Page 1 of 1

Got problem with preg_match()

Posted: Mon Oct 09, 2006 2:03 am
by chakhar86
I want to validate user input for fixed length string.
It's 2, 6 or 9 characters length string.
The pattern is :

right pattern :
dd : 02
dd.ddd : 02.050
dd.ddd.dd : 02.050.10

wrong pattern :
a2
20.
20..10
etc.

I've already tried some pattern
$pat1 = "/\b\d{2}(\b|\.\d{3})(\b|\.\d{2})/";
and
$pat2 = "/\b\d{2}(\.\d{3})?(\.\d{2})?/";

but the preg_match() still return true for wrong pattern case 2,... (it makes false return for case 1 though)

I know the second one is not so good, but did I make mistake for $pat1 ???

Posted: Mon Oct 09, 2006 3:17 am
by torpedo83
Does every group of number go from 2 to 3 numeric chars separeted by a DOT ?

Posted: Mon Oct 09, 2006 3:39 pm
by feyd

Code: Select all

#(?<!\d|\.)\d{2}(?:\.\d{3}(?:\.\d{2})?)?(?!\d|\.)#

Code: Select all

[feyd@home]>php -r "foreach($argv as $arg) var_dump($arg, (bool)preg_match('#(?<!\d|\.)\d{2}(?:\.\d{3}(?:\.\d{2})?)?(?!\d|\.)#', $arg));" asdf 1234 12 12.34 12.345 12.345. 12.345a 12.345.6 12.345.67 1.234.5 1.234.56
string(1) "-"
bool(false)
string(4) "asdf"
bool(false)
string(4) "1234"
bool(false)
string(2) "12"
bool(true)
string(5) "12.34"
bool(false)
string(6) "12.345"
bool(true)
string(7) "12.345."
bool(false)
string(7) "12.345a"
bool(true)
string(8) "12.345.6"
bool(false)
string(9) "12.345.67"
bool(true)
string(7) "1.234.5"
bool(false)
string(8) "1.234.56"
bool(false)

Posted: Mon Oct 09, 2006 7:01 pm
by Ollie Saunders

Code: Select all

$input = array('20', '20.505', '20.505.01');
$regex = '/^\d{2}(?:\.\d{3}(?:\.\d{2})?)?$/';

foreach ($input as $i => $v) {
    $match = array();
    preg_match($regex, trim($input[$i]), $match);
    var_dump($match);
    echo '<br />';
}
Possibly a little simpler and more secure for your needs.

Posted: Tue Oct 10, 2006 8:23 am
by chakhar86
what does this pattern "(?: )" means, haven't tried it yet, and this computer doesn't have PHP to tried it out...

Posted: Tue Oct 10, 2006 8:40 am
by Ollie Saunders
Non-capturing subpattern.
When you group things with () you create subpatterns with separate results in the $match variable, putting ?: prevents this from happening and lumps them all together still.

Code: Select all

$nonCapturing = '/^\d{2}(?:\.\d{3}(?:\.\d{2})?)?$/';
$capturing = '/^\d{2}(\.\d{3}(\.\d{2})?)?$/';
preg_match($nonCapturing, '20.505.01', $match);
var_dump($match);
preg_match($capturing, '20.505.01', $match);
var_dump($match);

Code: Select all

array(1) {
  [0]=>
  string(9) "20.505.01"
}
array(3) {
  [0]=>
  string(9) "20.505.01"
  [1]=>
  string(7) ".505.01"
  [2]=>
  string(3) ".01"
}

Posted: Sat Oct 14, 2006 2:37 am
by chakhar86
Non-capturing subpattern.
When you group things with () you create subpatterns with separate results in the $match variable, putting ?: prevents this from happening and lumps them all together still
I tried it yesterday and it worked....
Thanks, guys your the best...

but I still don't get what happened, can you explain it to me?

and where can I find pattern validation for:
date (for all format, e.g. dd-mm-yy; mm, dd yyy; etc.)
email address
SQL injection prevention
and others

Posted: Sat Oct 14, 2006 7:32 am
by feyd
  • The patterns above can be altered to your date formats
  • email addresses are fairly complicated, but luckily we had a user that has an RFC compliant regex.
    http://svn.gna.org/viewcvs/blacknova/tr ... iew=markup
  • SQL injection filters will depend greatly on what data you are expecting and what data the database is expecting. Generally, mysql_real_escape_string() or your database's equivalent are sufficient to prepare the data, but not to make sure it conforms to the expected value.
  • and other what?

Posted: Mon Oct 16, 2006 10:50 am
by chakhar86
I think those are enough.
Thank's men