Great topic. I love talking about all the tiny details of regular expressions. They do matter!
Nobody has made a comment on the very first regex though.
Quote:
Originally Posted by Matt83
Validating a Username:
PHP Code:
$string = "userNaME4234432_";
if (preg_match('/^[a-z\d_]{4,28}$/i', $string)) {
echo "example 1 successful.";
}
|
I'm telling you this username regex is flawed. Have a good look at it. Think. Test it. Then read on for the explanation.
The Problem
Okay, the often made mistake is to think that
$ matches at the end of a string. The truth is that by default
$ matches immediately before the final character if it is a newline.
This means that usernames containing a newline character at the end would pass. You wouldn't want that, right?
The Solution
Simply alter the meaning of
$ by applying the D modifier to your regex. This will make it match only at the real end of the string. Alternatively, you could use the
\z metacharacter.
The example below should make it all crystal clear, I hope.
PHP Code:
$username = "mr_newline\n";
preg_match('/^[a-z\d_]{4,28}$/i', $username); // TRUE
preg_match('/^[a-z\d_]{4,28}$/iD', $username); // FALSE
preg_match('/^[a-z\d_]{4,28}\z/i', $username); // FALSE
Further Reading