dourao1896 2013-02-01 10:41
浏览 15

PHP正则表达式澄清

I am using this preg_match value to verify that the input into the server is clean from all sorts of malicious characters.

preg_match('/^[a-zA-Z)(\!@&,0-9\?_\-\.\s\*&\$
]{0,'. $str_length.'}$/',$_POST['text'])

If there's no match I return false, and the server won't accept it. I would like to add links to that input. so that I can get:

"hello there, this is my picture: http://myserver.com/imgs/user-images/user222.jpg 
and this is my dog http://myserver.com/imgs/user-images/user222-dog.jpg"

How can I add links to my input?

  • 写回答

1条回答 默认 最新

  • duanlv2788 2013-02-01 10:51
    关注

    I think you should rather use something like htmlentities and your RDBMS library tools to avoid malicious characters rather than implement your own regex. Yours seems very restrictive : no + sign, no colon, no semi-colon, no percent... I don't know what your application is, but users might dislike that.

    评论

报告相同问题?

悬赏问题

  • ¥15 基于卷积神经网络的声纹识别
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 CSAPPattacklab
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图
  • ¥15 stm32开发clion时遇到的编译问题