I need to validate an input from text area.
It is complex and i'm unable to figure out how i can do it best?
Can you guys help?
Input from the text area are basically host names or ips. The input can be of any of the following formats:
x.x.x.x (single IP)
x.x.x.x-x.x.x.x (range of IPs)
x.x.x.x/x.x.x.x (IP and mask)
x.x.x.x/xx (IP and CIDR)
URL (with or without http:// and https:// prefixes)
domain name in format: xxxxxxx.xxx
Also multiple values can be given, like:
192.168.1.1
192.168.1.2/192.168.1.4
I am able to get the lines of textbox using the following code:
$text = trim($targets);
$textAr = explode("\n", $text);
$textAr = array_filter($textAr, 'trim');
foreach ($textAr as $line) {
}
I am unable to proceed further. Please help.
Thanks,
Dave
If you don't mind being slightly loose on your validation, you can do something simple such as this:
function filter_fn($input)
{
$input = trim($input);
$regex_ip = '/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
$regex_range = '/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
$regex_cidr = '/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/[0-9]{1,2})$/';
$regex_sub = '/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/';
if (filter_var($input, FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => $regex_ip)))) {
return $input;
}
if (preg_match($regex_range, $input)) {
return $input;
}
if (preg_match($regex_cidr, $input)) {
return $input;
}
if (preg_match($regex_sub, $input)) {
return $input;
}
if (filter_var($input, FILTER_VALIDATE_URL)) {
return $input;
}
if (filter_var('http://'.$input, FILTER_VALIDATE_URL)) {
return $input;
}
return false;
}
$textAr = explode("\n", $text);
$textAr = array_filter($textAr, 'trim');
foreach ($textAr as $line) {
$success = filter_var($line, FILTER_CALLBACK, array('options' => 'filter_fn'));
if (!$success) {
// It failed.
} else {
// It worked.
}
}
Note that in my example, I used both preg_match and filter_var with FILTER_VALIDATE_REGEXP. Both are identical in this case, so that first filter_var could have just as easily been replaced with:
preg_match($regex_ip, $input)
Or, even:
filter_var($input, FILTER_VALIDATE_IP)
Related
This question already has answers here:
String contains any items in an array (case insensitive)
(15 answers)
Closed 2 years ago.
I am trying to detect whether a string contains at least one URL that is stored in an array.
Here is my array:
$owned_urls = array('website1.com', 'website2.com', 'website3.com');
The string is entered by the user and submitted via PHP. On the confirmation page I would like to check if the URL entered is in the array.
I have tried the following:
$string = 'my domain name is website3.com';
if (in_array($string, $owned_urls))
{
echo "Match found";
return true;
}
else
{
echo "Match not found";
return false;
}
No matter what is inputted the return is always "Match not found".
Is this the correct way of doing things?
Try this.
$string = 'my domain name is website3.com';
foreach ($owned_urls as $url) {
//if (strstr($string, $url)) { // mine version
if (strpos($string, $url) !== FALSE) { // Yoshi version
echo "Match found";
return true;
}
}
echo "Not found!";
return false;
Use stristr() or stripos() if you want to check case-insensitive.
This was a lot easier to do if all you want to do is find a string in an array.
$array = ["they has mystring in it", "some", "other", "elements"];
if (stripos(json_encode($array),'mystring') !== false) {
echo "found mystring";
}
Try this:
$owned_urls= array('website1.com', 'website2.com', 'website3.com');
$string = 'my domain name is website3.com';
$url_string = end(explode(' ', $string));
if (in_array($url_string,$owned_urls)){
echo "Match found";
return true;
} else {
echo "Match not found";
return false;
}
-
Thanks
Simple str_replace with count parameter would work here:
$count = 0;
str_replace($owned_urls, '', $string, $count);
// if replace is successful means the array value is present(Match Found).
if ($count > 0) {
echo "One of Array value is present in the string.";
}
More Info - https://www.techpurohit.in/extended-behaviour-explode-and-strreplace-php
I think that a faster way is to use preg_match.
$user_input = 'Something website2.com or other';
$owned_urls_array = array('website1.com', 'website2.com', 'website3.com');
if ( preg_match('('.implode('|',$owned_urls_array).')', $user_input)){
echo "Match found";
}else{
echo "Match not found";
}
$string = 'my domain name is website3.com';
$a = array('website1.com','website2.com','website3.com');
$result = count(array_filter($a, create_function('$e','return strstr("'.$string.'", $e);')))>0;
var_dump($result );
output
bool(true)
Here is a mini-function that search all values from an array in a given string.
I use this in my site to check for visitor IP is in my permitted list on certain pages.
function array_in_string($str, array $arr) {
foreach($arr as $arr_value) { //start looping the array
if (stripos($str,$arr_value) !== false) return true; //if $arr_value is found in $str return true
}
return false; //else return false
}
how to use
$owned_urls = array('website1.com', 'website2.com', 'website3.com');
//this example should return FOUND
$string = 'my domain name is website3.com';
if (array_in_string($string, $owned_urls)) {
echo "first: Match found<br>";
}
else {
echo "first: Match not found<br>";
}
//this example should return NOT FOUND
$string = 'my domain name is website4.com';
if (array_in_string($string, $owned_urls)) {
echo "second: Match found<br>";
}
else {
echo "second: Match not found<br>";
}
DEMO: http://phpfiddle.org/lite/code/qf7j-8m09
stripos function is not very strict. it's not case sensitive or it can match a part of a word
http://php.net/manual/ro/function.stripos.php
if you want that search to be case sensitive use strpos
http://php.net/manual/ro/function.strpos.php
for exact match use regex (preg_match), check this guy answer https://stackoverflow.com/a/25633879/4481831
You can concatenate the array values with implode and a separator of |
and then use preg_match to search for the value.
Here is the solution I came up with ...
$emails = array('#gmail', '#hotmail', '#outlook', '#live', '#msn', '#yahoo', '#ymail', '#aol');
$emails = implode('|', $emails);
if(!preg_match("/$emails/i", $email)){
// do something
}
If your $string is always consistent (ie. the domain name is always at the end of the string), you can use explode() with end(), and then use in_array() to check for a match (as pointed out by #Anand Solanki in their answer).
If not, you'd be better off using a regular expression to extract the domain from the string, and then use in_array() to check for a match.
$string = 'There is a url mysite3.com in this string';
preg_match('/(?:http:\/\/)?(?:www.)?([a-z0-9-_]+\.[a-z0-9.]{2,5})/i', $string, $matches);
if (empty($matches[1])) {
// no domain name was found in $string
} else {
if (in_array($matches[1], $owned_urls)) {
// exact match found
} else {
// exact match not found
}
}
The expression above could probably be improved (I'm not particularly knowledgeable in this area)
Here's a demo
You are checking whole string to the array values. So output is always false.
I use both array_filter and strpos in this case.
<?php
$urls= array('website1.com', 'website2.com', 'website3.com');
$string = 'my domain name is website3.com';
$check = array_filter($urls, function($url){
global $string;
if(strpos($string, $url))
return true;
});
echo $check?"found":"not found";
$owned_urls= array('website1.com', 'website2.com', 'website3.com');
$string = 'my domain name is website3.com';
for($i=0; $i < count($owned_urls); $i++)
{
if(strpos($string,$owned_urls[$i]) != false)
echo 'Found';
}
$message = "This is test message that contain filter world test3";
$filterWords = array('test1', 'test2', 'test3');
$messageAfterFilter = str_replace($filterWords, '',$message);
if( strlen($messageAfterFilter) != strlen($message) )
echo 'message is filtered';
else
echo 'not filtered';
I find this fast and simple without running loop.
$array = array("this", "that", "there", "here", "where");
$string = "Here comes my string";
$string2 = "I like to Move it! Move it";
$newStr = str_replace($array, "", $string);
if(strcmp($string, $newStr) == 0) {
echo 'No Word Exists - Nothing got replaced in $newStr';
} else {
echo 'Word Exists - Some Word from array got replaced!';
}
$newStr = str_replace($array, "", $string2);
if(strcmp($string2, $newStr) == 0) {
echo 'No Word Exists - Nothing got replaced in $newStr';
} else {
echo 'Word Exists - Some Word from array got replaced!';
}
Little explanation!
Create new variable with $newStr replacing value in array of original string.
Do string comparison - If value is 0, that means, strings are equal and nothing was replaced, hence no value in array exists in string.
if it is vice versa of 2, i.e, while doing string comparison, both original and new string was not matched, that means, something got replaced, hence value in array exists in string.
