I use the following regex to validate a username (input type text in a registration form) in order to make sure that the username contains ONLY alphanumeric characters, dot, dash or underscore.
if (!preg_match('/^[a-zA-Z0-9\.\_-]+$/',$my_name)) { echo 'no_valid'; }
When I type in the text field for instance % or # or # I get back correctly the error message that it's not a valid username, also the valid characters (.-_) are accepted, so it seems to work fine until the time I type & or +, then I can type any invalid character that I have already exclude before by using the preg_match.
Could anyone tell me why is this happening and how can I overcome this issue?
Problem is somewhere else. Your expression is correct. I tested with PHP. Since it happens with '&' character my guess would be that your data is not converted to URL safe characters before send. Try using encodeURI() function in JS.
if (!preg_match('/^[a-zA-Z0-9\.\_-]+$/',urldecode($my_name))) { echo 'no_valid'; }
Related
I am having the following emoji in a PHP string variable
$emoji = "\u{1F9D1}\u{1F4AC}";
echo $emoji;
This code above will print the following emoji.
🧑💬
I wanted to embed these emojis inside an Email body. For this, I want to convert them to 🧑💬 so that I can place them in the Email body and they will show up correctly.
How do I do this in PHP?
$foo = preg_replace('#\\\u\{(.*?)\}#', '&#x$1;', $emoji);
\u needs to be escaped because it has special meaning in a regular expression, and since the backslash also has special meaning in PHP text literals, we need three of them here.
{ and } also have special meaning, so they need to get escaped with a single backslash.
(.*?) matches everything (expect newlines), ? makes it ungreedy.
I added an ; at the end in the replacement - browsers are fault tolerant when it’s missing, but it is technically required by HTML syntax.
And the “other direction”, as requested:
$emojihtml = '🧑💬';
$bar = preg_replace('~&#x(.*?);~', '\u{$1}', $emojihtml);
(I used ~ for the regex delimiters here, because # is part of what we want to match, saves on escaping.)
I am trying to send a GET message that contains strings with ampersands and can't figure how to escape the ampersand in the URL.
Example:
http://www.example.com?candy_name=M&M
result => candy_name = M
I also tried:
http://www.example.com?candy_name=M\&M
result => candy_name = M\\
I am using URLs manually, so I just need the correct characters.
I can't use any libraries. How can it be done?
They need to be percent-encoded:
> encodeURIComponent('&')
"%26"
So in your case, the URL would look like:
http://www.mysite.com?candy_name=M%26M
This does not only apply to the ampersand in URLs, but to all reserved characters. Some of which include:
# $ & + , / : ; = ? # [ ]
The idea is the same as encoding an &in an HTML document, but the context has changed to be within the URI, in addition to being within the HTML document. So, the percent-encoding prevents issues with parsing inside of both contexts.
The place where this comes in handy a lot is when you need to put a URL inside of another URL. For example, if you want to post a status on Twitter:
http://www.twitter.com/intent/tweet?status=What%27s%20up%2C%20StackOverflow%3F(http%3A%2F%2Fwww.stackoverflow.com)
There's lots of reserved characters in my Tweet, namely ?'():/, so I encoded the whole value of the status URL parameter. This also is helpful when using mailto: links that have a message body or subject, because you need to encode the body and subject parameters to keep line breaks, ampersands, etc. intact.
When a character from the reserved set (a "reserved character") has
special meaning (a "reserved purpose") in a certain context, and a URI
scheme says that it is necessary to use that character for some other
purpose, then the character must be percent-encoded. Percent-encoding
a reserved character involves converting the character to its
corresponding byte value in ASCII and then representing that value as
a pair of hexadecimal digits. The digits, preceded by a percent sign
("%") which is used as an escape character, are then used in the URI
in place of the reserved character. (For a non-ASCII character, it is
typically converted to its byte sequence in UTF-8, and then each byte
value is represented as above.) The reserved character "/", for
example, if used in the "path" component of a URI, has the special
meaning of being a delimiter between path segments. If, according to a
given URI scheme, "/" needs to be in a path segment, then the three
characters "%2F" or "%2f" must be used in the segment instead of a raw
"/".
http://en.wikipedia.org/wiki/Percent-encoding#Percent-encoding_reserved_characters
Try using http://www.example.org?candy_name=M%26M.
See also this reference and some more information on Wikipedia.
