endofradio Posted July 13, 2007 Share Posted July 13, 2007 Hi - I feel awful to ask such a basic question but I'm at my wits end. I'm currently using this standard script: <?php if (isset($_GET['id'])) { $id = $_GET['id']; } else { $id = '1'; } if (preg_match('/^[a-z0-9_-]+$/i', $id)) { require('./' . $id . '.php'); } else { die('Invalid Input'); } ?> To avoid manipulation of my links. However, I wish to allow the '/' symbol to be used, so that I can call files from a directory under the name 'portfolio' (because I require a $count function on these files, they have to be in a seperate folder). I simply cannot make it work. Thanks to anyone that can solve the problem. Quote Link to comment https://forums.phpfreaks.com/topic/59827-solved-preg_match-list-accepting-slashes-folder-access/ Share on other sites More sharing options...
Wildbug Posted July 13, 2007 Share Posted July 13, 2007 If you want to use the '/' in a regular expression, either escape it, '/like\/this/' or use a different delimiter, '|like/this|'. Quote Link to comment https://forums.phpfreaks.com/topic/59827-solved-preg_match-list-accepting-slashes-folder-access/#findComment-297501 Share on other sites More sharing options...
sasa Posted July 13, 2007 Share Posted July 13, 2007 try <?php if (isset($_GET['id'])) { $id = $_GET['id']; } else { $id = '1'; } $id = 's/adr/index'; //for testing if (preg_match('/^[a-z0-9_-]+[\/a-z0-9_-]+[a-z0-9_-]+$/i', $id)) { //require('./' . $id . '.php'); echo 'OK'; } else { die('Invalid Input'); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/59827-solved-preg_match-list-accepting-slashes-folder-access/#findComment-297507 Share on other sites More sharing options...
endofradio Posted July 13, 2007 Author Share Posted July 13, 2007 Fantastic, thanks, I'll try those out now. Quote Link to comment https://forums.phpfreaks.com/topic/59827-solved-preg_match-list-accepting-slashes-folder-access/#findComment-297582 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.