Andre, > Thanks DL,
=a pleasure > I've read that part of the manual. My original syntax was as you > suggested [^a-zA-Z-'], but the PostgreSQl query barfed on the apostrophe. =these are two quite separate things (1) and (4): 1 accept input ($_POST) 2 validate input 3 prepare input for storage 4 store the input data > The preg_match works, but the db refuses to accept the apostrophe. Reading > the postgresql docs, they suggest escaping the character, but since the > variable is contained in $_POST['ssname'] I don't know how to get the escaped > character inserted into this POST'd variable. > > After the validation check : > > if (!preg_match("^[a-zA-Z-/\'/]^", $_POST['ssname'])) die . . . . . > > the POST'd variable is transformed: > > $_POST['ssname'] = ucwords("{$_POST['ssname']}"); > $_SESSION['ssname'] = $_POST['ssname']; > $_SESSION['ssname'] = ucwords("{$_SESSION['ssname']}"); > > and then inserted into the db: > > "INSERT INTO sponsor (sid, sfname, ssname, . . . '{$_SESSION['ssname']}', . . > . . > > So, how would I get this escaped character into the db? > > Any further help would be greatly appreciated. I'm stumped on this one. > Perhaps, I'll have to exclude apostrophes, but there must be a way?? =with PHP there's usually a way... =throw 'escape database' (apostrophe will work too) at the PHP manual's search facility (the manual is really v.good!) and it will respond with a reference to ADDSLASHES(), which will do as you ask - there is also a reference to a PG function (I'm not a PostGres user so can't assess if that might hold some advantage in your situation). =hope that helps, =dn > On Wednesday 28 August 2002 06:16 am, DL Neil wrote: > > > I'm trying to get an apostrophe (and a dash, as well) to be > > > included in a preg_match expression, but I don't know how to escape the > > > characters. > > > > The manual discusses which characters need escaping and how to escape > > characters: http://www.php.net/manual/en/pcre.pattern.syntax.php > > > > > <?php > > > if (preg_match("^[!a-zA-Z-/\\\'/]^", $_POST['ssname'])) die > > > ("<h5>Numbers and special characters not allowed in 'Surname'<br><br> > > > Click 'Back' on your browser to re-enter > > > information.</h5>"); > > > > > > ?> > > > Any help will be greatly appreciated. > > > > Keep it simple: [^a-zA-Z-'] > > > > Regards, > > =dn > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php