add php input rules

post.php

@@ -9,7 +9,8 @@ try {
 }
 //UPDATE `projetphp` SET `security_level` = '6' WHERE `projetphp`.`login` = 'aaazzze';
 if(isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_POST["sl"], $_POST["login"]))
-  if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true")
+  if(preg_match('/^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/', $_POST["email"]))
+    if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true" && preg_match('/^[a-z]{8,16}$/',$_POST["pw"]))
     {
       $req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `mot_de_passe` = :pw, `security_level` = :sl WHERE `projetphp`.`login` = :login');
       $req->execute(array(
@@ -22,7 +23,7 @@ if(isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_
       $ret["return"] = true;
       $ret["pw"] = md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8'));
     }
-  else
+    else if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "false")
     {
       $req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `security_level` = :sl WHERE `projetphp`.`login` = :login');
       $req->execute(array(
@@ -35,6 +36,7 @@ if(isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_
       $ret["pw"] = htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8');
     }
   else;
+else;
 
 echo json_encode((object)$ret);
 ?>