|
PHP - If An Input Has Specific Characters, Strip Them.
Hiya peeps,
I am using preg_match to validate URLS; preg_match("/(((https?|ftp|gopher):\/\/|(mailto|file|news):)[^' <>\"]+|(www|web|w3).[-a-z0-9.]+)[^' .,;<>\":]/i", $this->_searchString) I works great, the only issue I have is I am using it in an if statment, and what I need to do is something like this. if(preg_match("/(((https?|ftp|gopher):\/\/|(mailto|file|news):)[^' <>\"]+|(www|web|w3).[-a-z0-9.]+)[^' .,;<>\":]/i", $this->_searchString)) { CHECK IF $this->_searchString has http:// at the start of it or if it has a / at the end and remove them if it does. I need $this->_searchString to end up with only www.SITE.co.uk before I can input it into the relevant function. } else { } Many thanks, James. Similar Tutorials$name = "D'Angelo" ok I'm running a mysql query as $query = " INSERT INTO TEST (ID, NAME) VALUES ('NULL','$NAME')"; If the name = "D'Angelo" the apostrophe would cause it to fail. Is there a way to do this without striping the characters? Hey... I'm trying to echo the title of the news in the right column but I just want to display maximum of 25 characters how can I do it? thanks Hi all, I have an array of data. I am looping through this data to generate a CSV file. However, if there are commas in any of the elements then this will throw out the structure of the CSV file. My question is, how do I loop through the array before I use it to strip out any commas and replace with a space? Thanks for your help. This is probably a simple one. I just couldn't find a tutorial to the specific thing I'm trying. I have a string that looks like: "(abbreviated name with.) second abbrev. name." I'm trying to find a way to break this apart so I can have: $var1 = "abbreviated name with." $var2 = "second abbrev. name." I've looked at substr and a couple others and I'm not sure quite how to do this, because the ')' could be in a differing location. I have a form with some dropdownlist that get populated dynamically(depends on what the user chooses) with jquery and an xml file. In the form I have a button that takes the info and populates another form with the values of the ddl. I have coded script which populates the second form with jquery and the name of each input get dynamically added like so: Code: [Select] <input type="text" value="'+model+'" name="Model_'+model+'" id="'+model+'" readonly size="'+model.length+'" /> <input type="text" value="'+model+'" name="Model'+model+'" id="'+model+'" readonly size="'+model.length+'" />> <input type="text" value="'+color+'" name="Color'+color+'" id="'+color+'" readonly size="'+color.length+'" /> <input type="text" value="'+part+'" name="Part'+part+'" id="'+part+'" readonly size="'+part.length+'" /> <input type="text" value="$'+price+'" name="Price'+price+'" id="'+price+'" readonly size="'+price.length+'" /> <input type="text" value="'+qty+'" name="Quantity'+qty+'" id="'+qty+'" readonly size="'+qty.length+'" /> <input type="text" value="'+total+'" name="Total'+total+'" id="'+total+'" readonly size="'+total.length+'" /> What I want to do is grab the name of the element and remove the underscore and everything else form rileft to right so I am left with just the word before the underscore. I tried using substr($key,0,-28) but that wont work since everything after the underscore will have a different length. I was wondering if there is a way i can keep everything before the underscore and remove the underscore and everything after that. Thanks in advance for any input I get. Hi Guys, This should be a simple one. I am looking for the best way to ensure that any illegal characters are removed from an input. I have a user registration form and login page. What I want to do is prevent against sql injection and therefore should be limiting the characters that can be entered. For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc... My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance?? Cheers New to PHP, I wrote a shortcode to use in WP that outputs a nav bar with some icons. One will link to a url, one to a pop up plugin (through a class), and one a phone number. The shortcode will then look like this [footer-btn url="link here "]Name of Icon Here[/footer-btn] Right now when I put the short codes into word press, I get duplicates of the URL ones.
