Allow alphanumeric, punctuation, and spaces
- by bccarlso
I'm pretty new to regular expressions, and MAN do they give me a headache. They are so intimidating! For an email campaign I'm doing, a user will click a link out of the email with a few URL parameters filled in for them, to make filling out a form easier. I want to prevent any injection hacks or whatever it's called, but need to allow the $_GET parameters to be alphanumeric, have punctuation, and have spaces. If someone has a good method for this, I'd appreciate it, but right now I have:
foreach($_GET as $m=>$n) {
$get[$m] = preg_replace('(^[a-z0-9 \-\_\.]+)i',' ',$n);
}
I would like to be able to replace all characters NOT found with this regular expression, which I believe I use ?!, but I can't get that to work either. Any help in getting this to work would be appreciated!