Despite some serious googling, viewing previous posts here and consulting the php manual, I am still unable to validate my user input.
If I can get one simple form to validate, I will be able to adapt the script accordingly to any other, so any help you can give will be much appreciated.
I have a comments page. I want the user to be able to submit a comment, which if it validates will then be stored in a database, called and displayed on the 'comments' page.
At present, with no validation attempted, everything works fine.
What I want to do is make sure the user enters only text and punctuation.
Examples I've seen use preg_match. The php manual, however states that as soon as a match is found, checking of the 'subject' string stops and preg_match_all should be used. Therefore if I used
if(preg_match("/[^a-zA-Z0-9\.\ ]+$/",$field_name)) return TRUE; else return FALSE;
then a question mark ? at the end of a sentence, would still validate.
I have also seen
if(!preg_match("/[^a-zA-Z0-9\.\ ]+$/",$field_name)) return TRUE; else return FALSE;
This would seem to say 'If the regex does not match '$field_name', return true.
I don't want to put too much in this first post, so tell me, am I correct so far.