To prevent malicious users from trying to exploit keys we make sure that keys are only named with alpha-numeric text and a few other items, using preg_match
.
This is the code:
if (!preg_match('#^[&a-zA-Z0-9\.:_/-\s]+$#uD', $str)) {
exit('String not valid:' . $str);
}
This function working well until the last week, when the customer update WAMP
on test server. Using string as dverse.session
, the code enter in EXIT()
. I've checked the regular expression with http://www.phpliveregex.com/ but the regular expression is working well. What could be the problem?