Jump to content

validate base64?

morongo

By morongo
in Regex Help

 Share

Recommended Posts

morongo Newbie

morongo

Posted
Posted
What's a good way to validate a base64 string?

I'm wanting to make sure that (some) users don't sneak-in bogus data to a POST that's supposed to only be base64 on receipt.

Would something like this do it?

[code]
if (!preg_match("=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", $sender)){
    die("Incorrect data format.");
}
[/code]

I'm pretty much flailing in the dark here, I'm not at all up on how to do regex stuff.

Thanks


Link to comment
Share on other sites
morongo Newbie

morongo

Posted
  • Author
Posted
I just now discovered there's a regex area...moderator should probably move this post.

Anyway, I was going to say, if this was C, I could do something like this:
[code]
int validateB64(char *postbuf)
{
char *p;
for(p=postbuf; *p; p++)
{
    if ( (*p>= 48 && *p<= 57) || (*p>= 65 && *p<= 90) || (*p>= 97 && *p<= 122) )
          continue;
    else
    {
      return INVALID;
    }
}
return VALID;
}
[/code]
(I would probably add \x0d, \x0a and = ,as well...)

But php won't do that, so I guess that all leads back to validating with regex.
Link to comment
Share on other sites
morongo Newbie

morongo

Posted
  • Author
Posted
Well, I decided to go ahead and 'php-ify' my original C code, above.

This is what I ended up with and it does the job. I actually think I was probably barking up the wrong tree with the regex stuff, it's intended for pattern-matching, extracting data, etc...I needed to validate an entire block of data to make sure it comformed to what I expected for input.

[code]
<?php

// the only chars we expect to get if valid b64:
//( RFC 1113, with addition of pad '=' and crlf )
// ABCDEFGHIJKLMNOPQRSTUVWXYZ
// abcdefghijklmnopqrstuvwxyz
// 0123456789
// +/='\x0d''\x0a'
//
// contiguous ascii ranges (dec):
// A-Z    a-z    /-9  +  cr  lf  =
//65-90, 97-122, 47-57, 43, 13, 10, 61


  //test strings:
$good = "An1fJ8+Ule4iv72ts9==\r\n";
$bad  = "abc!@#fgh(-|jkl%\\df\r\n";


printf("<html><body<pre>\n");

  //test a known-valid b64 string:
if(!(validate64($good)))
  printf("%s\nbuffer is NOT b64 encoded\n\n",$good);
else
  printf("%s\nbuffer is VALID base64\n\n",$good);

  //test a known-invalid b64 string:
if(!(validate64($bad)))
  printf("%s\nbuffer is NOT b64 encoded\n\n",$bad);
else
  printf("%s\nbuffer is VALID base64\n\n",$bad);

printf("</pre></body</html>\n");


exit;

function validate64($buffer)
{
  $VALID  = 1;
  $INVALID= 0;

  $p    = $buffer; 
  $len  = strlen($p);     

  for($i=0; $i<$len; $i++)
  {
    if( ($p[$i]>="A" && $p[$i]<="Z")||
        ($p[$i]>="a" && $p[$i]<="z")||
        ($p[$i]>="/" && $p[$i]<="9")||
        ($p[$i]=="+")||
        ($p[$i]=="=")||
        ($p[$i]=="\x0a")||
        ($p[$i]=="\x0d")
      )
      continue;
    else
      return $INVALID;
  }  //fall through if all ok
return $VALID;
}

?>
[/code]
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.