$search = "web"
$owned_urls = array('website1.com', 'website2.com', 'website3.com');
foreach ($owned_urls as $key => $value) {
if (stristr($value, $search) == '') {
//not fount
}else{
//found
}
this is the best approach search for any substring , case-insensitive and fast
just like like im mysql
ex:
select * from table where name = "%web%"
I came up with this function which works for me, hope this will help somebody
$word_list = 'word1, word2, word3, word4';
$str = 'This string contains word1 in it';
function checkStringAgainstList($str, $word_list)
{
$word_list = explode(', ', $word_list);
$str = explode(' ', $str);
foreach ($str as $word):
if (in_array(strtolower($word), $word_list)) {
return TRUE;
}
endforeach;
return false;
}
Also, note that answers with strpos() will return true if the matching word is a part of other word. For example if word list contains 'st' and if your string contains 'street', strpos() will return true
Here's the problem, I allow users to input an IP whitelist or list of IPs or IP ranges separated by semicolon.
So they can put
74.122.31.233; 76.233.12.222 - 80.788.888.111; 72.203.44.209
74.122.31.233; 76.233.12.222; 72.203.44.209
74.122.31.233 - 76.233.12.222; 72.203.44.209
74.122.31.233-76.233.12.222; 72.203.44.209
74.122.31.233-76.233.12.222;72.203.44.209
They can choose to use spaces or not to use spaces between ranges and before/after semicolons.
So they can either put IP addresses separated by semicolon or IP address ranges separated by semicolons or IP addresses and IP ranges separated by semi colons.
I am new to regular expresses. Does anyone know the right way to validate if they input the IP whitelist correctly to adhere to the rules above?
Thanks.
I'm not convinced regular expressions are necessary or even helpful in this case, especially as PHP has filter_var():
function isValid($ranges) {
// remove all spaces
$ranges = str_replace(' ', '', $ranges);
// iterate over individual ranges and IP addresses
foreach(explode(';', $ranges) as $range) {
// single address
if(strpos($range, '-') === false) {
if(!filter_var($range, FILTER_VALIDATE_IP)) {
return false;
}
}
// range
else {
$addresses = explode('-', $range, 3);
if(count($addresses) != 2) {
return false;
}
if(!filter_var($addresses[0], FILTER_VALIDATE_IP) || !filter_var($addresses[1], FILTER_VALIDATE_IP)) {
return false;
}
}
}
return true;
}
$tests = array(
'74.122.31.233; 76.233.12.222 - 80.788.888.111; 72.203.44.209',
'74.122.31.233; 76.233.12.222; 72.203.44.209',
'74.122.31.233 - 76.233.12.222; 72.203.44.209',
'74.122.31.233-76.233.12.222; 72.203.44.209',
'74.122.31.233-76.233.12.222;72.203.44.209');
foreach($tests as $test) {
echo $test;
echo isValid($test) ? ' is valid' : ' is invalid';
echo "\n";
}
Output:
74.122.31.233; 76.233.12.222 - 80.788.888.111; 72.203.44.209 is invalid // 80.788.888.111 is an invalid IP address
74.122.31.233; 76.233.12.222; 72.203.44.209 is valid
74.122.31.233 - 76.233.12.222; 72.203.44.209 is valid
74.122.31.233-76.233.12.222; 72.203.44.209 is valid
74.122.31.233-76.233.12.222;72.203.44.209 is valid
Don't try to cram everything into a single regular expression. I know you're thinking that, classic rookie mistake.
Remove the whitespace from the input: $input = preg_replace('/\s/', '', $input);
Split on semicolons: $in_arr = explode(';', $input);
Loop through the array and if( preg_match('/-/', $in_arr[index]) ) then explode('-', $in_arr[index]); and then process it like a range
To validate IP addresses don't use a regular expression. Use ip2long().
Every valid IP address is really a 32-bit integer, the 'dotted quad' notation just breaks that integer into four 8-bit chunks from 0-255.
If you feed an invalid address like 80.788.888.111 into ip2long() it will return false, no complicated regex needed.
Using ip2long() makes it way easier to compare IP addresses as well, '123.123.123.3' > '123.123.123.10' [string comparison, bad], but ip2long('123.123.123.3') < ip2long('123.123.123.10') [integer comparison, good]
Explode them by ;, and then trim the array values to remove the spaces. That way, you can make sure both the spaced-version and non-spaced versions of the user input is treated equally.
$parts = explode(';', $text);
$parts = array_map('trim', $parts);
//or $parts = array_map('trim', explode(';', $text));
//check if IP is valid
For validating the IP, you don't need a regular expression. PHP already has a built-in function filter_var() which does exactly what you want.
$parts = array_map('trim', explode(';', $text));
foreach ($parts as $ip) {
if(strpos($ip, '-')) {
list($range1, $range2) = explode('-', $ip);
// validate IP range here
}
elseif (filter_var($ip, FILTER_VALIDATE_IP) ) {
echo "$ip is valid<br/>";
}
}
That should get you started.
Here is one simple function :
function validateInput($s) {
foreach (explode(';', $s) as $v) {
$v = array_map('trim', explode('-', $v));
if (count($v) > 2) return false;
$valid = true;
foreach ($v as $ip) $valid = $valid && filter_var($ip, FILTER_VALIDATE_IP);
if (!$valid) return false;
}
return true;
}
Use example :
$inputs = [
'74.122.31.233; 76.233.12.222 - 80.788.888.111; 72.203.44.209',
'74.122.31.233; 76.233.12.222; 72.203.44.209',
'74.122.31.233-76.233.12.222;72.203.44.209',
'274.122.31.233-76.233.12.222',
'74.122.31.233-76.233.12.222-77.233.12.222',
];
foreach ($inputs as $input) {
echo (validateInput($input) ? 'TRUE ' : 'FALSE') . " : $input\n";
}
Output :
FALSE : 74.122.31.233; 76.233.12.222 - 80.788.888.111; 72.203.44.209
TRUE : 74.122.31.233; 76.233.12.222; 72.203.44.209
TRUE : 74.122.31.233-76.233.12.222;72.203.44.209
FALSE : 274.122.31.233-76.233.12.222
FALSE : 74.122.31.233-76.233.12.222-77.233.12.222
This question already has answers here:
String contains any items in an array (case insensitive)
(15 answers)
Closed 2 years ago.
This is for a chat page. I have a $string = "This dude is a mothertrucker". I have an array of badwords: $bads = array('truck', 'shot', etc). How could I check to see if $string contains any of the words in $bad?
So far I have:
foreach ($bads as $bad) {
if (strpos($string,$bad) !== false) {
//say NO!
}
else {
// YES! }
}
Except when I do this, when a user types in a word in the $bads list, the output is NO! followed by YES! so for some reason the code is running it twice through.
function contains($str, array $arr)
{
foreach($arr as $a) {
if (stripos($str,$a) !== false) return true;
}
return false;
}
1) The simplest way:
if ( in_array( 'three', ['one', 'three', 'seven'] ))
...
2) Another way (while checking arrays towards another arrays):
$keywords=array('one','two','three');
$targets=array('eleven','six','two');
foreach ( $targets as $string )
{
foreach ( $keywords as $keyword )
{
if ( strpos( $string, $keyword ) !== FALSE )
{ echo "The word appeared !!" }
}
}
can you please try this instead of your code
$string = "This dude is a mothertrucker";
$bads = array('truck', 'shot');
foreach($bads as $bad) {
$place = strpos($string, $bad);
if (!empty($place)) {
echo 'Bad word';
exit;
} else {
echo "Good";
}
}
There is a very short php script that you can use to identify bad words in a string which uses str_ireplace as follows:
$string = "This dude is a mean mothertrucker";
$badwords = array('truck', 'shot', 'ass');
$banstring = ($string != str_ireplace($badwords,"XX",$string))? true: false;
if ($banstring) {
echo 'Bad words found';
} else {
echo 'No bad words in the string';
}
The single line:
$banstring = ($string != str_ireplace($badwords,"XX",$string))? true: false;
does all the work.
You can flip your bad word array and do the same checking much faster. Define each bad word as a key of the array. For example,
//define global variable that is available to too part of php script
//you don't want to redefine the array each time you call the function
//as a work around you may write a class if you don't want global variable
$GLOBALS['bad_words']= array('truck' => true, 'shot' => true);
function containsBadWord($str){
//get rid of extra white spaces at the end and beginning of the string
$str= trim($str);
//replace multiple white spaces next to each other with single space.
//So we don't have problem when we use explode on the string(we dont want empty elements in the array)
$str= preg_replace('/\s+/', ' ', $str);
$word_list= explode(" ", $str);
foreach($word_list as $word){
if( isset($GLOBALS['bad_words'][$word]) ){
return true;
}
}
return false;
}
$string = "This dude is a mothertrucker";
if ( !containsBadWord($string) ){
//doesn't contain bad word
}
else{
//contains bad word
}
In this code we are just checking if an index exist rather than comparing bad word with all the words in the bad word list.
isset is much faster than in_array and marginally faster than array_key_exists.
Make sure none of the values in bad word array are set to null.
isset will return false if the array index is set to null.
Put and exit or die once it find any bad words, like this
foreach ($bads as $bad) {
if (strpos($string,$bad) !== false) {
//say NO!
