-3

これが私のコードです:

<tr class="top">
                <th><label for="userName"><?php echo NICKNAME; ?></label></th>
                <td>
                    <input id="userName" class="text" name="name" maxlength="15"        type="text" value="<?php echo $form->getValue('name'); ?>">
                    <span class="error"><?php echo $form->getError('name'); ?></span>
                </td>
            </tr>

特殊文字(^ <>!'+%&など)やその他の文字(çiğüö)を防ぎたい

完全なPHPファイル:http://pastebin.com/RBQ2TF6S

このためのコードが必要です。簡単に教えてください。

ありがとうございました。

編集:私のlangファイル:

define("USRNM_EMPTY","(Kullanıcı adı boş)");
define("USRNM_TAKEN","(İsim zaten kullanımda.)");
define("USRNM_SHORT","(min. ".USRNM_MIN_LENGTH." figures)");
define("USRNM_CHAR","(Geçersiz Karakterler)");

EDIT2:または、db_mysql.phpへの登録を防ぐことができます

function register($username, $password, $email, $tribe, $act) {
    $time = time();
    $timep = (time() + PROTECTION);
    $q = "INSERT INTO " . TB_PREFIX . "users (username,password,access,email,timestamp,tribe,act,protect,lastupdate,regtime) VALUES ('$username', '$password', " . USER . ", '$email', $time, $tribe, '$act', $timep, $time, $time)";
    if(mysql_query($q, $this->connection)) {
        return mysql_insert_id($this->connection);
    } else {
        return false;
    }
}
4

1 に答える 1

0 
function register($username, $password, $email, $tribe, $act) {
    $time = time();
    $timep = (time() + PROTECTION);
    if (ctype_alnum($username)) {
      $q = "INSERT INTO " . TB_PREFIX . "users (username,password,access,email,timestamp,tribe,act,protect,lastupdate,regtime) VALUES ('$username', '$password', " . USER . ", '$email', $time, $tribe, '$act', $timep, $time, $time)";
      if(mysql_query($q, $this->connection)) {
          return mysql_insert_id($this->connection);
      } else {
          return false;
      }
    } else {
      return false;
    }
}
于 2013-01-12T10:54:46.290 に答える