I would like to add a minor comment to Blender's solution.
You can do the following:
var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M');
That outputs:
http://example.com?candy_name=M%26M
The great thing about this it does not only work for &, but for any especial character.
For instance:
var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M?><')
Outputs:
"http://example.com?candy_name=M%26M%3F%3E%3C"
You can use the % character to 'escape' characters that aren't allowed in URLs. See RFC 1738.
A table of ASCII values is given on the Wikipedia page.
You can see & is 26 in hexadecimal - so you need M%26M.
This may help if someone want it in PHP
$variable ="candy_name=M&M";
$variable = str_replace("&", "%26", $variable);
If you can't use any libraries to encode the value,
http://www.urlencoder.org/ or http://www.urlencode-urldecode.com/ or ...
Just enter your value "M&M", not the full URL ;-)
You can rather pass your arguments using this encodeURIComponent function so you don't have to worry about passing any special characters.
data: "param1=getAccNos¶m2="+encodeURIComponent('Dolce & Gabbana') OR
var someValue = 'Dolce & Gabbana';
data : "param1=getAccNos¶m2="+encodeURIComponent(someValue)
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent
I have several strings that look like this:
Lasklé
Jones & Jon
I am trying to send them via the foursquare API to be matched, however it is failing with these characters. Is there a way to sanitise these so they only include English letters i.e. the results would be:
Lasklé
Jones Jon
As it appears using file_get_contents requests both with the 'é' and the '&' in the URL is causing issues.
I checked how the request was sent and realised that the '&' is uneeded and is causing the issues, is it possible to remove all non Letters/Numbers from the name?
What do the strings look like before you pass them? If your string looks like 'Lasklé' then I think you are using the wrong character set when reading the string, try using UTF-8.
If the string looks correct before you pass it on you should try urlencode the string first.
you can use preg_replace() function to replace the part of string using regex
to keep only letters you can use as follow it will also remove space( add \s from expression to keep space)
preg_replace('/[^a-zA-Z]/','',$string);
to keep space in the string or any character to keep you can add it in []
preg_replace('/[^a-zA-Z\s]/','',$string);
Use this to escape (space and '-'). Good for making a custom URL
$string=preg_replace("/[^A-Za-z0-9\s\/\-]/", '', $string);
I'm having a hard time putting the correct expression together, so that it rejects everything except letters, periods, apostrophes, spaces and hyphens.
So far this works for everything except the apostrophe, which I've tried to escape with both single and double "\" to no avail.
if(!preg_match("/^[a-zA-Z'. -]+$/",$_POST['name']))
{
$error_name="The name you entered is invalid.";
}
//obrien - pass
//o'brien - fail
//Dr. OBrien - pass
//Dr. O'Brien - fail
This works perfectly except that no apostrophe clears it.
The problem ended up being that in the php.ini that I can't access on my godaddy account, addslashes must be enabled. The following made it work. Thank you to Sergey for leading me to think about what the server might be doing to the posted data.
if(!preg_match("/^[a-zA-Z'. -]+$/", stripslashes($_POST['name']))
{
whatever error message
}
Here's an amazing one I was able to come up with, I think it should be able to work with most names that have both hypens, apostrophes, spaces and so on.
if(!preg_match('/^([a-zA-Z]+[\'-]?[a-zA-Z]+[ ]?)+$/', $string))
I think it happens because you are trying to check url-encoded string. Replace $_POST['name'] with urldecode($_POST['name']). The apostrophe at this stage looks like %27, so O'Brien in $_POST['name'] is O%27Brien and it will not pass your regular expression.
Edit: Also, maybe it is another type of apostrophe you have entered in the form: ’.
As a result:
if(!preg_match("/^[a-zA-Z’'. -]+$/",urldecode($_POST['name'])) {
$error_name="The name you entered is invalid.";
}
I am trying to build site with custom script. I have problem with allowing space in Name input field. If i include space, it will give error but if input slash or underscore, it accepts.
my name - i am getting not allowed error
my_name - i am getting success message.
code
if(!preg_match('/^[0-9a-zA-Z\xe0-\xef\x80-\xbf._-]+$/i',$nickname)) {
You need to add \s for space to your regex.
I have try this :
[0-9a-zA-Z\xe0-\xef\x80-\xbf._-]+\s*
For debugging regex may be you can use this tools.