PHP validation (two conditions) - php

I am making a json validation that needs to validate url that starts with http:// or https://
if(preg_match("/^[http://][a-zA-Z -]+$/", $_POST["url"]) === 0)
if(preg_match("/^[https://][a-zA-Z -]+$/", $_POST["url"]) === 0)
Am I wrong in synatx, and also how should i combine both (http and https) in same statement ?
Thank you !


Use $_SERVER['HTTPS']
$isHttps = (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ? true : false;


you can use parse_url
<?php
$url = parse_url($_POST["url"]);
if($url['scheme'] == 'https'){
// is https;
}else if($url['scheme'] == 'http'){
// is http;
}
// try to do this, so you can know what is the $url contains
echo '<pre>';print_r($url);echo '</pre>';
?>
OR
<?php
if (substr($_POST["url"], 0, 7) == "http://")
$res = "http";
if (substr($_POST["url"], 0, 8) == "https://")
$res = "https";
?>


If you want to check your string starts with http:// or https:// without worrying about the validity of the whole URL, just do that :
<?php
if (preg_match('`^https?://.+`i', $_POST['url'])) {
// $_POST['url'] starts with http:// or https://
}

Related

How to get to know whether current url it's in http or https in php/laravel

Is there anyone know how to achieve this? , if possible i don't want the full url , i just want to get whether it's http or https in laravel or php .

use parse_url()
Parse a URL and return its components
$url = 'http://username:password#hostname:9090/path?arg=value#anchor';
echo parse_url($url, PHP_URL_SCHEME);
// var_dump(parse_url($url)); it will return all components .
OUTPUT :
http

You can use Laravels built in Request secure() method.

You can do it like so in php:
if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {
return true;
}
You can wrap it in a function like so:
function requestIsHTTPS(){
if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {
return true;
}
return false;
}

Detect http or https failed using $_SERVER

I want to check whether the url is via https or http, but i tested on https://www.techinasia.com/, it return me "http://" instead.
$url = http://example.com;
if($html = #DOMDocument::loadHTML(file_get_contents($url))) {
...
...
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
{
echo "https://";
}
else
{
echo "http://";
}
}
Any idea what's wrong?

Validate a URL PHP

I've working on a project and in this project i need to check the user input is a valid URL.
I've made a preg_match for all possible characters used on a URL. However, I'm trying to make it show an error if HTTP:// / HTTPS:// is not in front of the URL.
Here is what I've done.
if(preg_match('/[^0-9a-zA-Z.\-\/:?&=#%_]/', $url) || substr($url, 0, 7) != "http://" || substr($url, 0, 8) != "https://") {
But that doesn't work. It keeps giving me the an OK message. I'm not sure what I'm doing wrong here, I hope I can get some help!
The if statement will return true or false. So
if(preg_match('/[^0-9a-zA-Z.\-\/:?&=#%_]/', $url) || substr($url, 0, 7) != "http://" || substr($url, 0, 8) != "https://") {
echo "true";
} else {
echo "false";
}
I just need to check if the url has entered a valid url. I don't need to verify it. Just need to check if it has HTTP:// or HTTPS:// and contains valid URL characters.

Instead of a regex, you could make things easy on yourself and use the URL filtering in filter_var:
if (filter_var($url, FILTER_VALIDATE_URL)) { ...

Alternately you can do this without regex. Though you do also need to validate the url imagine http://">bla</a><script>alert('XSS');</script> as the value passed as there url
<?php
$url = 'http://example.com';
if(in_array(parse_url($url, PHP_URL_SCHEME),array('http','https'))){
if (filter_var($url, FILTER_VALIDATE_URL) !== false) {
//valid url
}else{
//not valid url
}
}else{
//no http or https
}
?>
parse_url()
filter_var()

You've not shown your complete relevant code. So, not sure, why it is not working for you but for url validation, you can check for a detailed discussion on the thread link below:
PHP validation/regex for URL

To validate user input with website url it is good to allow with or without scheme and with or without www, then in view add scheme to set as external url.
$withWww = 'www.' . str_replace(array('www.'), '', $value);
$withScheme = 'http://' . str_replace(array('http://', 'htttps://'), '', $withWww);
$headers = #get_headers($withScheme);
if (strpos($headers[0], '200') === false) {
return false;
}

How to retrieve http or https in URI

I need to do something based on either http or https. For example:
$https = strpos($_SERVER['REQUEST_URI'], 'https') !== false;
if ($https) { ?>
<script type="text/javascript">
var a = 'a';
</script>
<?php } else { ?>
<script type="text/javascript">
var b = 'b';
</script>
<?php } ?>
But this doesn't work. It always goes to the second option regardless the page I access is http or https. Is there any work around? Thanks in advance.

Try using if (isset($_SERVER['HTTPS'])) instead.

$_SERVER['REQUEST_URI'] only returns the path relative to the server root, not the domain or protocol. Besides, your code would fail if I were to access http://example.com/https-is-cool.
Instead, try:
$https = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== "off";

if(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443){
echo 'https';
}else{
echo 'http';
}
or as a variable:
$https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? true : false;

I would agree with #MichaelBertwoski's comment that if you are simply trying to do this for javascript, do the detection in javascript like this.
if (window.location.protocol == 'https:') {
var a = 'a';
} else {
var b = 'b';
}
If you need the information in PHP you can use one of the other answers posted.

Identify whether the current url is http or https in a project

I have a website in Zend framework. Here I want to identify whether the current URL contains HTTPS or HTTP? I have used the following code
if($_SERVER['HTTPS']==on){ echo "something";}else{ echo "something other";}
But the result is not correct. Is there is any other way to identify this?
Also I have one more question.
How to get complete current url (including HTTP/HTTPS) using php?
Please help me
Thanks in advance

if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
echo "something";
} else {
echo "something other";
}
notice the on should be a string .

You could use methods that are already defined in Zend Framework instead of explicitly using $_SERVER superglobals.
To determine if the connection is HTTP or HTTPS (this code should go into your controller):
if ( $this->getRequest()->isSecure() ) { echo 'https'; } else { echo 'http'; }
To get complete current url:
$this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->getRequest()->getRequestUri();

The better way to check is
if (isset($_SERVER['HTTPS']) && $_SEREVER['HTTPS'] != 'off')
{
//connection is secure do something
}
else
{
//http is used
}
As stated in manual
Set to a non-empty value if the script
was queried through the HTTPS
protocol.
Note: Note that when using ISAPI with IIS, the value will be off if the
request was not made through the HTTPS
protocol.

you need to fix check it should be
if ($_SERVER['HTTPS'] == 'on')
or try following function
if(detect_ssl()){ echo "something";}else{ echo "something other";}
function detect_ssl() {
return ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1 || $_SERVER['SERVER_PORT'] == 443)
}

This will both check if you're using https or http and output the current url.
$https = ((!empty($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'] != 'off')) ? true : false;
if($https) {
$url = "https://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
} else {
$url = "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
}

Categories