my question is about validation using php. i am validating a username which a user would enter and clicks on a image to find if that username is available. example if a user enters abc#123 php file is reading this value as abc ONLY which i do not want instead the php file should read as abc#123. follow is the sequence of pages. please advice the solution. first page = register.php here a user enters a username and clicks on an image to find out if the username is available or not. using a javascript function of onclick i am reading the value entered in the form in javascript as ============================================= var useri = document.registrationform.username var valueofuseri = document.registrationform.username.value var recui = /^\s{1,}$/g; if ((useri.value==null) || (useri.value=="") || (useri.length=="") || (useri.value.search(recui))> -1) { alert("Please Enter a User Name") return false } window.open("checkusernamei.php?theusernameis="+valueofuseri, "titleforavailabilityi", "width=680, height=275, status=1, scrollbars=1, resizeable=yes"); ============================================ second page = checkusernamei.php = this file uses GET to read what was entered in the form. ============================================ $username = $_GET["theusernameis"]; if( $username == "" || !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) ) { echo "username is blank or has special characters"; } ============================================ the # sign is being ignored only if the image is clicked in order to check the username, if the user enters abc#123 and clicks the submit button without clicking on the checkuser image button then my php validation for username shows an error message. ============================================================== if( $username == "" || !preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $username) ) { echo "display error message for username"; } ============================================================== now the problem is with clicking the image only and passing using GET method how can i fix this problem. please advice. thanks.
This isn't a server-side issue; most browsers don't include the # and anything after it when sending a page request to a server. The # symbol is usually used in an URL to tell the browser to automatically jump to the top of the page or a specified location in the page. Don't allow people to use a # username or substitute something in place of a # symbol when being used in an URL.
yep I agree with sevby, and give you suggestion to use POST instead of GET, and sorry, I cant help you much, as you are using Javascript to send the username to PHP to give out error messages I only do PHP/XHTML , javascript goes off my head However, I can make you a PHP version of this code : if (isset($_POST['checkusername']) && !empty($_POST['username']) && $_POST['username'] != '') { if (!preg_match("/^[a-z0-9]+(?:_[a-z0-9]+)?$/i", $_POST['username'])) { echo "username is blank or has special characters"; } } PHP: just put this code before the form, and it will validate the "username" text field when someone presses the button with name "checkusername". for futher help, pm me thanks