function footer_btn_function($atts, $content){
extract( shortcode_atts(
array(
'class' => '',
'phone' => '',
'url' => ''
), $atts )
);
if($class){
'<a class="text-link" href='.$class.'><img class="popmake-73310 footer-btn mobile" src="'.get_template_directory_uri().'/images/faq-mobile-white.png">'.$content.'</a>';
}
if($phone){
$output .= '<a class="text-link" href="tel:'.$phone.'" target="_blank"><img class="footer-btn mobile" src="'.get_template_directory_uri().'/images/phone-mobile-white.png">'.$content.'</a>';
};
if($url){
$output .= '<a class="text-link" href="tel:'.$url.'" target="_blank"><img class="footer-btn mobile" src="'.get_template_directory_uri().'/images/vacation-rentals-mobile-white.png">'.$content.'</a>';
};
if($url){
$output .= '<a class="text-link" href="tel:'.$url.'" target="_blank"><img class="footer-btn mobile" src="'.get_template_directory_uri().'/images/chat-mobile-white.png">'.$content.'</a>';
};
return $output;
}
Hi all, I'm working on this site which I'll soon ask the guys in the testing forum to have a peek at. It's essentially an online community that was a uni project that has spiraled and grown exponetially. I've spent many many hours in front of books and tutorals etc to put it together and as far as scripting goes, it seems to be fine. The problem i'm having...The tut's that I read / watched were using eregi_replace to protect text fields and this is now unsuported. I want my site to be as secure as it can be, within reason. I've tried using preg_replace instead and have searched for the syntax but i keep getting strang results. I'm working on the "bio" field at the moment and then when that works I can move on and a-ply the same idea to the other fields. This si what I have and what I've changed. if ($_POST['parse_var'] == "bio"){ $bio_body = $_POST['bio_body']; //$bio_body = str_replace("'", "'", $bio_body); (WAS TESTING THIS BUT NO JOY) //$bio_body = str_replace("`", "'", $bio_body); $bio_body = mysql_real_escape_string($bio_body); $bio_body = nl2br(htmlspecialchars($bio_body)); $bio = $_POST['bio']; $bio = eregi_replace("'", "'", $bio); (This works but is not as secure) $bio = eregi_replace("`", "'", $bio); $bio = mysql_real_escape_string($bio); $bio = nl2br(htmlspecialchars($_POST['bio'])); $sqlUpdate = mysql_query("UPDATE members SET bio='$bio' WHERE id='$id'"); and so on....} When I change it to str_replace if I type in don't the whole word is deleted. when I type in preg I get an error. Can someone please give me the correct code / syntax for getting the result I want. I just want to make sure that every single field that has a user input is protected against any malicious attacks. Thanks. I think I understand that there can only be one "submit" button on a page.
I want buttons for separate forms to not trigger the empty errors on the other forms...
How do you accomplish specific button actions?
I think I've tried it with javascript but you can do it with PHP right?
Thanks for any help.
I've a simple Inset List (jQuery Mobile) of several items with a Flip switch, Drop down, check box and Slider elements. I have wrapped this Inset List inside a HTML Form. <code> <div data-role="fieldcontain"> <ul data-role="listview" data-inset="true"> <li data-role="list-divider"> Inhouse capabilities </li> <li> <label for="flip-b">Project Manager</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li> <label for="flip-b">Site Supervisor</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Architect</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Builderworks</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Electrical</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Mechanical</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Hydraulics</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li><label for="flip-b">Joinery</label> <select name="slider" id="flip-b" data-role="slider"> <option value="no">No</option> <option value="yes">Yes</option> </select> </li> <li> <label for="select-choice-1" class="select">Main Location:</label> <select name="select-choice-1" id="select-choice-1"> <option value="NSW">NSW</option> <option value="ACT">ACT</option> <option value="VIC">VIC</option> <option value="SA">SA</option> <option value="QLD">QLD</option> <option value="NT">NT</option> <option value="WA">WA</option> <option value="TAS">TAS</option> </select> </li> <!-- Select Menus: Main Location--> <li> <div data-role="fieldcontain"> <fieldset data-role="controlgroup"> <legend>CBA Reference</legend> <input type="checkbox" name="checkbox-1a" id="checkbox-1a" class="custom" /> <label for="checkbox-1a">Commercial</label> <input type="checkbox" name="checkbox-2a" id="checkbox-2a" class="custom" /> <label for="checkbox-2a">Retail</label> </fieldset> </div> </li> </ul> </div> <!-- End of Field Contain div tag --> <a href="#additionalinfo" data-role="button" data-inline="true" data-iconpos="left" data-theme="b">Additional Info</a> <a href="./search2.html" rel="external" data-ajax="false" data-role="button" data-inline="true" data-icon="search" data-iconpos="left" data-theme="e">Search</a> </code> I want to know, how I can include only the elements the user selected in my SQL query. Lets say, User wants to find the Electrical workers in QLD, then he will select Yes for Electrical and QLD as Main Location and the other items he would not touch. Now, how can I include only those two values in the select clause. Say, Select Electrical, Main Location from table where Main location='QLD'. I used POST method to gather users input. I use PHP, MySQL for this project. Any ideas on how to achieve this. Regards Sandeep I use the Wholesale Suite Premium Prices plugin with WooCommerce. I have 6 specific wholesale roles out of 15 that I wish to hide two specific shipping methods from being selected for the 6 exceptions. I'm just trying this on my staging server at this time using a code snippet example that I found and modified for my specific conditions. Would the following work for this purpose?