}
else {
echo YES;
die(); or exit;
}
}
You can do the filter this way also
$string = "This dude is a mothertrucker";
if (preg_match_all('#\b(truck|shot|etc)\b#', $string )) //add all bad words here.
{
echo "There is a bad word in the string";
}
else {
echo "There is no bad word in the string";
}
Wanted this?
$string = "This dude is a mothertrucker";
$bads = array('truck', 'shot', 'mothertrucker');
foreach ($bads as $bad) {
if (strstr($string,$bad) !== false) {
echo 'NO<br>';
}
else {
echo 'YES<br>';
}
}
If you want to do with array_intersect(), then use below code :
function checkString(array $arr, $str) {
$str = preg_replace( array('/[^ \w]+/', '/\s+/'), ' ', strtolower($str) ); // Remove Special Characters and extra spaces -or- convert to LowerCase
$matchedString = array_intersect( explode(' ', $str), $arr);
if ( count($matchedString) > 0 ) {
return true;
}
return false;
}
I would go that way if chat string is not that long.
$badwords = array('mothertrucker', 'ash', 'whole');
$chatstr = 'This dude is a mothertrucker';
$chatstrArr = explode(' ',$chatstr);
$badwordfound = false;
foreach ($chatstrArr as $k => $v) {
if (in_array($v,$badwords)) {$badwordfound = true; break;}
foreach($badwords as $kb => $vb) {
if (strstr($v, $kb)) $badwordfound = true;
break;
}
}
if ($badwordfound) { echo 'You\'re nasty!';}
else echo 'GoodGuy!';
$string = "This dude is a good man";
$bad = array('truck','shot','etc');
$flag='0';
foreach($bad as $word){
if(in_array($word,$string))
{
$flag=1;
}
}
if($flag==1)
echo "Exist";
else
echo "Not Exist";
If I had an array such as:
testarray = array('foo'=>34, 'bar'=>array(1, 2, 3));
How would I go about converting a string such as testarray[bar][0] to find the value its describing?
Well, you can do something like this (Not the prettiest, but far safer than eval)...:
$string = "testarray[bar][0]";
$variableBlock = '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*';
$regex = '/^('.$variableBlock.')((\[\w+\])*)$/';
if (preg_match($regex, $string, $match)) {
$variableName = $match[1]; // "testarray"
if (!isset($$variableName)) {
//Error, the variable does not exist
return null;
} else {
$array = $$variableName;
if (preg_match_all('/\[(\w+)\]/', $match[2], $matches)) {
foreach ($matches[1] as $match) {
if (!is_array($array)) {
$array = null;
break;
}
$array = isset($array[$match]) ? $array[$match] : null;
}
}
return $array;
}
} else {
//error, not in correct format
}
You could use PHP's eval function.
http://php.net/manual/en/function.eval.php
However, make absolutely sure the input is sanitized!
Cheers
I have got an array with several twitter tweets and want to delete all tweets in this array which contain one of the following words blacklist|blackwords|somemore
who could help me with this case?
Here's a suggestion:
<?php
$banned_words = 'blacklist|blackwords|somemore';
$tweets = array( 'A normal tweet', 'This tweet uses blackwords' );
$blacklist = explode( '|', $banned_words );
// Check each tweet
foreach ( $tweets as $key => $text )
{
// Search the tweet for each banned word
foreach ( $blacklist as $badword )
{
if ( stristr( $text, $badword ) )
{
// Remove the offending tweet from the array
unset( $tweets[$key] );
}
}
}
?>
You can use array_filter() function:
$badwords = ... // initialize badwords array here
function filter($text)
{
global $badwords;
foreach ($badwords as $word) {
return strpos($text, $word) === false;
}
}
$result = array_filter($tweetsArray, "filter");
use array_filter
Check this sample
$tweets = array();
function safe($tweet) {
$badwords = array('foo', 'bar');
foreach ($badwords as $word) {
if (strpos($tweet, $word) !== false) {
// Baaaad
return false;
}
}
// OK
return true;
}
$safe_tweets = array_filter($tweets, 'safe'));
You can do it in a lot of ways, so without more information, I can give this really starting code:
$a = Array(" fafsblacklist hello hello", "white goodbye", "howdy?!!");
$clean = Array();
$blacklist = '/(blacklist|blackwords|somemore)/';
foreach($a as $i) {
if(!preg_match($blacklist, $i)) {
$clean[] = $i;
}
}
var_dump($clean);
Using regular expressions:
preg_grep($array,"/blacklist|blackwords|somemore/",PREG_GREP_INVERT)
But i warn you that this may be inneficient and you must take care of punctuation characters in the blacklist.