Page 1 of 1

regular expressions to look for specific series of character

Posted: Sat Oct 14, 2006 5:27 pm
by kippy
I am not sure the best way to ask this, but how can regular expressions be used to validate that a field entry does not include <> </> html tags, etc? The field entry would be rather random and can include - and /

Thanks for the advice.

Posted: Sat Oct 14, 2006 5:34 pm
by feyd
you could just assume it does and use strip_tags() or possibly Ambush Commander's HTML cleaning class.

Posted: Sat Oct 14, 2006 5:35 pm
by kippy
Thanks for the quick reply....you are watching the board like a hawk...

I can look into your first option, but the second one was complete giberish to me...

Thanks for the advice!

Posted: Sat Oct 14, 2006 5:38 pm
by feyd

Posted: Sat Oct 14, 2006 7:58 pm
by Stevenr
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Code: Select all

if($str === html_entity_decode(strip_tags($str)))
{
// Doesn't contains tags
}
else
{
//Does contain tags
}

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Sat Oct 14, 2006 8:06 pm
by kippy
strip_tags() appears to work perfectly...are there any flaws in tis that I need to worry about?

Thanks again for the advice!

Posted: Sat Oct 14, 2006 8:08 pm
by feyd
strip_tags() is a fairly, shall I say, dumb function. It has the potential to cut tags incorrectly quite easily.

Posted: Sat Oct 14, 2006 8:19 pm
by kippy
well it should help in my case...i mean i am still going to receive the unwanted emails from the form, but te links will be removed(hopefully)....I need to think of a way to validate the fields before the email is sent...I wonder if I could create an array of keywords to block the email from being sent out.

Posted: Sat Oct 14, 2006 8:20 pm
by kippy
or if I use a random function to have the user fill in a response to match the random variable.....annoying, but maybe it will deter the emails from coming all the time.

Posted: Sat Oct 14, 2006 10:53 pm
by Cameri
What I would do is convert those special characters, <, /, >, etc, to HTML entities.

Posted: Sun Oct 15, 2006 12:34 pm
by Ambush Commander
I don't see why you can't just use htmlspecialchars()