Vulnerability Development mailing list archives
String checking with PHP
From: buanzox () USA NET (Arturo Busleiman)
Date: Wed, 24 May 2000 15:19:05 -0300
(Version en espa~nol, leer mas abajo) Well, yesterday I asked for help regarding how to check if a string has only valid characters, well here I attach what I programed by myself, I hope it is useful for everyone out there who needs it. It's really simple, and if you experts find any bug or problem (exceptuating speed :), PLEASE mail me. =-=-= Bueno, lo siguiente es una funcioncita que escribi en PHP que lo que hace es devolver TRUE si una cadena contiene SOLAMENTE caracteres validos (definibles, obviamente). ver el codigo adjunto (test_string.php3) para ver como funciona. cualquier bug o duda, me mandan un email! un abrazo para todos. *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net *> Lista social de mail. Envia e-mail en blanco a lsb-subscribe () egroups com *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!! <?php /* Demonstration program of a string checking function, that is: if string has unwanted characters, it is INVALID. (returns FALSE). by Arturo Busleiman <buanzox () usa net>. Thanks go to VULN-DEV () SECURITYFOCUS COM Hey, my first useful function with PHP :) */ $VALID_CHARS_LOW = "abcdefghijklmnopqrstuvwxyz"; $VALID_CHARS_UP = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $VALID_CHARS_NUM = "0123456789"; $VALID_CHARS_SYMBOL = "-_@."; // you may add whatever you need.. $VALID_CHARS_ALPHA = $VALID_CHARS_LOW.$VALID_CHARS_UP; $VALID_CHARS_ALL = $VALID_CHARS_ALPHA.$VALID_CHARS_NUM.$VALID_CHARS_SYMBOL; function chequear ($cadena,$validos) { for ($z=0;$z<strlen($cadena);$z++) for ($i=0;$i<strlen($validos)+1;$i++) { if ($i==strlen($validos)) return(FALSE); if ($validos[$i]==$cadena[$z]) break; else continue; } return(TRUE); } $string1 = "whateveryouwant2check () mpol com ar"; $string2 = "yeah, right!;ls -ald ~user"; $string3 = "378192317"; if (chequear($string1,$VALID_CHARS_ALL)==FALSE) printf("cadena invalida<BR>"); else printf("cadena VALIDA<BR>"); if (chequear($string2,$VALID_CHARS_ALL)==FALSE) printf("cadena invalida<BR>"); else printf("cadena VALIDA<BR>"); if (chequear($string3,$VALID_CHARS_ALPHA)==FALSE) printf("cadena invalida<BR>"); else printf("cadena VALIDA<BR>"); ?>
Current thread:
- Re: reverse engineer c or java, (continued)
- Re: reverse engineer c or java Erik Debill (May 22)
- Re: reverse engineer c or java za () boo ma fu (May 21)
- Re: reverse engineer c or java Bluefish (May 22)
- Re: reverse engineer c or java za () boo ma fu (May 22)
- Re: reverse engineer c or java Bluefish (May 23)
- Re: reverse engineer c or java Mark Rafn (May 20)
- Re: reverse engineer c or java Pedro Hugo (May 20)
- Re: reverse engineer c or java phazer (May 20)
- Re: reverse engineer c or java Warner Losh (May 21)
- Re: reverse engineer c or java Liviu Daia (May 22)
- String checking with PHP Arturo Busleiman (May 24)
- Re: String checking with PHP Joe (May 24)
- Re: String checking with PHP Arturo Busleiman (May 24)
- Why not a changeling? Daniel Petzen (May 20)
- Re: Why not a changeling? Bluefish (May 20)
- Re: Why not a changeling? Daniel Petzen (May 20)
- Netscape forms using standard windows controls No User (May 21)
- Re: Netscape forms using standard windows controls Derek Reynolds (May 21)
- Re: Netscape forms using standard windows controls Pavel Kankovsky (May 22)
- Re: Netscape forms using standard windows controls Chon-Chon Tang (May 22)
- Re: Why not a changeling? Bluefish (May 21)