Jump to content

[SOLVED] Select certain lines for stripslashes

Kommius

By Kommius
in PHP Coding Help

 Share

Recommended Posts

Kommius Newbie

Kommius

Posted
Posted

Hi everyone,  :mrgreen:

 

I'm trying to code a relatively simple script.

 

I want to first read the contents of the file, and then apply a 

stripslashes();

on all lines starting with the 

echo "

tag and ending with 

";

.

 

For now, here's what I was able to come up with :

 

 

$file_contents = file_get_contents($fichier);

if(preg_match_all('`^echo"(.*?)"', $file_contents, $matches)){

               foreach ($matches as $val) {
                         $processed .= stripslashes($val);
               } 
} else {
      $processed .= $file_contents; //-- What should i put here if the line doesn't correspond?
}

file_put_contents($fichier, $processed);

 

Are my heading towards the right direction? Can anybody help me out? Thx  ;)

Link to comment
Share on other sites
thebadbad Newbie

thebadbad

Posted
Posted

You can use preg_replace() with the e pattern modifier, treating the replacement as PHP. Or use preg_replace_callback():

 

<?php
$file_contents = file_get_contents($fichier);

$file_contents = preg_replace_callback(
'~^echo\s*([\'"])(.*?)\1;~sm',
create_function(
	'$matches',
	'return stripslashes($matches[2]);'
),
$file_contents
);
?>

 

The pattern matches echo at the start of the string or at the start of a line (m modifier). Then zero or more whitespace characters followed by either a single or a double quote. Then anything including new lines (s modifier) are matched and captured, until the opening quote (\1) followed by a semi colon is found.

 

But this will yield unexpected results with code like

 

echo "testing with a $var" . 'the end';

Link to comment
Share on other sites
Kommius Newbie

Kommius

Posted
  • Author
Posted

What are you actually trying to accomplish? Do you want to read a php file, then search for all echo statements and add slashes to strings? You probably need to extend it as ' is also valid.

 

The goal is to parse a file such as this :

 

#==================================================
# function HTTPReferer
# Liste des référants
#==================================================
function HTTPReferer() {
global $bgcolor1, $bgcolor2, $bgcolor3, $db, $admin_file;
include_once("header.php");
NCGraphicAdmin();

OpenTable();
echo "<center><b>"._NCWHOLINKS."</b></center><br /><br />";
echo "<table width=\"100%\" border=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\">";
echo "<tr>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCHITS."<b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCURL."</b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCUPDATED."</b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCDELETE."</b></td>";
echo "</tr>";

$req_refs = $db->sql_query("SELECT r_id, r_url, r_count, r_lasttime FROM ".TABLE_REFERER." ORDER BY r_count DESC");
$num_refs = $db->sql_numrows($req_refs);

if (!empty($num_refs)) {
	while ($row = $db->sql_fetchrow($req_refs)) {
			$r_id = intval($row['r_id']);
			$r_url = filter($row['r_url'], nohtml);
			$r_url2 = urlencode($r_url);
			$r_count = intval($row['r_count']);
			$r_lasttime = formatTimestamp($row['r_lasttime']);

			echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\"><font class=\"content\">$r_count</font></td>";
			echo "<td bgcolor=\"$bgcolor1\" width=\"100%\"><font class=\"content\"><a href=\"index.php?url=$r_url2\" target=\"_blank\">$r_url</a></font></td>";
			echo "<td bgcolor=\"$bgcolor1\" nowrap> <font class=\"content\">$r_lasttime</font> </td>";
			echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><a href=\"".$admin_file.".php?op=DelReferer&ref_id=".$r_id."\"><img src=\"images/objets/wrong.gif\" border=\"0\" alt=\""._NCDELETE."\" title=\""._NCDELETE."\"></a></td>";
			echo "</tr>";
		}
} else {
	echo "<tr><td align=\"center\" bgcolor=\"$bgcolor1\" colspan=\"4\">"._NCNOREFERERS."</td></tr>";
}
echo "</table><br />";
echo "<form action=\"".$admin_file.".php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"op\" value=\"DelReferer\">";
echo "<input type=\"hidden\" name=\"ref_id\" value=\"all\">";
echo "<center><input type=\"submit\" value=\""._NCDELETEALL."\"></center>";
CloseTable();

include_once("footer.php");
}

 

The thing is, if I do a stripslashes on the entire file contents, the stripslashes function removes all backslashes, including the ones contained in the PHP Code.

 

The script would also allow me to parse the file with a more complicated function, based on the htmLawed library.

