I just want to conclude this subject by saying, and I did mention the regex pattern does minimize the "false positives" LITERALLY, compared to the use of isin, iswm, or $($+(,$me,) or $wildtok (Except for $istok, though, it won't trigger if someone places a common punctuation character next to $me; it's still not ideal), BUT that does NOT mean my example is bulletproof. As a matter of fact, and if you really want to dig into this subject matter of how it gets failed or exploited, a so-called perfect code will still fall into victim. Perfect codes don't exist, so do crimes in the real world, which will never cease to happen. If this was a perfect world we live in, we wouldn't have criminals, hackers..etc..in the first place.