Jump to content


Photo

substring? User form entry...


  • Please log in to reply
9 replies to this topic

#1 pro_se

pro_se
  • Members
  • PipPipPip
  • Advanced Member
  • 131 posts

Posted 04 September 2006 - 10:27 PM

Hello... You know in Myspace when you attempt to put a coldfusion string into an about me page -- it does not parse the coldfusion or does not insert the full code into the database? How can i  do that with php? just taking out '<?php' and replacing it with '...'?

#2 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 04 September 2006 - 10:28 PM

I would guess html entities, that is what andy told me, and it worked, if you are doing what I think you are trying to do.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#3 pro_se

pro_se
  • Members
  • PipPipPip
  • Advanced Member
  • 131 posts

Posted 04 September 2006 - 10:33 PM

well... i have a about me section on my cms and i dont want people putting in php scripts and having them parse... if you have a good way to do this that would be cool...

#4 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 04 September 2006 - 10:40 PM

I you mean some custom programming, here is my idea of a way you could implement something.

Think about html entities.
if you have the symbols for < and > instead then it doesn't run.  Here is what I would probably attempt to do.

1. Have the information you are getting put into a variable
like
$value = $_POST['value']
or something, anything to trap whatever they are submitting into a variable so you can work with it.
now, use some regular expressions to try and find the existence of the php tags, like <?  and <?php, if they find a match, just prevent the script from running, return a validation error at that point, and say no php scripts allowed.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#5 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 04 September 2006 - 10:41 PM

Here
The i within the regular expression makes it case ignore, if you want it to be case sensitive, then simply remove it.
<?php
// This will pull out the contents of the php tags.
preg_match_all("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch, $OutPutArray); 
// This will simply test to see if it exists or not.

preg_match("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch); 
?>

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#6 pro_se

pro_se
  • Members
  • PipPipPip
  • Advanced Member
  • 131 posts

Posted 04 September 2006 - 10:42 PM

can u bold what is going to be searched? plz...

#7 pro_se

pro_se
  • Members
  • PipPipPip
  • Advanced Member
  • 131 posts

Posted 04 September 2006 - 10:43 PM

or can u tell me the format for the "  ("/[<\?php]{6}(.*?)[\?>]{3}/i", "stuff

#8 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 04 September 2006 - 10:44 PM

This will pull out the contents of the php tags.
preg_match_all("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch, $OutPutArray);

This will simply test to see if it exists or not.
preg_match("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch);

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#9 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 04 September 2006 - 10:46 PM

That just tests to see, for instance.
This will pull out the contents of the php tags.
preg_match_all("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch, $OutPutArray);
if you use this one here, then it looks within the string to search for any occurence of <?php stuff ?>
then it extracts whatever is in between <?php ?> and puts it in output array.

This will simply test to see if it exists or not.
preg_match("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch);
for this down here it simply tests whether those tags exist or not, then you can return a validation error if you choose, or the top one you can just extract the contents, so it runs empty php tags, whichever you choose to do.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#10 pro_se

pro_se
  • Members
  • PipPipPip
  • Advanced Member
  • 131 posts

Posted 04 September 2006 - 10:48 PM

waiiitt... i got it... this works perfect... i sould actually look at the manual before i post... lol.... thanks for the input tho...
$string = 'The quick brown fox jumped over the lazy dog.';
$patterns[0] = '/quick/';
$patterns[1] = '/brown/';
$patterns[2] = '/fox/';
$replacements[2] = 'bear';
$replacements[1] = 'black';
$replacements[0] = 'slow';
echo preg_replace($patterns, $replacements, $string);





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users