Link to comment
Share on other sites
Kommius Newbie

Kommius

Posted
  • Author
Posted

You can use preg_replace() with the e pattern modifier, treating the replacement as PHP. Or use preg_replace_callback():

 

<?php
$file_contents = file_get_contents($fichier);

$file_contents = preg_replace_callback(
'~^echo\s*([\'"])(.*?)\1;~sm',
create_function(
	'$matches',
	'return stripslashes($matches[2]);'
),
$file_contents
);
?>

 

The pattern matches echo at the start of the string or at the start of a line (m modifier). Then zero or more whitespace characters followed by either a single or a double quote. Then anything including new lines (s modifier) are matched and captured, until the opening quote (\1) followed by a semi colon is found.

 

But this will yield unexpected results with code like

 

echo "testing with a $var" . 'the end';

 

Your function looks quite interesting, I will have a look at it and get back to you with more feedback.. As you pointed out, it may yield unexpected result.

Link to comment
Share on other sites
Kommius Newbie

Kommius

Posted
  • Author
Posted

How do you want to parse the file? 'Cause if you remove the slashes you will obviously mess with the syntax. Do you want to grab the output of the script?

 

Removing the slashes allows the htmLawed library to read and modify it. The output of the script adds the backslashes again in the xhtml parts of the PHP file.

 

Currently, the full script looks like this :

 

$file_contents = file_get_contents($list);

//-- Removing slashes
if(get_magic_quotes_gpc()) {
	$text = stripslashes($file_contents);
}

$processed = htmLawed($text);

file_put_contents($list, $processed);

 

 

For now, the script manages to transform :

 

#==================================================
# function HTTPReferer
# Liste des référants
#==================================================
function HTTPReferer() {
global $bgcolor1, $bgcolor2, $bgcolor3, $db, $admin_file;
include_once("header.php");
NCGraphicAdmin();

OpenTable();
echo "<center><b>"._NCWHOLINKS."</b></center><br /><br />";
echo "<table width=\"100%\" border=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\">";
echo "<tr>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCHITS."<b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCURL."</b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCUPDATED."</b></td>";
echo "<td bgcolor=\"$bgcolor3\" align=\"center\"><b>"._NCDELETE."</b></td>";
echo "</tr>";

$req_refs = $db->sql_query("SELECT r_id, r_url, r_count, r_lasttime FROM ".TABLE_REFERER." ORDER BY r_count DESC");
$num_refs = $db->sql_numrows($req_refs);

if (!empty($num_refs)) {
	while ($row = $db->sql_fetchrow($req_refs)) {
			$r_id = intval($row['r_id']);
			$r_url = filter($row['r_url'], nohtml);
			$r_url2 = urlencode($r_url);
			$r_count = intval($row['r_count']);
			$r_lasttime = formatTimestamp($row['r_lasttime']);

			echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\"><font class=\"content\">$r_count</font></td>";
			echo "<td bgcolor=\"$bgcolor1\" width=\"100%\"><font class=\"content\"><a href=\"index.php?url=$r_url2\" target=\"_blank\">$r_url</a></font></td>";
			echo "<td bgcolor=\"$bgcolor1\" nowrap> <font class=\"content\">$r_lasttime</font> </td>";
			echo "<td bgcolor=\"$bgcolor1\" align=\"center\"><a href=\"".$admin_file.".php?op=DelReferer&ref_id=".$r_id."\"><img src=\"images/objets/wrong.gif\" border=\"0\" alt=\""._NCDELETE."\" title=\""._NCDELETE."\"></a></td>";
			echo "</tr>";
		}
} else {
	echo "<tr><td align=\"center\" bgcolor=\"$bgcolor1\" colspan=\"4\">"._NCNOREFERERS."</td></tr>";
}
echo "</table><br />";
echo "<form action=\"".$admin_file.".php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"op\" value=\"DelReferer\">";
echo "<input type=\"hidden\" name=\"ref_id\" value=\"all\">";
echo "<center><input type=\"submit\" value=\""._NCDELETEALL."\"></center>";
CloseTable();

include_once("footer.php");
}

 

to

 

#==================================================
# function HTTPReferer
# Liste des référants
#==================================================
function HTTPReferer() {
global $bgcolor1, $bgcolor2, $bgcolor3, $db, $admin_file;
include_once("header.php");
NCGraphicAdmin();

