SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Guru whisher's Avatar
    Join Date
    May 2006
    Location
    Kakiland
    Posts
    732
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Filter regex urlencode validate.

    Hi.

    I don't see why this code
    doesn't work (filter_input):

    PHP Code:
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    <html>
    <head>
        <meta http-equiv="content-type" content="text/html; charset=utf-8">
        <title>Test</title>
    </head>

    <body>
    <?php
    $pattern
    '#^[%_\-\+a-zA-Z0-9\/]+$#';
    if(
    filter_has_var(INPUT_GET'qs')){
        
    $options= array('options'=>array('regexp'=>$pattern));
        
    $string=filter_input(INPUT_GET'qs'FILTER_VALIDATE_REGEXP$options);
        if(
    $string===false){
            echo 
    "A filter GET match was not found.<br />";    
        }
        else{
            echo 
    "A filter GET match was found.{$string}<br />";
        }
    }    
    if(isset(
    $_GET['qs'])){
        
    $stringurlencode($_GET['qs']);
        if (
    preg_match($pattern$string)) {
            echo 
    "A GET match was found.{$string}<br />";
        } else {
            echo 
    "A GET match was not found.<br />";
        }        
    }

    $stringurlencode('bicycles multi byte chars  èòàù');
    if (
    preg_match($pattern$string)) {
        echo 
    "A match was found.{$string}<br />";
    } else {
        echo 
    "A match was not found.<br />";
    }

    ?>
    <!-- IT WORKS -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs=bicycle_-%'?>">test1</a><br />
    <!-- IT DOESN'T WORK -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs=bicycle_-+%'?>">test2</a><br />
    <!-- IT DOESN'T WORK -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs='.urlencode('bicycles multi byte chars  èòàù#'); ?>">test3</a><br />

    </body>
    </html>
    It seems to be the +
    char to get troubles
    but I don't see why .(

    Can you help me, please ?


    Bye.

  2. #2
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Because + is converted to a space. For example, http://www.google.com/search?q=this+has+spaces.

    Use &#37;2B rather than +, or simply urlencode the string.

    If you want to allow spaces, add \s to your regex selection condition. Or, if you want to parse the string as the URL is, use urldecode().
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  3. #3
    SitePoint Guru whisher's Avatar
    Join Date
    May 2006
    Location
    Kakiland
    Posts
    732
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by arkinstall View Post
    Because + is converted to a space. For example, http://www.google.com/search?q=this+has+spaces.

    Use &#37;2B rather than +, or simply urlencode the string.

    If you want to allow spaces, add \s to your regex selection condition. Or, if you want to parse the string as the URL is, use urldecode().
    May be I don't see your point
    but only the filter_var_input go wrong
    the others work fine.

    PHP Code:
    $pattern'#^[%_\-\+a-zA-Z0-9\/]+$#';
    // it doesn't work
    if(filter_has_var(INPUT_GET'qs')){
        
    $options= array('options'=>array('regexp'=>$pattern));
        
    $string=filter_input(INPUT_GET'qs'FILTER_VALIDATE_REGEXP$options);
        if(
    $string===false){
            echo 
    "A filter GET match was not found.<br />";    
        }
        else{
            echo 
    "A filter GET match was found.{$string}<br />";
        }

    // it works    
    if(isset($_GET['qs'])){
        
    $stringurlencode($_GET['qs']);
        if (
    preg_match($pattern$string)) {
            echo 
    "A GET match was found.{$string}<br />";
        } else {
            echo 
    "A GET match was not found.<br />";
        }        
    }
    // it works    
    $stringurlencode('bicycles multi byte chars  èòàù');
    if (
    preg_match($pattern$string)) {
        echo 
    "A match was found.{$string}<br />";
    } else {
        echo 
    "A match was not found.<br />";


    I should validate ie
    racing bycicles and multi bytes string &#233;&#242;&#224;&#249;

    urlencode put the sign
    +
    instead of a space
    racing+bycicles

    multi bytes string
    %E8%F2%E0%F9


    so in the pattern I added
    +%

    so this string
    bicycles+multi+byte+chars++%E8%F2%E0%F9%23

    should be a valid string but
    filter_input failed.

  4. #4
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    The + you see is only part of the URL string.

    Once it gets to you on the PHP side, that + has been turned into a space again, so you'll need to allow for a space (\s).
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  5. #5
    SitePoint Guru whisher's Avatar
    Join Date
    May 2006
    Location
    Kakiland
    Posts
    732
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by arkinstall View Post
    The + you see is only part of the URL string.

    Once it gets to you on the PHP side, that + has been turned into a space again, so you'll need to allow for a space (\s).
    Thanks for help.
    Sorry to distrurb you
    but can you give me
    a working example ?

    PHP Code:
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    <html>
    <head>
        <meta http-equiv="content-type" content="text/html; charset=utf-8">
        <title>Test</title>
    </head>

    <body>
    <?php
    $pattern
    '#^[%_\-\+a-zA-Z0-9\/\s]+$#';
    if(
    filter_has_var(INPUT_GET'qs')){
        
    $options= array('options'=>array('regexp'=>$pattern));
        
    $string=filter_input(INPUT_GET'qs'FILTER_VALIDATE_REGEXP$options);
        if(
    $string===false){
            echo 
    "A filter GET match was not found.<br />";    
        }
        else{
            echo 
    "A filter GET match was found.{$string}<br />";
        }
    }    

    ?>
    <!-- IT WORKS -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs=bicycle_-%'?>">test1</a><br />
    <!-- IT WORKS -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs=bicycle+_-%'?>">test2</a><br />
    <!-- IT DOESN'T WORK -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs='.urlencode('bicyclesmultibytecharsèòàù#'); ?>">test3</a><br />
    <!-- IT DOESN'T WORK -->
    <a href="<?php echo $_SERVER['PHP_SELF'].'?qs='.urlencode('bicycles multibyte charsèòàù#'); ?>">test4</a><br />
    </body>
    </html>
    I should validate a urlencode alphanumeric string
    (uppercase/lowercase )
    and the chars
    _ - % +.

  6. #6
    SitePoint Guru whisher's Avatar
    Join Date
    May 2006
    Location
    Kakiland
    Posts
    732
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    An other approach
    PHP Code:
    function sanatizeString($string){ 
            
    $dodgychars"#[^0-9a-zA-Z]#"
            return 
    preg_replace($dodgychars,"-",$string); 
        } 
        
    var_dump(sanatizeString("PublicitÓ e progresso")); 
    I catch the dodgy chars before


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •