Exploits? Improvements?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
hob_goblin
Forum Regular
Posts: 978
Joined: Sun Apr 28, 2002 9:53 pm
Contact:

Exploits? Improvements?

Post by hob_goblin »

I just want your opinions before i put this code i made into use:

Code: Select all

function finalize($string){ 
$string = strip_tags($string); 
$string = eregi_replace( 
 "\їurl=(їa-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\](.*)\ї/url\]", 
 "<a href="\\1" target="_blank">\\2</a>", 
 $string); 
$string = eregi_replace( 
 "\&#1111;url\](&#1111;a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\&#1111;/url\]", 
 "<a href="\\1" target="_blank">\\1</a>", 
 $string); 
$string = eregi_replace( 
 "\&#1111;img\](&#1111;a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\&#1111;/img\]", 
 "<img src="\\1" border="0" />", 
 $string); 
$string = eregi_replace( 
 "\&#1111;b\](.*)\&#1111;/b\]", 
 "<b>\\1</b>", 
 $string); 
$string = eregi_replace( 
 "\&#1111;u\](.*)\&#1111;/u\]", 
 "<u>\\1</u>", 
 $string); 
$string = eregi_replace( 
 "\&#1111;i\](.*)\&#1111;/i\]", 
 "<i>\\1</i>", 
 $string); 
return $string; 
&#125;
lc
Forum Contributor
Posts: 188
Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands

Post by lc »

I think it looks amazing, but that's prolly due to the fact that I have no idea what it would do ;)
User avatar
hob_goblin
Forum Regular
Posts: 978
Joined: Sun Apr 28, 2002 9:53 pm
Contact:

Post by hob_goblin »

the equivalent of like [ url ] thing [ /url ] and [ b ] [ / b ] etc...
daemorhedron
Forum Commoner
Posts: 52
Joined: Tue Jul 23, 2002 11:03 am

Post by daemorhedron »

Looks good. Don't know how you are using it, but from the looks of it, it wouldn't allow me to type something like <example>this is a test</example>. That might not be an important or even a wanted feature for you of course, but thought I would mention it. If you do want to allow things like that, you may want to look into htmlspecialchars() and the like.

HTH
fatalcure
Forum Contributor
Posts: 141
Joined: Thu Jul 04, 2002 12:57 pm
Contact:

Post by fatalcure »

i use this:

Code: Select all

function parseCode($data) &#123;
	$data = " " . $data;
      $data = preg_replace("#\&#1111;b\](.*?)\&#1111;\/b\]#si", "<b>\\1</b>", $data);
      $data = preg_replace("#\&#1111;i\](.*?)\&#1111;\/i\]#si", "<i>\\1</i>", $data);
	  $data = preg_replace("#\&#1111;u\](.*?)\&#1111;\/u\]#si", "<u>\\1</u>", $data);
      
      //img
      $data = preg_replace("#\&#1111;img\](http:\/\/)?(.*?)\&#1111;\/img\]#si", "<IMG SRC="http://\\2" BORDER=0>", $data);

	  //url validation
			$data = eregi_replace('(&#1111;&#1111;:space:]()&#1111;&#123;&#125;])(www.&#1111;-a-zA-Z0-9@:%_\+.~#?&//=]+)', '\\1<A HREF="http://\\2" target="_blank">\\2</a>', $data); 
			$data = eregi_replace('(&#1111;&#1111;:space:]()&#1111;&#123;&#125;])(http://.&#1111;-a-zA-Z0-9@:%_\+.~#?&//=]+)', '\\1<A HREF="\\2" target="_blank">\\2</a>', $data); 
      $data = preg_replace("/\&#1111;url\](http:\/\/)?(.*?)\&#1111;\/url\]/si", "<A HREF="http://\\2" TARGET="_blank">\\2</A>", $data);
      $data = preg_replace("/\&#1111;url=(http:\/\/)?(.*?)\](.*?)\&#1111;\/url\]/si", "<A HREF="http://\\2" TARGET="_blank">\\3</A>", $data);
      $data = preg_replace("/\&#1111;email\](.*?)\&#1111;\/email\]/si", "<A HREF="mailto:\\1">\\1</A>", $data);
	  
	  //color
	  $data = preg_replace("#\&#1111;color=(\#&#1111;0-9A-F]&#123;6&#125;|&#1111;a-z\-]+)\](.*?)\&#1111;/color\]#si", "<font color=\\1>\\2</font>", $data);

	  //size
	  $data = preg_replace("#\&#1111;size=(&#1111;0-5])\](.*?)\&#1111;/size\]#si", "<font size=\\1pt>\\2</font>", $data);

		      		
		return trim($data);
&#125;
User avatar
hob_goblin
Forum Regular
Posts: 978
Joined: Sun Apr 28, 2002 9:53 pm
Contact:

Post by hob_goblin »

ahh, thanks a TON.
Post Reply