I have the below function with str_replace:
function url_seo($text)
{
$match = array(']','\\',';',"'",',','.','/','~','`','=');
$replace = array('-','','','','','','','','','');
$text = str_replace($match, $replace, $text);
return $text;
}
Should I place a \ before all the characters in the $match variable like this:
$match = array('\]','\\','\;',"\'",'\,','\.','\/','\~','\`','\=');
or there is no need to?
According to the str_replace PHP reference,
search
The value being searched for, otherwise known as the needle. An array may be used to designate multiple needles.
So, this is no regular expression, and you do not have to escape any characters except the escape sequences that must always be escaped.
\" Print the next character as a double quote, not a string closer
\' Print the next character as a single quote, not a string closer
\n Print a new line character
\t Print a tab character
\r Print a carriage return (not used very often)
\$ Print the next character as a dollar, not as part of a variable
\\ Print the next character as a backslash, not an escape character
So, only \ in your array of strings should be escaped.
Depending on the string qualifier symbol, you may also have to escape ' and ", but you can just alternate them as you already did: '"' and "'" is a good way to avoid over-escaping.
Related
I am trying to learn Regex in PHP and stuck in here now. My ques may appear silly but pls do explain.
I went through a link:
Extra backslash needed in PHP regexp pattern
But I just could not understand something:
In the answer he mentions two statements:
2 backslashes are used for unescaping in a string ("\\\\" -> \\)
1 backslash is used for unescaping in the regex engine (\\ -> \)
My ques:
what does the word "unescaping" actually means? what is the purpose of unescaping?
Why do we need 4 backslashes to include it in the regex?
The backslash has a special meaning in both regexen and PHP. In both cases it is used as an escape character. For example, if you want to write a literal quote character inside a PHP string literal, this won't work:
$str = ''';
PHP would get "confused" which ' ends the string and which is part of the string. That's where \ comes in:
$str = '\'';
It escapes the special meaning of ', so instead of terminating the string literal, it is now just a normal character in the string. There are more escape sequences like \n as well.
This now means that \ is a special character with a special meaning. To escape this conundrum when you want to write a literal \, you'll have to escape literal backslashes as \\:
$str = '\\'; // string literal representing one backslash
This works the same in both PHP and regexen. If you want to write a literal backslash in a regex, you have to write /\\/. Now, since you're writing your regexen as PHP strings, you need to double escape them:
$regex = '/\\\\/';
One pair of \\ is first reduced to one \ by the PHP string escaping mechanism, so the actual regex is /\\/, which is a regex which means "one backslash".
I think you can use "preg_quote()":
http://php.net/preg_quote
This function escapes special chars, so you can give an input as it is, without escaping by yourself:
<?php
$string = "online 24/7. Only for \o/";
$escaped_string = preg_quote($string, "/"); // 2nd param is optional and used if you want to escape also the delimiter of your regex
echo $escaped_string; // $escaped_string: "online 24\/7. Only for \\o\/"
?>
How are you? I have the next task. I have a lot of strings that can contain duplicate slashes. I need to replace duplicate slashes to one slash (any count of slashes), but when the next symbols found after slashes (quote, double quote, NUL (NULL byte)) - all slashes should be removed. Thanks. My language - PHP. Some tests:
$s1 = 'test\\\\string';
// test\string
$s2 = 'test\\\\\"\\\\\'\\\\string';
// test"'\string
$s3 = 'test\\string\\\\\"';
// test\string"
Use
preg_replace("~\\\\+([\"\'\\x00\\\\])~", "$1", $string);
to replace arbitrary amounts of \ with just one \.
The pattern consist of arbitrary initial backslahes \\\\+ and a following symbol that is one of ", ', \x00, or \. The replacement will effectively remove any precending backslahes.
You need 4 backslashes in your regular expression. Two backslashes (\\) will lead to one backslash (\) inside the regular expression string because the PHP interpreter uses backslashes to escape special characters like " or \. For the same reason you will need two backslahes inside your regular expression.
Or explained the other way around: To gain \+ as regular expression, you have to add a backslash to tell PCRE that the one backslash is not for escaping the +. To get \\+ as a string you will also need to add one backslash before each backslash to tell the PHP interpreter that you don't want to escape the second backslash with the first.
source code: \\\\+
inside regular expression string: \\+
pattern matches: \+
Replace 2 or more consecutive slashes to a single slash
preg_replace('/\\\\+/','\\',$str);
Alternative way.
$s = 't\est\\\\\\\\\\\\stri\\\\\"\\\\\'\\\\0\\\\ng';
$s = preg_replace('~\\\\+~', '\\', $s);
$s = str_replace(array('\\"', '\\\'', '\\0'), array('"', '\'', "\0"), $s);
Try these:
preg_replace("/\\+(['\"\0\\])/", "$1", $string);
What's wrong with stripslashes? It accounts for slashes that escape a "special" character and removes "extra" slashes.
How do i make this match the following text correctly?
$string = "(\'streamer\',\'http://dv_fs06.ovfile.com:182/d/pftume4ksnroarhlslexwl7bcnoqyljeudgmd7dimssniu2b2r2ikr2h/video.flv\')";
preg_match("/streamer\\'\,\\\'(.*?)\\\'\)/", $string , $result);
var_dump($result);
Your $string looks weird. Better to make a three pass parse:
$string = str_replace(array("\'"), '', $string);
Now we have string:
"(streamer,http://dv_fs06.ovfile.com:182/d/pftume4ksnroarhlslexwl7bcnoqyljeudgmd7dimssniu2b2r2ikr2h/video.flv)"
Now let's trim brackets:
$string = trim($string, '()');
And finaly, explode:
list($streamer, $url) = explode(',', $string, 2);
No need of regex.
Btw, your string looks like it was crappyly slashed in mysql query.
It's been a while since I last did regexp matching in PHP, but I think you have to remember that:
' doesn't need to be escaped in PHP strings enclosed by "
\ always needs to be escaped in PHP strings
\ needs to be escaped yet another time in regexps (for it's a special character and you want to treat it as a normal one)
=> \ as part of the string to be matched must be escaped 4 times.
My suggestion:
preg_match("/\\(streamer\\\\',\\\\'(.*?)\\\\'\\)/", $string , $result);
You're on the right track. Two barriers to overcome (As codethief says):
1 - Double quoted string interpolation
2 - Regex escape interpolation
For (2), neither comma's nor quotes need to be escaped because they are not metachars
special to regex's. Only the backslash as a literal needs to be escaped, otherwise
in regex context, it represents the start of a metachar sequence (like \s).
For (1), php will try to interpolate escaped chars as a control code (like \n), for
that reason the literal backslash needs to be escaped. Since this is double quoted,
\' the escaped single qoute has no escape meaning.
Therefore, "\\\'" resolves to \\ = \ + \'=\' ~ \\' which is what the regex sees.
Then the regex interpolates the sequence /\\'/ as a literal \+'.
Making a slight change of your regex solves the problem:
preg_match("/streamer\\\',\\\'(.*?)\\\'\)/", $string , $result);
A working example is here http://beta.ideone.com/47EIY
How can characters " \n \t \r " be replaced with '-' ?
echo preg_replace('/\s/','-','\n\t\n\r\n');//output '\n\t\n\r\n' instead should be'-----'
Edit: I have dynamic content in real app like:
preg_replace('/\s/','-',$_Request['content']);
can I fix it by adding "" around variable?
preg_replace('/\s/','-',"$_Request['content']");
Edit2:
How can be string converted from format 'str' to format "str"?
Thanks
Well, two things. First, the problem is single quotes in your replacement string. Meta-Characters (\n\t\r, etc) are not processed inside of single quotes.
However, don't use a regex for this. There's no need for the complexity of the regex. Use
Either use str_replace:
echo str_replace(array("\r", "\n", "\t", "\v"), '-', "\r\n\t\r\v\n\t");
Or strtr:
echo strtr("\r\n\t\r\v\n\t", "\r\n\t\v", '----');
Edit: Ahh, now I see what you're getting at. You have a string with a literal \r\n\t\r\v\n\t in it, and want to replace them out. Well, you can do that via regex:
$regex = '/(\s|\\\\[rntv]{1})/';
$string = preg_replace($regex, '-', $_GET['content']);
Basically, it matches any space character, and any literal \ followed by either r, n, t or v...
If you are looking to replace the actual whitespace characters, you need to enclose the input string in double quotes (") so PHP converts the escape sequences for you:
echo preg_replace('/\s/', '-', "\n\t\n\r\n");
Else if the escape sequences occur literally (i.e. you see \n\t\n\r\n instead of line feed, tab, line feed, carriage return, line feed), you need to replace by the following character class (and keep single quotes (') on the input string):
echo preg_replace('/\\\\[rnt]/', '-', '\n\t\n\r\n');
You ought to be passing content through $_POST instead of $_GET, I don't know how PHP handles tabs, newlines and returns in GET variables.
You are using 's instead of "s. You should change your code to:
echo preg_replace('/\s/','-',"\n\t\n\r\n");
See here: single-quoted and double-quoted.
http://www.php.net/manual/en/language.types.string.php
There's also a string method for that:
echo strtr($str, "\r\n\t\v ", "-----");
If you want to remove linebreaks but retain spaces, then remove the trailing and the fifth -.
Since you seemingly want literal \r and \n converted, you need to use a map (or even a regex) like:
echo strtr($str, array('\\r'=>"\r", '\\n'=>"\n", '\t'=>"\t", ' '=>"␣"));
// single quoted strings escaped twice for illustration
Try:
echo preg_replace('/\s/','-',"\n\t\n\r\n");
Note the double quotes on the string.
If you enclose a string with single quotes, special characters lose their special meaning:
echo preg_replace('/\s/','-',"\n\t\n\r\n");
//remove line breaks
function safeEmail($string) {
return preg_replace( '((?:\n|\r|\t|%0A|%0D|%08|%09)+)i' , '', $string );
}
/*** example usage 1***/
$from = 'HTML Email\r\t\n';
/*** example usage 2***/
$from = "HTML Email\r\t\n";
if(strlen($from) < 100)
{
$from = safeEmail($from);
echo $from;
}
1 returns HTML Email\r\t\n while
2 returns HTML Email
what's with the quotes?
As per the PHP Documentation
Unlike the double-quoted and heredoc syntaxes, variables and escape sequences for special characters will not be expanded when they occur in single quoted strings.
In other words, double quoted strings expand variables and escape sequences for special characters. Single quoted strings don't.
So in example1, with the single quoted string, the string is exactly as you see it. Slashes and all.
But in example2, rather than ending with the string \r\t\n, it ends with a carriage return, a tab and then a new line. In other words the escape sequences for special characters are expanded.
with single quotes in PHP those special characters as \n \r \t... doesn't work as expected.
According to the docs:
To specify a literal single quote, escape it with a backslash (\). To specify a literal
backslash, double it (\\). All other instances of backslash will be treated as a literal
backslash: this means that the other escape sequences you might be used to, such as \r or
\n, will be output literally as specified rather than having any special meaning.