Check string for high ascii, punctuation, other weird characters

Question

I've got a string called $ID coming in from a different page and hitting base64_decode($enc); and want to check it for any weird characters. $ID when decrypted should only contain letters, numbers, underscores and dashes.

I've had a bit of a look at preg_replace('/[\x80-\xFF]/', '', $string); which cuts out some weird characters---which is helpful---but I can still see sometimes that @ signs and brackets and stuff still make it in.

Is there a way I can lower the ascii test? Or how else do I cut out everything except letters, numbers, underscores and dashes?

Any help at pointing me in the right direction is wonderful and thanks!

$enc = $_GET["key"];
$ID= base64_decode($enc);

if (empty($enc)) { echo "key is empty"; } else {

    echo "string ok<br>"; 

    $check = preg_replace('/[\x80-\xFF]/', '', $ID);
    echo $check;
    // i can see this step is helping cut junk out, do more tests from here
 }

score 0 · Answer 1 · answered Nov 29 '14 at 16:19

0

Typing a caret after the opening square bracket negates the character class, so you can do:

$check = preg_replace('/[^A-Za-z0-9_-]/', '', $ID);

answered Nov 29 '14 at 16:19

dynamic

46,985
55
154
231

score 0 · Answer 2 · answered Nov 29 '14 at 16:52

0

You can use this replacement:

$check = preg_replace('~[^[:word:]-]+~', '', $ID);

The [:word:] character class contains letters, digits and the underscore.

To make the string lowercase, use strtolower()

answered Nov 29 '14 at 16:52

Casimir et Hippolyte

88,009
5
94
125

Check string for high ascii, punctuation, other weird characters

2 Answers2