Jump to content

preg_replace() syntax


sciencenerd

Recommended Posts

Hey, I'm creating a website that needs to allow users to submit content.  However, I'm trying to "clean" that content to a large degree because it will show on the page, so if there's any malicious formatting or scripts I need to remove those.  The code I'm about to post is *supposed* to remove all tags from $string except for <b >, <i > and <a > and additionally ensure that <b > and <i > have no arguments, while <a > only has the href="" argument and no others (note: spaces in tags to prevent the forum from rendering them).  The code:

 

        $string = strip_tags($string, '<b><i><a>' . $exceptions);

        $pattern[0] = '/(\<b)(.*)(\>)/e';

        $pattern[1] = '/(\<i)(.+?)(\>)/e';

        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';

        $replacement[0] = '\\1\\3';

        $replacement[1] = '\\1\\3';

        $replacement[2] = '\\1\\3\\4\\5\\7';

        $string = preg_replace($pattern, $replacement, $string);

 

When I try to run this on the string '<b >test</b >', for example, the following errors are generated by the compiler:

 

Parse error: parse error, unexpected '<' in /home/www/URL of site/standardfunctions.php(56) : regexp code on line 1

 

Fatal error: preg_replace(): Failed evaluating code: <b > *SPACE ADDED* in /home/www/URL of site/standardfunctions.php on line 56

 

Line 56 in this case corresponds to the final line of my posted code.  Thanks in advance for any insight on this annoying problem!

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/
Share on other sites

Okay, here's the whole function (I commented out everything else in the file to see if it would help, but no dice.  My problem has to be inside the function I think).

 

<?php

 

function CleanText($string, $class=null, $exceptions=null)

{

    if ($class == 'strict')

    {

        $string = strip_tags($string, '<b ><i ><a >' . $exceptions);

        $pattern[0] = '/(\<b)(.*)(\>)/e';

        $pattern[1] = '/(\<i)(.+?)(\>)/e';

        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';

        $replacement[0] = '\\1\\3';

        $replacement[1] = '\\1\\3';

        $replacement[2] = '\\1\\3\\4\\5\\7';

        $string = preg_replace($pattern, $replacement, $string);

    }

    elseif ($class == 'lax')

    {

        $string = strip_tags($string, '<b ><i ><a ><span ><div ><table ><tr ><td ><h1 ><h2 ><h3 ><h4 ><h5 ><h6 ><br ><br /><ol ><ul ><li ><img ><img />' . $exceptions);

    }

    elseif ($class == null)

    {

        $string = strip_tags($string, $exceptions);

        $string = preg_replace('/\"/', '', $string);

    }

return $string;

}

 

echo CleanText('<b test>is a test</b test>', 'strict');

 

?>

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/#findComment-265507
Share on other sites

Ok, my mistake.  The reason the previous code compiled correctly is because of the spaces I put in the HTML tags to keep them from formatting my text when copying it to the form.  Now that I've found the "code" attribute on the forum, I can copy-paste directly.  Here's the code without the spaces in tags.  This is the code I've tested EXACTLY that produces the errors.  My apologies for the earlier ones that didn't.

<?php

function CleanText($string, $class=null, $exceptions=null)
{
    if ($class == 'strict')
    {
        $string = strip_tags($string, '<b><i><a>' . $exceptions);
        $pattern[0] = '/(\<b)(.*)(\>)/e';
        $pattern[1] = '/(\<i)(.+?)(\>)/e';
        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';
        $replacement[0] = '\\1\\3';
        $replacement[1] = '\\1\\3';
        $replacement[2] = '\\1\\3\\4\\5\\7';
        $string = preg_replace($pattern, $replacement, $string);
    }
    elseif ($class == 'lax')
    {
        $string = strip_tags($string, '<b><i><a><span><div><table><tr><td><h1><h2><h3><h4><h5><h6><br><ol><ul><li><img><img />' . $exceptions);
    }
    elseif ($class == null)
    {
        $string = strip_tags($string, $exceptions);
        $string = preg_replace('/\"/', '', $string);
    }
return $string;
}

echo CleanText('<b test>is a test</b test>', 'strict');

?>

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/#findComment-265894
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.