How to validate a potential database name?

I want to prompt开发者_如何学Go the user to enter a database name and warn him if it is invalid.

Is there an easier way than actually trying to create the database and checking the result?

No biggy, I'm just curious. PHP and MySql, but I need it to be ODBC compliant.

You should have your PHP script validate the name before submitting it, and have it catch any error that comes back from MySQL when trying to create it.

The PHP could validate the name against a regular expression, for example. Maybe you want to only permit alphabetical characters.

In fact, I strongly recommend only accepting alphabetical characters, and validating this before ever sending anything to a database command... no sense giving anyone any chance to submit values that could end up causing SQL injection, in the context of a user with the ability to create databases.

But I would also ask; Do you really need to allow users to define their own database names? It might seem 'nice' to enable it, but is there any real benefit over generating a semi-random or incrementing name to users, eliminating any need to validate their input in this particular case?