OpenTable();
echo "<center><b>"._NCWHOLINKS."<b><center><br /><br />";
echo "<table width=\"100%\" border=\"0\" cellspacing=\"1\" style=\"background-color: $bgcolor2;\">";
echo "<tr>";
echo "<td align=\"center\" style=\"background-color: $bgcolor3;\"><b>"._NCHITS."<b><td>";
echo "<td align=\"center\" style=\"background-color: $bgcolor3;\"><b>"._NCURL."<b><td>";
echo "<td align=\"center\" style=\"background-color: $bgcolor3;\"><b>"._NCUPDATED."<b><td>";
echo "<td align=\"center\" style=\"background-color: $bgcolor3;\"><b>"._NCDELETE."<b><td>";
echo "<tr>";

$req_refs = $db->sql_query("SELECT r_id, r_url, r_count, r_lasttime FROM ".TABLE_REFERER." ORDER BY r_count DESC");
$num_refs = $db->sql_numrows($req_refs);

if (!empty($num_refs)) {
	while ($row = $db->sql_fetchrow($req_refs)) {
			$r_id = intval($row['r_id']);
			$r_url = filter($row['r_url'], nohtml);
			$r_url2 = urlencode($r_url);
			$r_count = intval($row['r_count']);
			$r_lasttime = formatTimestamp($row['r_lasttime']);

			echo "<tr><td align=\"center\" style=\"background-color: $bgcolor1;\"><font class=\"content\">$r_count<font><td>";
			echo "<td style=\"background-color: $bgcolor1; width: 100%;\"><font class=\"content\"><a href=\"index.php?url=$r_url2\" target=\"_blank\">$r_url<a><font><td>";
			echo "<td style=\"background-color: $bgcolor1; white-space: nowrap;\"><font class=\"content\">$r_lasttime<font><td>";
			echo "<td align=\"center\" style=\"background-color: $bgcolor1;\"><a href=\"".$admin_file.".php?op=DelRefererref_id=\"><img src=\"images/objets/wrong.gif\" alt=\"\" title=\"\" style=\"border: 0px;\" /><a><td>";
			echo "<tr>";
		}
} else {
	echo "<tr><td align=\"center\" colspan=\"4\" style=\"background-color: $bgcolor1;\">"._NCNOREFERERS."<td><tr>";
}
echo "<table><br />";
echo "<form action=\"".$admin_file.".php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"op\" value=\"DelReferer\" />";
echo "<input type=\"hidden\" name=\"ref_id\" value=\"all\" />";
echo "<center><input type=\"submit\" value=\"\" /><center>";
CloseTable();

include_once("footer.php");
}

 

There are still problems though, as all encapsed values in double-double quotes return as empty values.

Link to comment
Share on other sites
Kommius Newbie

Kommius

Posted
  • Author
Posted

You can use preg_replace() with the e pattern modifier, treating the replacement as PHP. Or use preg_replace_callback():

 

<?php
$file_contents = file_get_contents($fichier);

$file_contents = preg_replace_callback(
'~^echo\s*([\'"])(.*?)\1;~sm',
create_function(
	'$matches',
	'return stripslashes($matches[2]);'
),
$file_contents
);
?>

 

The pattern matches echo at the start of the string or at the start of a line (m modifier). Then zero or more whitespace characters followed by either a single or a double quote. Then anything including new lines (s modifier) are matched and captured, until the opening quote (\1) followed by a semi colon is found.

 

But this will yield unexpected results with code like

 

echo "testing with a $var" . 'the end';

 

Your function looks quite interesting, I will have a look at it and get back to you with more feedback.. As you pointed out, it may yield unexpected result.

 

I tried your function, it does not yield any results (any typo in there?)

 

Even doing a :

 

$test = preg_match_all('~^echo\s*([\"])(.*?)\1;~sm', $file_contents, $matches);

 

does not match anything in a file containing these lines :

 

echo "<select>";
echo "<td><tr>";

 

I'm looking into it..

Link to comment
Share on other sites
Kommius Newbie

Kommius

Posted
  • Author
Posted

Thank you so much for your help and your quick replies, the script works like a charm..

 

I can't thank you enough for your patience and your help, this has helped me understand regular expressions and the usage of preg_replace_callback, which I find is complicated to understand with the PHP manual!!

 

PS : Can somebody set this topic as solved please?

Link to comment
Share on other sites
thebadbad Newbie

thebadbad

Posted
Posted

Thank you so much for your help and your quick replies, the script works like a charm..

 

I can't thank you enough for your patience and your help, this has helped me understand regular expressions and the usage of preg_replace_callback, which I find is complicated to understand with the PHP manual!!

 

PS : Can somebody set this topic as solved please?

 

You're welcome! Just remember that the script isn't very versatile, and won't convert every variant of echo blocks you throw at it.

 

Happy coding 8)

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.