Protect a form from special characters

Hello everyone. I need help to protect my insert form from special characters as those (~!@#$%^&*()_+=][’;/.,<>., (AND CAPITAL LETTERS)) I tried everything but it didn’t work. Here is a basic example of my project.
(the form work perfectly, I can see the posted messages in the database)

1st php page
[php]

$HOST=“"
$USERNAME="

$PASSWORD=“"
$DB_NAME="

$TABLE_NAME="******"

Mysql_connect(…)
mysql_select_db(…)

//get value from insert form
$name=$_POST[‘name’];

//remove special characters
$name = htmlentities($name) ;

$sql=“INSERT INTO $tbl_name(name)VALUES(’$name’)”;
$result=mysql_query($sql);

// if successfully insert data into database, displays message “Successful”.
if($result){
echo “Successful”;
echo “
”;
echo “Back to main page”;
}

else {
echo “ERROR”;
}

// close connection
mysql_close();

[/php]

2nd php page:

[php]

[/php]

Please help me to remove special characters from being send to my MySQL database. I want to allow only those characters (a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) Also, if you can tell me how to prevent my form from sql injections it will be great If you can add a captcha to that form, it will be cool 2. thank for helping :slight_smile:

Check the javascript below: try to type number and special charecters in texbox. Also Try backspace arrow keys :slight_smile: :

[code]

Untitled Page
[/code]
Sponsor our Newsletter | Privacy Policy | Terms of Service