Jump to content

Recommended Posts

I'm sorry if this has been asked before, however the search terms I could think of are a little ambiguous and the majority of results asked for the regex is to take parts of a url.

 

 

I would like users to be able to add their accounts to particular websites in specific text inputs. i.e. you can only put http://www.facebook.com/yourprofile into the Facebook field. So basically I want a regex that only allows http://www.domain.com[whatever else is needed] .I'm sure this is easy to do, but I'm a real novice at regex (I'm trying!). I currently have this, which allows urls of any domain, but I don't want to give users that privilege:

 

if (preg_match('/^(http|https|ftp):\/\/([A-Z0-9][A-Z0-9_-]*(?:\.[A-Z0-9][A-Z0-9_-]*)+):?(\d+)?\/?/i', ($_POST['website']))) {

$website = escape_data($_POST['website']);

$mw = "'$website'";

} else if (empty($_POST['website'])) {

$mw = 'NULL';

} else {

$mw = FALSE;

echo '<p><font color="red" size="+1">Please enter a valid website URL, or clear the entry</font></p>';

}

 

 

Any help would be massively appreciated. Thankyou

Link to comment
https://forums.phpfreaks.com/topic/210408-regex-only-allowing-specific-urls/
Share on other sites

If it is a Facebook field, you really shouldn't be allowing/expecting the user to type in the http://www.facebook.com/ part, they should only be typing in their profile name, which can be matched with a very simple pattern. I'm not sure on the exact requirements, but it's probably al-num with dash.

If it is a Facebook field, you really shouldn't be allowing/expecting the user to type in the http://www.facebook.com/ part, they should only be typing in their profile name, which can be matched with a very simple pattern. I'm not sure on the exact requirements, but it's probably al-num with dash.

 

 

Because I am letting them input account url's from various domains(soundcloud, mixcloud, divshare) etc, I think it would be easier for the user to just cut and paste the whole lot. Seems a bit more idiot proof than asking them to only copy from after .com

 

Why is this a bad idea?

Then it clearly isn't a 'Facebook' field as you indicated it as.

 

 

Well, it depends on the field in question doesn't it? If it's the facebook field, then yes it is. Sorry if you didnt understand what I meant.

 

There is a problem with this regex. It won't validate if the url comes from a form field, even if you use the exact string that I entered into the form.

 

i.e this works:

$allowed = 'http://soundcloud.com';
$url = 'http://soundcloud.com/theshiverman/summer-beats-july-2010';

echo $_POST['mixdownloadlink'];

function isrighturl($allowed, $url){
        $allowed = preg_quote($allowed, '/:.');
        $regex = "/".$allowed.'\/[0-9a-zA-Z_\/\-]{1,99}'."/";

        $keywords = preg_match_all($regex, $url, $matches);
        $matches = count($matches[0]);

        if($matches == 1){
                return true;
        }
        else{
                return false;
        }
}

if(isrighturl($allowed, $url) == 1){
        echo "URL is OK";
}
else{
        echo "URL isnt right";
}

 

Whereas entering the same url (http://soundcloud.com/theshiverman/summer-beats-july-2010) into the mixdownloadlink field on the form and using this:

$allowed = 'http://soundcloud.com';
$url = $_POST['mixdownloadlink'];


function isrighturl($allowed, $url){
        $allowed = preg_quote($allowed, '/:.');
        $regex = "/".$allowed.'\/[0-9a-zA-Z_\/\-]{1,99}'."/";

        $keywords = preg_match_all($regex, $url, $matches);
        $matches = count($matches[0]);

        if($matches == 1){
                return true;
        }
        else{
                return false;
        }
}

if(isrighturl($allowed, $url) == 1){
        echo "URL is OK";
}
else{
        echo "URL isnt right";
}

 

Doesnt work.

 

 

Is this just me bring tired? I can't see what the problem is.

Similarly, this regex to allow an embed code for youtube also will not work when it comes from a form field.

 

This doesnt work:

$embed = $_POST['mixembedlink'];

if (preg_match('/<object width=\"([0-9]*)\" height=\"([0-9]*)\"><param name=\"movie\" value=\"(.*)\"><\/param><param name=\"allowFullScreen\" value=\".*\"><\/param><param name=\"allowscriptaccess\" value=\".*\"><\/param><embed src=\".*\" type=\".*\" allowscriptaccess=\".*\" allowfullscreen=\".*\" width=\"[0-9]*\" height=\"[0-9]*\"><\/embed><\/object>/',$embed,$preg_out)) {;
$width = $preg_out[1];
$height = $preg_out[2];
$url = $preg_out[3];


echo 'WORKING';


} else {
echo 'NOT WORKING!';
}

 

This however does work:

$embed = '<object width="480" height="385"><param name="movie" value="http://www.youtube.com/v/1mt3vZHDiM8?fs=1&hl=en_US"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/1mt3vZHDiM8?fs=1&hl=en_US" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed></object>';

if (preg_match('/<object width=\"([0-9]*)\" height=\"([0-9]*)\"><param name=\"movie\" value=\"(.*)\"><\/param><param name=\"allowFullScreen\" value=\".*\"><\/param><param name=\"allowscriptaccess\" value=\".*\"><\/param><embed src=\".*\" type=\".*\" allowscriptaccess=\".*\" allowfullscreen=\".*\" width=\"[0-9]*\" height=\"[0-9]*\"><\/embed><\/object>/',$embed,$preg_out)) {;
$width = $preg_out[1];
$height = $preg_out[2];
$url = $preg_out[3];


echo 'WORKING';


} else {
echo 'NOT WORKING!';
}

 

 

Can anyone shed some light on why this is? The form names are exactly right. I think i've checked and renamed them about 10 times each.

 

If you try...

 

echo '<pre>';
echo $_POST['mixembedlink'];
echo '</pre>';

 

...does the output look exactly the same as what you are pasting in the input? I'm guessing you've got something like magic_quotes enabled and it's inserting backslashes into the string, thus causing it to not match the pattern.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.