Jump to content

preg_replace() syntax

sciencenerd

By sciencenerd
in PHP Coding Help

 Share

Recommended Posts

sciencenerd Newbie

sciencenerd

Posted
Posted

Hey, I'm creating a website that needs to allow users to submit content.  However, I'm trying to "clean" that content to a large degree because it will show on the page, so if there's any malicious formatting or scripts I need to remove those.  The code I'm about to post is *supposed* to remove all tags from $string except for <b >, <i > and <a > and additionally ensure that <b > and <i > have no arguments, while <a > only has the href="" argument and no others (note: spaces in tags to prevent the forum from rendering them).  The code:

 

        $string = strip_tags($string, '<b><i><a>' . $exceptions);

        $pattern[0] = '/(\<b)(.*)(\>)/e';

        $pattern[1] = '/(\<i)(.+?)(\>)/e';

        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';

        $replacement[0] = '\\1\\3';

        $replacement[1] = '\\1\\3';

        $replacement[2] = '\\1\\3\\4\\5\\7';

        $string = preg_replace($pattern, $replacement, $string);

 

When I try to run this on the string '<b >test</b >', for example, the following errors are generated by the compiler:

 

Parse error: parse error, unexpected '<' in /home/www/URL of site/standardfunctions.php(56) : regexp code on line 1

 

Fatal error: preg_replace(): Failed evaluating code: <b > *SPACE ADDED* in /home/www/URL of site/standardfunctions.php on line 56

 

Line 56 in this case corresponds to the final line of my posted code.  Thanks in advance for any insight on this annoying problem!

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/
Share on other sites
sciencenerd Newbie

sciencenerd

Posted
  • Author
Posted

Okay, here's the whole function (I commented out everything else in the file to see if it would help, but no dice.  My problem has to be inside the function I think).

 

<?php

 

function CleanText($string, $class=null, $exceptions=null)

{

    if ($class == 'strict')

    {

        $string = strip_tags($string, '<b ><i ><a >' . $exceptions);

        $pattern[0] = '/(\<b)(.*)(\>)/e';

        $pattern[1] = '/(\<i)(.+?)(\>)/e';

        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';

        $replacement[0] = '\\1\\3';

        $replacement[1] = '\\1\\3';

        $replacement[2] = '\\1\\3\\4\\5\\7';

        $string = preg_replace($pattern, $replacement, $string);

    }

    elseif ($class == 'lax')

    {

        $string = strip_tags($string, '<b ><i ><a ><span ><div ><table ><tr ><td ><h1 ><h2 ><h3 ><h4 ><h5 ><h6 ><br ><br /><ol ><ul ><li ><img ><img />' . $exceptions);

    }

    elseif ($class == null)

    {

        $string = strip_tags($string, $exceptions);

        $string = preg_replace('/\"/', '', $string);

    }

return $string;

}

 

echo CleanText('<b test>is a test</b test>', 'strict');

 

?>

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/#findComment-265507
Share on other sites
sciencenerd Newbie

sciencenerd

Posted
  • Author
Posted

Ok, my mistake.  The reason the previous code compiled correctly is because of the spaces I put in the HTML tags to keep them from formatting my text when copying it to the form.  Now that I've found the "code" attribute on the forum, I can copy-paste directly.  Here's the code without the spaces in tags.  This is the code I've tested EXACTLY that produces the errors.  My apologies for the earlier ones that didn't.

<?php

function CleanText($string, $class=null, $exceptions=null)
{
    if ($class == 'strict')
    {
        $string = strip_tags($string, '<b><i><a>' . $exceptions);
        $pattern[0] = '/(\<b)(.*)(\>)/e';
        $pattern[1] = '/(\<i)(.+?)(\>)/e';
        $pattern[2] = '/(\<a)(.+?)(href=\")(.+?)(\")(.+?)(\>)/e';
        $replacement[0] = '\\1\\3';
        $replacement[1] = '\\1\\3';
        $replacement[2] = '\\1\\3\\4\\5\\7';
        $string = preg_replace($pattern, $replacement, $string);
    }
    elseif ($class == 'lax')
    {
        $string = strip_tags($string, '<b><i><a><span><div><table><tr><td><h1><h2><h3><h4><h5><h6><br><ol><ul><li><img><img />' . $exceptions);
    }
    elseif ($class == null)
    {
        $string = strip_tags($string, $exceptions);
        $string = preg_replace('/\"/', '', $string);
    }
return $string;
}

echo CleanText('<b test>is a test</b test>', 'strict');

?>

Link to comment
https://forums.phpfreaks.com/topic/53689-preg_replace-syntax/#findComment-265894
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.