Jump to content

substring? User form entry...


pro_se

Recommended Posts

Hello... You know in Myspace when you attempt to put a coldfusion string into an about me page -- it does not parse the coldfusion or does not insert the full code into the database? How can i  do that with php? just taking out '[b]<?php[/b]' and replacing it with '[b]...[/b]'?
Link to comment
Share on other sites

I you mean some custom programming, here is my idea of a way you could implement something.

Think about html entities.
if you have the symbols for < and > instead then it doesn't run.  Here is what I would probably attempt to do.

1. Have the information you are getting put into a variable
like
$value = $_POST['value']
or something, anything to trap whatever they are submitting into a variable so you can work with it.
now, use some regular expressions to try and find the existence of the php tags, like <?  and <?php, if they find a match, just prevent the script from running, return a validation error at that point, and say no php scripts allowed.
Link to comment
Share on other sites

Here
The i within the regular expression makes it case ignore, if you want it to be case sensitive, then simply remove it.
[code]<?php
// This will pull out the contents of the php tags.
preg_match_all("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch, $OutPutArray);
// This will simply test to see if it exists or not.

preg_match("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch);
?>[/code]
Link to comment
Share on other sites

That just tests to see, for instance.
This will pull out the contents of the php tags.
preg_match_all("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch, $OutPutArray);
if you use this one here, then it looks within the string to search for any occurence of <?php stuff ?>
then it extracts whatever is in between <?php ?> and puts it in output array.

This will simply test to see if it exists or not.
preg_match("/[<\?php]{6}(.*?)[\?>]{3}/i", $StringToSearch);
for this down here it simply tests whether those tags exist or not, then you can return a validation error if you choose, or the top one you can just extract the contents, so it runs empty php tags, whichever you choose to do.
Link to comment
Share on other sites

waiiitt... i got it... this works perfect... i sould actually look at the manual before i post... lol.... thanks for the input tho...[code]$string = 'The quick brown fox jumped over the lazy dog.';
$patterns[0] = '/quick/';
$patterns[1] = '/brown/';
$patterns[2] = '/fox/';
$replacements[2] = 'bear';
$replacements[1] = 'black';
$replacements[0] = 'slow';
echo preg_replace($patterns, $replacements, $string);[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.