TalkPHP - View Single Post - How would I use Email and password validation?

Andrew · 12-20-2007, 04:36 AM

Well, with contact forms (forgot that was what you were coding), very little security is necessary as long as everything isn't outputted in HTML. For example, the other day, I had someone attempt a XSS attack using <script> tags in my plaintext email, so of course nothing happened. However, to validate a domain as well, I'd use this regex (assuming I did it right):

PHP Code:


			
preg_match("/^[http:\/\/]?[w]{3}?[A-Za-z0-9\-][\.][A-Za-z]{2,4}$/")

However, I'd strongly suggest having someone skilled with regex to check that before you implement it (or you can test it), since I'm not too experienced myself.

If you would LIKE to encrypt the password that they give you, just use md5().

12-20-2007, 04:36 AM	#6 (permalink)
Andrew The Acquainted Join Date: Sep 2007 Location: Arizona Posts: 114 Thanks: 10	Well, with contact forms (forgot that was what you were coding), very little security is necessary as long as everything isn't outputted in HTML. For example, the other day, I had someone attempt a XSS attack using <script> tags in my plaintext email, so of course nothing happened. However, to validate a domain as well, I'd use this regex (assuming I did it right): PHP Code: `preg_match("/^[http:\/\/]?[w]{3}?[A-Za-z0-9\-][\.][A-Za-z]{2,4}$/")` However, I'd strongly suggest having someone skilled with regex to check that before you implement it (or you can test it), since I'm not too experienced myself. If you would LIKE to encrypt the password that they give you, just use md5().