Tom10 Posted February 15, 2015 Share Posted February 15, 2015 Hi, i don't have a problem with this code it works fine, but i don't understand it. if(preg_match("#[^\w\/\&\\?\=\.]#", $fullURL)) { include 'deny.php'; die(); } else { } My understanding is that \w includes a-z Z-A so i don't understand when i load the page it doesn't instantly go to deny.php it make's sense to put the include 'deny.php' and die(); in else? Not sure if you understand what i mean, please say if you don't i will try to explain what i mean better. Quote Link to comment Share on other sites More sharing options...
Solution scootstah Posted February 15, 2015 Solution Share Posted February 15, 2015 The ^ character inside of a character class ([ ]) inverts the pattern. This is a way of creating a whitelist of allowed characters. If $fullURL contains characters that are outside of the allowed whitelist, then the pattern will match and run the code inside the conditional. Hopefully that makes sense. 1 Quote Link to comment Share on other sites More sharing options...
Tom10 Posted February 15, 2015 Author Share Posted February 15, 2015 The ^ character inside of a character class ([ ]) inverts the pattern. This is a way of creating a whitelist of allowed characters. If $fullURL contains characters that are outside of the allowed whitelist, then the pattern will match and run the code inside the conditional. Hopefully that makes sense. Thank you so much, scootstah. That made a lot of sense and cleared that up for me Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.