Why is this regex failing?

[terungwa]

I am building a whitelist based bbcode sanitiser that allows only permitted bbcode element (the

tag. All other bbcode elements  will be rejected regardless of what they are.

Also, this system should reject empty bbcode tag

This is the function below:

$val = 'This is a post with code, [code]cmmcxm[/code]';/* The negative lookahead regex contruct in the function below ensures all opening square brackets must be followed by this regex inside the lookahead(code\](.)+\[\/code\])*/function isSuspect($val) {	   // create a pattern to whitelist allowed bbcode phrase   $pattern = '/[(?!(code\](.)+\[\/code\]))/i';   // if one of the suspect phrases is found, reject                                                  \[(?!(code\]\[/code\]))   if (preg_match($pattern, $val))    {	return '<div id="login-alert" class="alert alert-danger col-sm-12">You can not post that, it appears you may have included banned words or code tags in your post.<br/>If you think this is not the case, kindly contact the portal administrator <a href="#"><img class="warning" src="assets/img/icons/mail-black.png" alt="" /> here</a></div>';   }}echo isSuspect($val);

This function is not validating $val = 'This is a post with code,

cmmcxm

'; and I was thinking it should.

 

I would appreciate inputs to finish this.

 

Thanks.

[hansford]

I was going to include the lookahead, but it doesn't appear you need it. I'll let others weigh in on this, but this is all you need from what I'm seeing.

$pattern = '/\[code\](.)+\[\/code\]/i';