Chris Santerre wrote:
We often replace it with something like \w{0,15} or whatever. Helps the code.
Ah, sorry. I understand what you meant about '*' now. I thought you were talking about '+' versus '*', but your observation would apply just as well to '+', which should be replaced by '{1,15}' or something.
I think these changes aren't so necessary if you're applying the quantifier to something that's unlikely to match a long string of characters. Obviously '.*' is bad, but '\s*' isn't going to hurt much, and '[^>]*' probably isn't much of a problem in HTML. Still, adding limits is easy enough, especially since spammers could construct messages with "unlikely" sequences.
-- Keith C. Ivey <[EMAIL PROTECTED]> Washington, DC