我如何從輸入塊!@#$%^ * &()只_和字母?
這是我的代碼PHP模塊提交符號
$query = htmlspecialchars(trim($_GET['search']));
$min_length = 3;
if (strlen($query) >= $min_length) {
$query = htmlspecialchars(trim($query));
$query = mysql_real_escape_string($query);
$raw_results = mysql_query("SELECT * FROM skins WHERE (`username` LIKE '%" . $query . "%')") or die(mysql_error());
}
$query = htmlspecialchars(trim($_GET['search']));
$min_length = 3;
if (strlen($query) >= $min_length) {
if(preg_match('/^[A-Za-z0-9_]+$/',$query)){
$query = htmlspecialchars(trim($query));
$query = mysql_real_escape_string($query);
$raw_results = mysql_query("SELECT * FROM skins WHERE (`username` LIKE '%" . $query . "%')") or die(mysql_error());
} else {
//do something if $query contains something else than alphanumeric and _ chars
}
}
「^ [A-ZA-Z _] * $」 應爲如果允許大寫和小寫 – DevlshOne
工作,爲什麼這行$查詢=用htmlspecialchars(TRIM( $ query));你已經在if之前做了這個? – Pwner
你仍然需要去和**勾選正確的答案**:[這裏](http://stackoverflow.com/questions/20029234/mysql-get-random-username/20029355#20029355)。 – Jimbo