Popular:
 Building Resilient Systems on AWS: Learn how to design and implement a resilient, highly available, fault-tolerant infrastructure on AWS.

Simple Username Creation Validation with PHP

By  on  

When I create login areas (mostly intranets) for small websites, I'm always asked by the customer to keep usernames to letters and numbers. That means no email addresses as usernames and special characters like "_", "-", and ".". This, in my customer's mind, keeps the login easy for their users and limits the number of support calls they will receive. While I don't recommend disallowing common username characters like the ones cited above, I do understand their need for simplicity. Here's how, using PHP, I validate that a username is only letters and numbers.

The PHP

function validate_username($input,$pattern = '[^A-Za-z0-9]')
{
	return !ereg($pattern,$input);
}

It's as easy as that. I don't go as far as using this for passwords, but you could if you wanted to. I'll also mention that if I want to allow non-alphanumeric characters, I just need to change the function's pattern. Easy enough!

Request Metrics real user monitoring
Request Metrics real user monitoring
Request Metrics real user monitoring
Request Metrics real user monitoring

Recent Features

  • By
    Conquering Impostor Syndrome

    Two years ago I documented my struggles with Imposter Syndrome and the response was immense.  I received messages of support and commiseration from new web developers, veteran engineers, and even persons of all experience levels in other professions.  I've even caught myself reading the post...

  • By
    I’m an Impostor

    This is the hardest thing I've ever had to write, much less admit to myself.  I've written resignation letters from jobs I've loved, I've ended relationships, I've failed at a host of tasks, and let myself down in my life.  All of those feelings were very...

Incredible Demos

  • By
    Create Spinning Rays with CSS3 Animations & JavaScript

    Thomas Fuchs, creator of script2 (scriptaculous' second iteration) and Zepto.js (mobile JavaScript framework), creates outstanding animated elements with JavaScript.  He's a legend in his own right, and for good reason:  his work has helped to inspire developers everywhere to drop Flash and opt...

  • By
    Digg-Style Dynamic Share Widget Using MooTools

    I've always seen Digg as a very progressive website. Digg uses experimental, ajaxified methods for comments and mission-critical functions. One nice touch Digg has added to their website is their hover share widget. Here's how to implement that functionality on your site...

Discussion

  1. Иван

    I like the approach — instead of matching a word boundary e.g. ^[a-zA-z0-9]*$ you match the first invalid character. I wonder what the speed difference is…

    BTW, you can use [^\w\d] insead ;) It’s lazier

  2. Иван

    My bad. You cant use \w since it matches _ as well. On the other hand \w handles \d, so if you are looking for something quick for chars, digits and _ — you can use \w.

  3. Brian

    You could also use PHP’s ctype_alnum to match only alphanumeric characters
    which matches (ever so slightly) faster than its equivalent regular expression,
    and still retain future flexibility by using something like: 

    function username($input, $pattern = false)
{
       return ($pattern) ? !ereg($pattern, $input) : ctype_alnum($input);
}

    Of course the speed difference is on the order of nanoseconds,
    but it is faster nonetheless.

  4. Jeff Hartman

    A better method name would be useful. ;)

  5. david

    @Jeff: Ooops. I have this function within a class. I actually use it like this:

    if($valid->username($input)) {
  // move on...
}

    I simply didn’t rename it for the blog. I’ll do that quick!

  6. Rexxars

    A word of warning, ereg is being removed in PHP6 because of the more powerful and usually faster preg. Altering your code to work with pregs is easy and safer should the server you’re on upgrade to PHP6 sometime in the future:

    function validate_username($input, $pattern = '/[^A-Za-z0-9]/')
{
    return !preg_match($pattern, $input);
}
  7. Dmytri Kleiner

    ereg will be deprecated in php 5.3 and removed in 6, use preg instead

  8. Sushant Danekar

    ereg is not available in php 5.3.0

    any alternative for this ?

  9. Nolan Hawkins

    I’m rather new to regexp, and am just trying to get something exactly like this to work, but it just isn’t. I got annoyed, and then simplified as much as possible to this:


    and it isn’t responding anything except 0, no matter what I try.

  10. Nolan Hawkins

    Oops sorry. Anyways, it’s just a text input that posts to itself, and it deals with the post by doing

     if(!is_null($_POST["f"])){
$input=$_POST["f"];
$pattern = '[^A-Za-z0-9]';
$a=preg_match($pattern,$input);
echo $a;
}
  11. ifreelancer.asia

    The Best way I recommend is this :-

        $str = "";
    function validate_username($str) 
    {
        $allowed = array(".", "-", "_"); // you can add here more value, you want to allow.
        if(ctype_alnum(str_replace($allowed, '', $str ))) {
            return $str;
        } else {
            $str = "Invalid Username";
            return $str;
        }
    }

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!