PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
pedrotuga
Forum Contributor
Posts: 249 Joined: Tue Dec 13, 2005 11:08 pm
Post
by pedrotuga » Mon Jun 26, 2006 5:37 am
Code: Select all
Warning: preg_replace(): Delimiter must not be alphanumeric or backslash in
the goal was to take away the "http://" from the referer... not working....
any sugestions?
JayBird
Admin
Posts: 4524 Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:
Post
by JayBird » Mon Jun 26, 2006 5:47 am
Might help to show the code you currently have
pedrotuga
Forum Contributor
Posts: 249 Joined: Tue Dec 13, 2005 11:08 pm
Post
by pedrotuga » Mon Jun 26, 2006 6:12 am
ops... forgot it...
Code: Select all
$referer = strip_tags($_SERVER["HTTP_REFERER"]);
$aux = preg_replace("http://","",$referer);
Weirdan
Moderator
Posts: 5978 Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine
Post
by Weirdan » Mon Jun 26, 2006 6:14 am
preg_replace requires a delimiter around the pattern, like this:
Code: Select all
$aux = preg_replace("#http://#","",$referer);
pedrotuga
Forum Contributor
Posts: 249 Joined: Tue Dec 13, 2005 11:08 pm
Post
by pedrotuga » Mon Jun 26, 2006 6:17 am
thx weirdan, that was fast
Verminox
Forum Contributor
Posts: 101 Joined: Sun May 07, 2006 5:19 am
Post
by Verminox » Mon Jun 26, 2006 7:30 am
In response to the code that you posted above, why do you use strip_tags() on $_SERVER['HTTP_REFERER'] ? I find it highlty unlikely that the referer will contain HTML tags
Weirdan
Moderator
Posts: 5978 Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine
Post
by Weirdan » Mon Jun 26, 2006 7:41 am
HTTP_REFERER is user-supplied data, thus it needs filtering. strip_tags could be enough, depending on the further usage of $aux variable.
pedrotuga
Forum Contributor
Posts: 249 Joined: Tue Dec 13, 2005 11:08 pm
Post
by pedrotuga » Mon Jun 26, 2006 1:14 pm
yes... is due to security reasons...
one could set up an evil server and send some malicious html through the headers... just in case.