에서 참조

made by Darguz

  * This function checks the format of an email address. There are five levels of
  * checking:
  * 1 - Basic format checking. Ensures that:
  *     There is an @ sign with something on the left and something on the right
  *     To the right of the @ sign, there's at least one dot, with something to the left and right.
  *     To the right of the last dot is either 2 or 3 letters, or the special case "arpa"
  * 2 - The above, plus the letters to the right of the last dot are:
  *     com, net, org, edu, mil, gov, int, arpa or one of the two-letter country codes
  * 3 - The above, plus attempts to check if there is an MX (Mail eXchange) record for the
  *     domain name.
  * 4 - The above, plus attempt to connect to the mail server
  * 5 - The above, plus check to see if there is a response from the mail server. The third
  *     argument to this function is optional, and sets the number of times to loop while
  *     waiting for a response from the mail server. The default is 15000. The actual waiting
  *     time, of course, depends on such things as the speed of your server.
  * Level 1 is bulletproof: if the address fails this level, it's bad. Level 2 is still 
  * pretty solid, but less certain: there could be valid TLDs overlooked when writing 
  * this function, or new ones could be added. Level 3 is even less certain: there are 
  * a number of things that could prevent finding an MX record for a valid address 
  * at any given time. 4 and 5 are even less certain still. Ultimately, the only absolutely 
  * positive way to test an email address is to send something to it. 
  * The function returns 0 for a valid address, or the level at which it failed, for an 
  * invalid address.

  function MailVal($Addr, $Level, $Timeout = 15000) {

//  Valid Top-Level Domains
    $gTLDs = "com:net:org:edu:gov:mil:int:arpa:";
    $CCs   = "ad:ae:af:ag:ai:al:am:an:ao:aq:ar:as:at:au:aw:az:ba:bb:bd:be:bf:".

//  The countries can have their own 'TLDs', e.g.
    $cTLDs = "com:net:org:edu:gov:mil:co:ne:or:ed:go:mi:";

    $fail = 0;

//  Shift the address to lowercase to simplify checking
    $Addr = strtolower($Addr);

//  Split the Address into user and domain parts
    $UD = explode("@", $Addr);
    if (sizeof($UD) != 2 || !$UD[0]) $fail = 1;

//  Split the domain part into its Levels
    $Levels = explode(".", $UD[1]); $sLevels = sizeof($Levels);
    if ($sLevels < 2) $fail = 1;

//  Get the TLD, strip off trailing ] } ) > and check the length
    $tld = $Levels[$sLevels-1];
    $tld = ereg_replace("[>)}]$|]$", "", $tld);
    if (strlen($tld) < 2 || strlen($tld) > 3 && $tld != "arpa") $fail = 1;


//  If the string after the last dot isn't in the generic TLDs or country codes, it's invalid.
    if ($Level && !$fail) {
    if (!ereg($tld.":", $gTLDs) && !ereg($tld.":", $CCs)) $fail = 2;

//  If it's a country code, check for a country TLD; add on the domain name.
    if ($Level && !$fail) {
    $cd = $sLevels - 2; $domain = $Levels[$cd].".".$tld;
    if (ereg($Levels[$cd].":", $cTLDs)) { $cd--; $domain = $Levels[$cd].".".$domain; }

//  See if there's an MX record for the domain
    if ($Level && !$fail) {
    if (!getmxrr($domain, $mxhosts, $weight)) $fail = 3;

//  Attempt to connect to port 25 on an MX host
    if ($Level && !$fail) {
    while (!$sh && list($nul, $mxhost) = each($mxhosts))
      $sh = fsockopen($mxhost, 25);
    if (!$sh) $fail = 4;

//  See if anyone answers
    if ($Level && !$fail) {
    set_socket_blocking($sh, false);
    $out = ""; $t = 0;
    while ($t++ < $Timeout && !$out)
      $out = fgets($sh, 256);
    if (!ereg("^220", $out)) $fail = 5;

    if ($sh) fclose($sh);

    return $fail;
  } //MailVal

Usage Example

if (MailVal($Address, 2)) echo "Invalid address";
?> 에서 참조


Here is a series of useful regular expressions.

