correct me if i'm wrong... but php just passes the string to mysql and it decides what to do with it... why would php validate database input, and I aggree the alla clone is a mess for validation.
What i've been doing in the mag clone is only allowing alpha characters in there using a php function, similar to your regex. That was the same plan I had for character name... as for username I wouldn't mind getting a list of available characters from the devs here.
|