Vulnerability Development mailing list archives
Re: String checking with PHP
From: joe () BLARG NET (Joe)
Date: Wed, 24 May 2000 16:04:38 -0700
On Wed, 24 May 2000, Arturo Busleiman wrote:
(Version en espa~nol, leer mas abajo) Well, yesterday I asked for help regarding how to check if a string has only valid characters, well here I attach what I programed by myself, I hope it is useful for everyone out there who needs it. It's really simple, and if you experts find any bug or problem (exceptuating speed :), PLEASE mail me.
As with most programming tasks, there's more than one way to skin this cat. Your method works, but it's fairly intense and will get very expensive on large strings. Why expend so much effort when a single regular expression will do the job? (Especially with regex caching built into newer versions of PHP3 and PHP4) <?php Header("Content-type: text/plain"); function is_clean($text="") { if(empty($text)) { return true; } $diff = ereg_replace("([-_@.A-Za-z0-9])","",$text); if(empty($diff)) { print "Clean String [$text]\n"; return true; } print "Dirty String [$text] has [$diff]\n"; return false; } is_clean('whateveryouwant2check () mpol com ar'); is_clean('yeah, right!;ls -ald ~user'); is_clean('378192317'); ?> (sample output) Clean String [whateveryouwant2check () mpol com ar] Dirty String [yeah, right!;ls -ald ~user] has [, !; ~] Clean String [378192317] -- Joe Technical Support General Support: support () blarg net Blarg! Online Services, Inc. Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net
Current thread:
- Re: reverse engineer c or java, (continued)
- Re: reverse engineer c or java za () boo ma fu (May 21)
- Re: reverse engineer c or java Bluefish (May 22)
- Re: reverse engineer c or java za () boo ma fu (May 22)
- Re: reverse engineer c or java Bluefish (May 23)
- Re: reverse engineer c or java Mark Rafn (May 20)
- Re: reverse engineer c or java Pedro Hugo (May 20)
- Re: reverse engineer c or java phazer (May 20)
- Re: reverse engineer c or java Warner Losh (May 21)
- Re: reverse engineer c or java Liviu Daia (May 22)
- String checking with PHP Arturo Busleiman (May 24)
- Re: String checking with PHP Joe (May 24)
- Re: String checking with PHP Arturo Busleiman (May 24)
- Why not a changeling? Daniel Petzen (May 20)
- Re: Why not a changeling? Bluefish (May 20)
- Re: Why not a changeling? Daniel Petzen (May 20)
- Netscape forms using standard windows controls No User (May 21)
- Re: Netscape forms using standard windows controls Derek Reynolds (May 21)
- Re: Netscape forms using standard windows controls Pavel Kankovsky (May 22)
- Re: Netscape forms using standard windows controls Chon-Chon Tang (May 22)
- Re: Why not a changeling? Bluefish (May 21)
- TopLayer layer 7 switch Advisory User nawk (May 20)