Page 1 of 1
preg_replace() not dealing well with "http://"
Posted: Mon Jun 26, 2006 5:37 am
by pedrotuga
Code: Select all
Warning: preg_replace(): Delimiter must not be alphanumeric or backslash in
the goal was to take away the "http://" from the referer... not working....
any sugestions?
Posted: Mon Jun 26, 2006 5:47 am
by JayBird
Might help to show the code you currently have
Posted: Mon Jun 26, 2006 6:12 am
by pedrotuga
ops... forgot it...
Code: Select all
$referer = strip_tags($_SERVER["HTTP_REFERER"]);
$aux = preg_replace("http://","",$referer);
Posted: Mon Jun 26, 2006 6:14 am
by Weirdan
preg_replace requires a delimiter around the pattern, like this:
Code: Select all
$aux = preg_replace("#http://#","",$referer);
Posted: Mon Jun 26, 2006 6:17 am
by pedrotuga
thx weirdan, that was fast
Posted: Mon Jun 26, 2006 7:30 am
by Verminox
In response to the code that you posted above, why do you use strip_tags() on $_SERVER['HTTP_REFERER'] ? I find it highlty unlikely that the referer will contain HTML tags

Posted: Mon Jun 26, 2006 7:41 am
by Weirdan
HTTP_REFERER is user-supplied data, thus it needs filtering. strip_tags could be enough, depending on the further usage of $aux variable.
Posted: Mon Jun 26, 2006 1:14 pm
by pedrotuga
yes... is due to security reasons...
one could set up an evil server and send some malicious html through the headers... just in case.