function isValid($type,$var) {
 $valid = false;
 switch ($type) {
  case "IP":
   if (ereg('^([0-9]{1,3}.){3}[0-9]{1,3}$',$var)) {
    $valid = true;
  case “URL”:
   if (ereg("^[a-zA-Z0-9-.]+.(com|org|net|mil|edu)$",$var)) {
    $valid = true;
  case “SSN”:
   if (ereg("^[0-9]{3}[- ][0-9]{2}[- ][0-9]{4}|[0-9]{9}$",$var)) {
    $valid = true;
  case “CC”:
   if (ereg("^([0-9]{4}[- ]){3}[0-9]{4}|[0-9]{16}$",$var)) {
    $valid = true;
  case “ISBN”:
   if (ereg("^[0-9]{9}[[0-9]|X|x]$",$var)) {
    $valid = true;
  case “Date”:
   if (ereg("^([0-9][0-2]|[0-9])/([0-2][0-9]|3[01]|[0-9])/[0-9]{4}|([0-9][0-2]|[0-9])-([0-2][0-9]|3[01]|[0-9])-[0-9]{4}$",$var)) {
    $valid = true;
  case “Zip”:
   if (ereg("^[0-9]{5}(-[0-9]{4})?$",$var)) {
    $valid = true;
  case "Phone":
   if (ereg("^((([0-9]{3}) ?)|([0-9]{3}-))?[0-9]{3}-[0-9]{4}$",$var)) {
    $valid = true;
  case “HexColor”:
   if (ereg('^#?([a-f]|[A-F]|[0-9]){3}(([a-f]|[A-F]|[0-9]){3})?$',$var)) {
    $valid = true;
  case “User”:
   if (ereg("^[a-zA-Z0-9_]{3,16}$",$var)) {
    $valid = true;
 return $valid;

$phone = "789-1234";
if (isValid("Phone",$phone)) {
 echo "Valid Phone Number";
} else {
 echo "Invalid Phone Number";
?> 에서 참조


Quotes – Single and Double

Topics on this page:

  1. Escaping with the Backslash
  2. Demonstrating Bits of Code
  3. Line Spanning with Double Quotes
  4. Code is Evaluated within Double Quotes
  5. Heredoc Syntax
  6. Reference

In javascript, you can use either single (’) or double (“) quotes and they behave the same. In php, it is different. Double quotes and single quotes aren’t exactly the same.


something="Oh something”;


“My answer is $something.<br>”;

//result is: My answer is Oh something

In the above, using double quotes, the variable $something is evaluated within the quotes and the result isn’t what is expected: the variable is evaluated to Oh something. Variables, but not functions or constants, are evaluated even when enclosed in double quotes.


‘My answer is $something.<br>’;

//result is: My answer is $something.

When single quotes are used, as above, the variable isn’t evaluated and is printed on the screen literally as $something.

Escaping with the backslash

The backslash character () can be used to escape quotes and variables. The next example repeats the idea that things are evaluated within double quotes:


something=“Oh something!”;


“My answer is $something”;

//result: My answer is Oh something!

So nothing new here, just a reminder. Next we use the backslash to escape the variable $something and also the double quotes around “is”:



"My answer “is” $something”;

//result: My answer “is” $something

The program doesn’t crash on finding more double quotes, but understands that these are just to emphasise “is”. And the program does not explode $something, but prints it literally, because it is escaped.

Demonstrating Bits of Code

Consider the following:


“My answer “is” \$something=My answer “is” $something”;

//result: My answer “is” $something=My answer “is” $something

In order to show a backslash, we need to double it “”. In the above, we also need a backslash to escape. Therefore we have three backslashes before the double quotes which we want to escape, and also three before the first occurrence of $something. Therefore, none of “My answer “is” \$something=” is evaluated and so we see the code. That is, we see “My answer “is” $something=”. The next part is the code we want to run, which results in “My answer "is” $something"

Line spanning with double quotes

Another peculiarity about double quotes is shown below:


“This is a line

and so is this<br>”


//writes This is a line and so is this

This doesn’t produce a broken string error. The quotes are quite happy to transverse several lines.

