AdRock Posted February 9, 2009 Share Posted February 9, 2009 I am trying to use preg_replace on some content before going into a database. It does some of it but not all. It replaces the <ul> tags but doesn't replace the others. $str = '<img src="http://www.mysite.co.uk/images/image1.jpg"><ul><li>hdfsjdhsfjds></li></ul>'; $reg_ex = array('/<ul>/', '/.jpg">/', '/.gif">/'); $replace_word = array('<ul class="list">', '.jpg" class="myclass" alt="alt" />', '.gif" class="myclass" alt="alt" />'); $content = preg_replace($reg_ex, $replace_word, $str); The output should be <img src="http://www.mysite.co.uk/images/image1.jpg" class="myclass" alt="alt" /><ul class="list"><li>hdfsjdhsfjds></li></ul> but the actual output is <img src="http://www.mysite.co.uk/images/image1.jpg"><ul class="list"><li>hdfsjdhsfjds></li></ul> Quote Link to comment Share on other sites More sharing options...
printf Posted February 9, 2009 Share Posted February 9, 2009 I don't see how the output is wrong. The way you have your regex array will output the replace exactly how it should be. Not how your saying it is outputting. Quote Link to comment Share on other sites More sharing options...
sasa Posted February 9, 2009 Share Posted February 9, 2009 it's work fine on my local wamp Quote Link to comment Share on other sites More sharing options...
AdRock Posted February 9, 2009 Author Share Posted February 9, 2009 I found out what was causing the problem This is where i do the replace //$content = $_POST['rte1']; $content = check_input(trim($_POST['rte1'])); $reg_ex = array('/<ul>/s', '/.jpg">/s', '/.gif">/s'); $replace_word = array('<ul class="list">', '.jpg" class="myclass" alt="alt" />', '.gif" class="myclass" alt="alt" />'); $content = preg_replace($reg_ex, $replace_word, $content); If i uncomment the plain post and comment out the check_input, it works fine. If i do it the other way around, it doesn't work so that check_input function is causing a problem......any ideas why? If i move the check_input($_POST['ret1']) under the replace, it works, but will it still protect from sql injection? function check_input($value) { // Stripslashes if (get_magic_quotes_gpc()){ $value = stripslashes($value); } // Quote if not a number if (!is_numeric($value)){ $value = mysql_real_escape_string($value); } return $value; } Quote Link to comment Share on other sites More sharing options...
unkwntech Posted February 9, 2009 Share Posted February 9, 2009 what you should do is just replace check_input() with mysql_real_escape_string() an run it after you do the preg_replace Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.