Page 1 of 1

Help with filtering

Posted: Wed Nov 05, 2008 3:18 pm
by cjswanson1355
Greetings. I've been assigned a small project working with PHP, and this is my first time ever using the language. I've been able to get everything up and running, but I am stuck on security. I need to filter the data so it only allows characters, numbers, +-, and prevents hex encryption. I'm currently unable to upgrade to 5.2 so I can't use those provided functions. Can anyone suggest me some good code I can use for this project to protect the data? Preferably some code I can simply send a string into as an argument and return the filtered string.

Any help would be appreciated.

Re: Help with filtering

Posted: Thu Nov 06, 2008 12:15 am
by infolock
sounds to me like you need a regex expression.

preg_replace() is what you're looking for. For a newbie to PHP, you sure have a heck of a first project.

Anyways, once you learn how to use preg_replace, use the regex expression /^\w+|\s+$/ to validate what you want. if this doesn't do what you need, just do a quick google search on REGEX BASICS or view some of the posts found below the link I gave above. most commentors have done what you are saying at one point and may have something a bit closer to what you need.

Hope this helps.

(thanks for the small nod of saying replace instead of match =) )

Re: Help with filtering

Posted: Thu Nov 06, 2008 12:19 am
by novice4eva
you should dig into eregi_replace function.

Re: Help with filtering

Posted: Mon Nov 10, 2008 8:12 pm
by cjswanson1355
I appreciate the help regarding functions, but I have come to the conclusion that this is above my own programming capabilites. I could create a search and replace, but preventing hex encoding among other things is far to complex. I am actually a computer science student, and not an employee at a company. Regardless, I had a few more questions.

Are there any libraries outside of PHP 5.2 which can be used to perform this kind of function? I found the HTML purifier, but I am not completely sure as to what it exactly does. Is this a library of functions I can use for my PHP code, or does it simply add code to what I've already done. My employer has stated he wants some code which is part of a library which can be updated and used throughout the system.

I also found this:

http://kallahar.com/smallprojects/php_x ... nction.php

Would a piece of code such as this be sufficient for what I am trying to accomplish? I understand this may be a bit high level for what I am trying to protect. I am also worried about how much the code would bog down the system.

Any help would be greatly appreciated.

- In over his head -