Swift-R Posted April 6, 2010 Share Posted April 6, 2010 I am developing my own db class and there is a function to easily create a query. This function recognizes code inside <...> and applies addslashes or mysql_real_escape_string functions to the text. I use this method: So the query looks like this (example): UPDATE table SET value=<'isn't this nice?'> WHERE id=1; And this is the portion of the code which is supposed to to that: $values = "SET " . $value . " "; // $value returns: value=<'isn't this nice?'> $values = preg_replace_callback( "#<'([^'>]\S+)'>#", array( $this, 'addslashes_callback' ), $values ); $query .= str_replace( array( "<'", "'>" ), array( "", "" ), $values ); And addslashes_callback function: public function addslashes_callback( $match ) { return "'" . addslashes( $match[1] ) . "'"; } This works the way I want if I don't use spaces (eg: if $value = somevalue'ddwd'dwwddd ). It adds the slashes correctly but not if the string contains spaces (eg: if $value = some value' ddwd'dw wddd ). I know it has something to do with this regex code #<'([^'>]\S+)'>#, how can I fix it so it can accept every character? Link to comment https://forums.phpfreaks.com/topic/197700-preg_replace-regex-help/ Share on other sites More sharing options...
Swift-R Posted April 6, 2010 Author Share Posted April 6, 2010 Please someone move this topic to regex forum, I think it belongs there. My bad, sorry. Link to comment https://forums.phpfreaks.com/topic/197700-preg_replace-regex-help/#findComment-1037534 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.