homepage Welcome to WebmasterWorld Guest from 54.204.94.254
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
PHP regular expressions
Crazy_Fool

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 545 posted 12:00 pm on Aug 17, 2002 (gmt 0)

can anyone help with this?

i need to to remove certain symbols ( *, $, %, {, }, @ and so on) from user input. i need all user input to be letters, numbers and one or two other symbols only. i've got it working with
$value = ereg_replace("(

  • +)¦([£]+)¦([{]+)¦([}]+)¦([[]+)¦([]]+)¦([$]+)¦([%]+)", "", $value);
    but is there an easier way? is there a better regular expression to do this?

    also, is there an easy way to check all key / value pairs in one loop or do i have to use
    if(isset($key))
    {
    stripstuff();
    }
    with every field value? i can obtain all input field values and display them using
    foreach ($HTTP_GET_VARS as $key=>$value)
    {
    print "$key == $value<br>\n";
    }
    but i can't change $value unless i place all key / value pairs into an array which is not really what i want to do.

    any help will be much appreciated.

  •  

    Brett_Tabke

    WebmasterWorld Administrator brett_tabke us a WebmasterWorld Top Contributor of All Time 10+ Year Member



     
    Msg#: 545 posted 12:14 pm on Aug 17, 2002 (gmt 0)

    Look at the range operator:

    /[a-z][A-Z][0-9]/

    That limits it to lower/upper case and numbers.

    jatar_k

    WebmasterWorld Administrator jatar_k us a WebmasterWorld Top Contributor of All Time 10+ Year Member



     
    Msg#: 545 posted 3:36 am on Aug 18, 2002 (gmt 0)

    Sorry I can't help with the regex bit but,

    HTTP_GET_VARS is an array, so I don't really understand the second question.

    I use

    foreach ($HTTP_GET_VARS as $key=>$value)

    to alter values and generally mess with anything I want to. What, more specifically, would you like to do.

    If register_globals is on then you can use those vars as is or if not you can assign them each to their own var and then run through them.

    I could be misunderstanding the question though.

    Crazy_Fool

    WebmasterWorld Senior Member 10+ Year Member



     
    Msg#: 545 posted 5:07 pm on Aug 20, 2002 (gmt 0)

    >>Look at the range operator:
    >>/[a-z][A-Z][0-9]/

    nope. i need to keep these characters. the best i can get with these ranges in PHP is:
    $value = ereg_replace("([a-z]+) ¦ ([A-Z]+) ¦ ([0-9]+)", "", $value);
    which strips out characters and numbers and leaves the rest - that's the opposite way to how i want it!
    it's not just the expression i need, it's the function too.

    >>I use
    >>foreach ($HTTP_GET_VARS as $key=>$value)
    >>to alter values and generally mess with anything I want to. What,
    >>more specifically, would you like to do

    i want to receive a number of values from a form and process them. if name=john is passed from the form and i use
    foreach ($HTTP_GET_VARS as $key=>$value)
    then $key is name and $value is fred. i can modify fred ($value), but it doesnt change the original value - if i then use $name further down the code, the value is still john.

    i can use
    $PARAMS = (isset($HTTP_POST_VARS)) ? $HTTP_POST_VARS : $HTTP_GET_VARS;
    to collect all submitted form fields in an array called $PARAMS. i can then use
    foreach ($PARAMS as $key=>$value)
    and modify each value. but then i either need to use $PARAMS[name] throughout my code instead of using $name, or i need each variable like
    $name=$PARAMS[name]
    immediately following the foreach loop.

    is switching register_globals on the only way to directly use the modified values? surely there must be a better way??

    jatar_k

    WebmasterWorld Administrator jatar_k us a WebmasterWorld Top Contributor of All Time 10+ Year Member



     
    Msg#: 545 posted 12:13 am on Aug 21, 2002 (gmt 0)

    register_globals on will definitely fix that problem.

    You could also assign them to vars at the beginning of your script.

    You can also use variable variable names. You could do something like this when you start your scipt.

    foreach ($HTTP_GET_VARS as $key=>$value) {
    ${"$key"} = stripstuff($value);
    }

    I have had a hard time with this little aspect of php. It assigns the value of $key as the varname and then pops the proper value in there.

    If you have ?firstname=bob&other=something&...
    then run through the above you should be able to
    echo $firstname;
    and get bob.

    I am applying this from something else I did but I think the foreach syntax is right.

    andreasfriedrich

    WebmasterWorld Senior Member 10+ Year Member



     
    Msg#: 545 posted 10:55 pm on Aug 23, 2002 (gmt 0)

    As mentioned in [php.net...] foreach works on a copy of the array. So

    foreach ($HTTP_GET_VARS as $key=>$value) {
    $value = stripstuff($value);
    }

    won“t work. But switching register_globals on is not the only way to directly use the modified values. There is a better way as you predicted yourself. And there is no need to assign them to vars at the beginning of your script or to use variable variable names.

    All you need to do is:

    foreach ($HTTP_GET_VARS as $key=>$value) {
    $HTTP_GET_VARS[$key] = stripstuff($value);
    }

    ergophobe

    WebmasterWorld Administrator ergophobe us a WebmasterWorld Top Contributor of All Time 10+ Year Member



     
    Msg#: 545 posted 3:19 am on Aug 27, 2002 (gmt 0)


    nope. i need to keep these characters. the best i can get with these ranges in PHP is:
    $value = ereg_replace("([a-z]+) ¦ ([A-Z]+) ¦ ([0-9]+)", "", $value);
    which strips out characters and numbers and leaves the rest - that's the opposite way to how i want it!

    If what you really want is to only allow ASCII alpha-numeric characters, just use the NOT operator and invert the selection. That's a lot safer because then you specify what you allow, rather than what you forbid so you don't have to worry about having forgotten something. On the other hand, you close out anyone who uses accents or any other alpha-numeric characters in an extended charset.

    If what you really want is, as you first said, to get rid of certain characters, have a look at

    [php.net...]

    and read the contributed notes as well. You may need to use the option with two parameters where the second is an array with the character and its translation so that you can replace the character with nothing (rather than a space or something). Therefore you could do something like

    $strip_array = array("*" => "", "$" => "");
    $clean_string = strtr($string, $strip_array);

    I bet this will be faster in the long run than your ereg_replace. Also note that in PHP, preg_replace is somewhat faster than ereg_replace.

    Tom

    Crazy_Fool

    WebmasterWorld Senior Member 10+ Year Member



     
    Msg#: 545 posted 7:35 am on Aug 28, 2002 (gmt 0)

    thanks people, i'll give these a try over the weekend and see what happens

    Global Options:
     top home search open messages active posts  
     

    Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
    rss feed

    All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
    Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
    WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
    © Webmaster World 1996-2014 all rights reserved