I need to allow the form user to fill out the form using alpha numeric characters only.
After reading what I could find this my first attempt to use preg_replace.
This works but I need to make sure I am validating the user form input.
Have I missed any thing?

$find = strip_tags(trim($_POST['find']));
$find = preg_replace("/[%|<|>|!|?|#|*|@|(|)]/", "", $find);

Sure, ~.

Perhaps a different solution would work better. Eliminate everything but A-Z, a-z, and 0-9...

Thanks for the response

I will use

preg_replace("/[^a-zA-Z0-9\s]+/", "", $find);

That better follows the security rule "Only allow what you want to allow, nothing else."

You may want to consider something along the lines of this UNTESTED regexp:

This matches one or more nonword characters and a whitespace character. If you have to watch for Unicode characters and foreign input this is the way to go.