-Za-z0-9]', "", $_POST['age'] );
     $_POST['name'] = $x1;
     $_POST['age'] = $x2;
     echo "Welcome ". $_POST['name']. "<br />";
     echo "You are ". $_POST['age']. " years old.";

  }
  else{
  $_POST['name'] = 'null';
  $_POST['age'] = 'null';
  }
?>
<body>
  <form action="<?php $_PHP_SELF ?>" method="POST" onsubmit=" ">
<br>
  Name: <input type="text" name="name" />
  Age: <input type="text" name="age" />

  <input type="submit" />
  </form>
</body>
</html>
  • 2 Contributors
  • 2 Replies
  • 229 Views
  • 15 Minutes Discussion Span
  • Latest Post Latest Post by RLS0812

Recommended Answers

All 2 Replies

Member Avatar for pritaeas

What does the following do?

$x1 = preg_replace('/[^A-Za-z0-9]/', "", $_POST['name'] );
$x2 = preg_replace('/[^A-Za-z0-9]/', "", $_POST['age'] );
echo "Welcome " . $x1 . "<br />";
echo "You are " . $x2 . " years old.";

Looks like you missed the enclosing characters, slashes in this case.

Member Avatar for RLS0812

That strips everything exept letters and numbers from 'name' and 'age'

Thanks for the info ... didn't notice the missing / /

Edited by RLS0812
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.