/* Hide specific shipping methods for specific wholesale roles */
add_filter( 'woocommerce_package_rates', function( $shipping_rates ) {
// User role and shipping method ID to hide for the user role
$role_shipping_method_arr = array(
'ws_silvia_silver' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver_pst_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver_tax_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_silver' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_silver_pst_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_silver_tax_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold_pst_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold_tax_exempt' => array( 'Silvia Premium Standard Shipping (Tracking Service)'),
'ws_silvia_gold' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold_pst_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
'ws_silvia_gold_tax_exempt' => array( 'Silvia Union Standard Shipping (Tracking Service)'),
);
// Getting the current user role
$curr_user = wp_get_current_user();
$curr_user_data = get_userdata($current_user->ID);
// Wholesale Suite Roles
if (isset($current_user) && class_exists('WWP_Wholesale_Roles')) {
$wwp_wholesale_roles = WWP_Wholesale_Roles::getInstance();
$wwp_wholesale_role = $wwp_wholesale_roles->getUserWholesaleRole();
// Loop through the user role and shipping method pair
foreach( $role_shipping_method_arr as $role => $shipping_methods_to_hide ) {
// Check if defined role exist in current user role or not
if( in_array( $role, $current_user->roles) ) {
// Loop through all the shipping rates
foreach( $shipping_rates as $shipping_method_key => $shipping_method ) {
$shipping_id = $shipping_method->get_id();
// Unset the shipping method if found
if( in_array( $shipping_id, $shipping_methods_to_hide) ) {
unset($shipping_rates[$shipping_method_key]);
}
}
}
}
}
return $shipping_rates;
});
Any insights as to how to accomplish this would be greatly appreciated. Lyse I have a paragrpah which has tags that needs to be stripped off. so the paragraph looks like Quote <div id="ctl00_placeholderMain_pnlInTheBox" class="tabitem"> <p> HP LaserJet 9050 printer<br/> Power cord<br/> Parallel cable<br/> HP LaserJet Q8543X Smart print cartridge<br/> Printer documentation<br/> Printer software CD<br/> Control panel overlay<br/> Face-up output bin<br/> Two 500-sheet input tray<br/> 100 Sheet Multipurpose Tray<br/> HP JetDirect Fast</p> </div> I want it to look like Quote HP LaserJet 9050 printer Power cord Parallel cable HP LaserJet Q8543X Smart print cartridge Printer documentation Printer software CD Control panel overlay Face-up output bin Two 500-sheet input tray 100 Sheet Multipurpose Tray HP JetDirect Fast How would I go on about doing this.. currently i use Code: [Select] $inbox = $html->find( "#ctl00_placeholderMain_pnlInTheBox" ); if ( isset( $inbox[ 0 ] ) ) { $box =( $inbox[0] ); $box = strpos($box, ';') !== FALSE ? substr( $box, strpos( $box, ";" ) + 1 ) : $box; } else { $box = "0"; } Hi: Is this the proper way to remove slashes from apostrophes: Code: [Select] if ($_SERVER['REQUEST_METHOD'] == 'POST') { $myTitle = mysql_real_escape_string(stripslashes($_POST['myTitle'])); $myDesc = mysql_real_escape_string(stripslashes($_POST['myDesc'])); $myHeader = mysql_real_escape_string(stripslashes($_POST['myHeader'])); $mySubHeader = mysql_real_escape_string(stripslashes($_POST['mySubHeader'])); $myPageData = mysql_real_escape_string(stripslashes($_POST['myPageData'])); It seems to work fine, I'd just like to clarify I'm not missing anything. Thanks! Hi All I Am confused I would like to put info into a database but need it to be secure. I have some code shown below. The problem is I would like to put in ' but keep the data secure. When it comes back I do not want to show \' I think you might know what I am trying to do. Here is the code but would like to know how to stop the \' showing. Code: [Select] $password = mysql_real_escape_string(stripslashes(trim($_POST['password']))); Any help would be great thank you. Hi everyone! I'm trying to get the variables out of a string like this: Code: [Select] $string='this is a sentence with a load of [great, clever, textual] variables '; What I want to do is output a list of strings that have used the variables to create unique strings like this: Code: [Select] this is a sentence with a load of great variables this is a sentence with a load of clever variables this is a sentence with a load of textual variables I tried exploding the string into arrays, but what I really need to do is explode on '[' then output the words to an array (until I get to the closing ']') and then move on... The eventual string will have potentially loads of variables, but let's do one thing at a time. What's the best way of starting a project like this? Neil I am building a component where users enter a Youtube URL and press save. I need to run some code on the form field where the URL was entered to strip all but the unique identifier. i.e. something like this: $url = 'http://www.youtube.com/watch?v=_VaAlaIJ384&feature=rec-LGOUT-real_rev-rn-4r-10-HM'; strip all befor (including) 'v=' strip all after (including) '&' Can anyone suggest how I would do this? Looking for the best method to conditionally strip leading zeros for the following situation: $a = array(01, 02, 03, ... 10, 11); $a < 10 ? $a = ? : ''; For the following result: 1, 2, 3, ... 10, 11 Is there a better method than explode? Firstly I'm sure the answer is simple however due to my inexperience I am unable to figure it out!
I am executing a simple query to retrieve all ISBN numbers within my db and display these in a table.
In my db some of the ISBN numbers contain hyphens and some don't. I would like to display then in my table without hyphens.
I'm grateful of any assistance and advice.
I know I can remove all the hyphens from the db by executing a separate query however I'd like to strip them if possibly.
My Code;
$query = "SELECT * FROM book WHERE status != 'Archive' ORDER BY id";
while($row = mysqli_fetch_array($query)){
?>
<tr>
<td><a href="itemView.php<?php echo '?isbn='.$row['isbn']; ?>" </a></td>
<td>...</td>
<td>...</td>
<td>...</td>
<td>...</td>
</tr>
<?php } ?>
J |
|||||||