Code is evaluated within double quotes

Code within double quotes is evaluated. For instance:


something=’alert(“You have a big nose!”)’;


“(Double quotes) My answer is .$something<br>”;

//result is: (Double quotes) My answer is

//this result comes after the nasty alert!

The programmer expected to get a string variable in $something from the Internet, but got some nasty code instead. The variable within double quotes is evaluated and runs as a javascript program!.

Removing HTML special characters (including brackets)

PHP has a function called htmlspecialchars which changes some HTML to special characters, which do not run as a program.

$something=’alert(“You have a big nose!”)’;


echo"My answer is $something<br>“;

//result is: My answer is alert(‘You have a big nose!’)

//That is, just the literal code and no program.

htmlspecialchars changes, for instance, the bracket (<) to &lt;, which shows up as a bracket, but doesn’t function as such to run code.

As a cautionary note, consider this bit of code:


something=”alert(‘You have a big nose!’)“;


"My answer is htmlspecialchars($something)<br>”;

//My answer is htmlspecialchars() AND the script runs!

Whilst variables in double-quotes will be evaluated the function, in the above is not evaluated, and the script produces “My answer is htmlspecialchars()”. And the alert runs! Of course, while php knows that something is a variable (because it starts with a $), it doesn’t know that htmlspecialchars is a function and treats it as a string. It does, however, evaluate the variable ($something) and causes the bad script to run. The following fixes this:

//My answer is htmlspecialchars() AND the script runs!


something=“alert(‘You have a big nose!’)”;


“My answer is htmlspecialchars ”.htmlspecialchars($something).“<br>”;//note this line is wrapped by the browser

//result: My answer is htmlspecialchars alert(‘You have a big nose!’)

The function, htmlspecialchars, is kept outside the quotes and joined to the rest of the string using the dot (.), concatenation operator. Another use of the concatenation operator is with constants.


An alternative to using quotes is to use heredoc syntax (<<<). Begin by writing the “<<<” followed by the terminator label (which can be any valid label, I used “te”). Then write the string and finally, on a new line write the terminator. The contents of the string are evaluated. For instance

echo <<<te

//te is an arbitrary label

Just here we have

some text which can

be evaluated including



//finally repeat the label

//result: Just here we have some text which can be evaluated including Oh something!


PHP Manual Language Types

Copyright � 1998-2005
Ken J Ward 에서 참조

A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence in order to be done correctly.

In computer memory or storage, a race condition may occur if commands to read and write a large amount of data are received at almost the same instant, and the machine attempts to overwrite some or all of the old data while that old data is still being read. The result may be one or more of the following: a computer crash, an “illegal operation,” notification and shutdown of the program, errors reading the old data, or errors writing the new data. This can be prevented by serialization of memory or storage access, such that if read and write commands are received close together, the read command is executed and completed first, by default.

In a network, a race condition may occur if two users attempt to access an available channel at the same instant, and neither computer receives notification that the channel is occupied before the system grants access. Statistically, this sort of coincidence is most likely to occur in networks having long lag times, such as those that use geostationary satellites. To prevent such a race condition from developing, a priority scheme must be devised. For example, the subscriber whose username begins with the earlier letter of the alphabet (or the lower numeral) may get priority by default when two subscribers attempt to access the system within a prescribed increment of time. Hackers can take advantage of race-condition vulnerabilities to gain unauthorized access to networks.

Race conditions occasionally occur in logic gates when certain inputs come into conflict. Because the gate output state takes a finite, nonzero amount of time to react to any change in input states, sensitive circuits or devices following the gate may be fooled by the state of the output, and thereby caused to not operate properly.