Jump to content

Check for Strings


mkebkr04

Recommended Posts

Would anyone happen to know how to take two form inputs that will be inputted into the database and check them.  Basically they will be urls and I need to check to see if they start with http:// and if not I need to add http:// to it.

 

Say I have:

 

$bus_url and $int_url which are equal to  there own $_POST[.........] variables

 

I know I need and if statement to check for http:// and if its there I want to leave it alone else I want to add it I am just unsure where to put it in the code and what to put in general.

Link to comment
https://forums.phpfreaks.com/topic/136274-check-for-strings/
Share on other sites

<?php

function CheckURL($url) {

  if(preg_match('/http\:\/\/[aA-zZ0-9\.]+\.[aA-zZ0-9]+?[\?\=\_\-\/[aA-zZ0-9]+/', $url)) $link = $url;
    else  $link = 'http://'.$url;

  return $link;
}

?>

 

Though I caution that you should scrub/clean any user input and not assume that the url or link is valid to begin with. You'll want to check that as well.

Link to comment
https://forums.phpfreaks.com/topic/136274-check-for-strings/#findComment-710923
Share on other sites

By the way...in case that confused you, implementation would look something like this...

 

<?php

function CheckURL($url) {

  if(preg_match('/http\:\/\/[aA-zZ0-9\.]+\.[aA-zZ0-9]+?[\?\=\_\-\/[aA-zZ0-9]+/', $url)) $link = $url;
    else  $link = 'http://'.$url;

  return $link;
}

//// Assuming the POST variables have already been defined...

$linkone = CheckURL($_POST['linkone']); 
// If the link is 'google.com', 'http://google.com' will be returned.
$linktwo = CheckURL($_POST['linktwo']); 
// If the link is 'http://yahoo.com', the same value will be returned without changes.

?>

 

...But as stated...you want to make sure you check ALL user input to make sure no SQL injection or XSS is possible.

Link to comment
https://forums.phpfreaks.com/topic/136274-check-for-strings/#findComment-710935
Share on other sites

What happens if someone enters 'http:mydomain.com'? '...How about 'http:// whoops i have spaces and invalid characters here .com'?

 

One can't assume that a simple check based on string or character position will account for users who blindly type without thinking. Most people ont he internet don't :-P

Link to comment
https://forums.phpfreaks.com/topic/136274-check-for-strings/#findComment-710956
Share on other sites

What happens if someone enters 'http:mydomain.com'? '...How about 'http:// whoops i have spaces and invalid characters here .com'?

 

One can't assume that a simple check based on string or character position will account for users who blindly type without thinking. Most people ont he internet don't :-P

 

then if thats what you want to achieve ill use http://www.php.net/manual/en/function.filter-var.php rather that regex again much faster i guess

Link to comment
https://forums.phpfreaks.com/topic/136274-check-for-strings/#findComment-710959
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.