No "Symbols"

skunkbad · 11-04-2009

I tried searching the forum to see if there was a list of the symbols that aren't allowed. All I could find was another individual asking for the same.

I'd like to have a regular expression that checks data for allowed characters only. I'm guessing that it would be easier to have data filtered this way compared to trying to check for disallowed characters. Either way, it would be great if somebody who knows could give such information. No "symbols" is kind of vague, and sitting around testing individual symbols could take a long time.

I'm developing for AIM if it makes a difference.

Help is appreciated.

itdevworks · 09-09-2009

Rather than writing a bunch of regular expression code that is a hassle to create and even worse to maintain, you should "url-encoding" each field that can contain user entered data (as opposed to ones where your code generates a value like "TRUE" or "FALSE" or some numeric value. In .NET I use System.Uri.EscapeDataString() and I can pass any of `~!@#$%^&*()_+=-{}|\][:"';?><,./ with no problem.

The other thing to do in fields with non-constrained values is escape all of the instances of either delimiter character ('|' by default, but can be changed either in the account settings in the merchant interface or with each submission using the x_delim_char field) with a preceding '\' character and escape any occurrences of the escape char with two escape chars.

Dave Parker
IT DevWorks, LLC
Makers of the I-Bill IT libraries for Authorize.net
Blog: http://www.itdaveworks.com
Twitter: http://twitter.com/rayrad
Site: http://www.itdevworks.com

skunkbad · 11-04-2009

Dave, thanks for your reply.

I use php, and I already use url_encode(). I had not thought about escaping all instances of the delimiter. That's a good tip!

Integration and Testing

No "Symbols"

Re: No "Symbols"

Re: No "Symbols"