Need help with REGEX

  • Bogey
  • Bogey
  • Genius
  • Bogey
  • Posts: 8363
  • Loc: USA

Post 3+ Months Ago

I use REGEX to determine what page the user is on, and depending on what PAGE I want to redirect to a different page... below is what I have (I can only use REGEX).
PHP Code: [ Select ]
<?php
if(preg_match("#(ucp.php|posting.php|adm/index.php)#", basename($_SERVER['PHP_SELF'])))
{
    $redi_url = $url;
}
else
{
    $redi_url = $_SERVER['HTTP_REFERER'];
}
 
header("LOCATION: $redi_url");
?>
  1. <?php
  2. if(preg_match("#(ucp.php|posting.php|adm/index.php)#", basename($_SERVER['PHP_SELF'])))
  3. {
  4.     $redi_url = $url;
  5. }
  6. else
  7. {
  8.     $redi_url = $_SERVER['HTTP_REFERER'];
  9. }
  10.  
  11. header("LOCATION: $redi_url");
  12. ?>

That is in the function meta_refresh() in includes/functoins.php in phpBB installation (Well... it's close enough to be a framework :lol: ).

What I am trying to do is redirect the user from where the user logged in/out unless he is in posting.php (SO he wouldn't feel forced to make topic after topic or post after post :lol:), or if the user is in ucp.php or if the user is in adm/index.php.

The reason I can only use REGEX is because I'm currently trying (and failing) to create an ACP module so I could add which pages would be put in the regex (If it's in the regex, then I don't redirect the user to the page the user logged in/out from).

This thing is also meant to remove all notifications after loggin in/out and after posting (This is why posting.php is there), so... any help? Because the notifications are removed like they should, but no matter what, I always get redirected to where the $url leads, I tested it and the preg_match always returns true :(
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Rabid Dog
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3245
  • Loc: South Africa

Post 3+ Months Ago

might I suggest escaping the dot (.)?

Code: [ Select ]
<?php
if(preg_match("#(ucp\.php|posting\.php|adm/index\.php)#", basename($_SERVER['PHP_SELF'])))
{
    $redi_url = $url;
}
else
{
    $redi_url = $_SERVER['HTTP_REFERER'];
}

header("LOCATION: $redi_url");
?>
  1. <?php
  2. if(preg_match("#(ucp\.php|posting\.php|adm/index\.php)#", basename($_SERVER['PHP_SELF'])))
  3. {
  4.     $redi_url = $url;
  5. }
  6. else
  7. {
  8.     $redi_url = $_SERVER['HTTP_REFERER'];
  9. }
  10. header("LOCATION: $redi_url");
  11. ?>


As far as I know the . is a special character.
  • joebert
  • Sledgehammer
  • Genius
  • User avatar
  • Posts: 13496
  • Loc: Florida

Post 3+ Months Ago

Unless I'm missing something, your pattern should return true every time. Other than the MCP I don't think there are any pages other than what's listed in your pattern that will lead to a notification.
  • Bogey
  • Bogey
  • Genius
  • Bogey
  • Posts: 8363
  • Loc: USA

Post 3+ Months Ago

My site has a log in form on the left... so a user could simply log in from viewforum.php.
  • UPSGuy
  • Lurker ಠ_ಠ
  • Web Master
  • User avatar
  • Posts: 2733
  • Loc: Nashville, TN

Post 3+ Months Ago

Just to confirm, you should escape the period - it's a meta char. Otherwise, it looks good.
  • Rabid Dog
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3245
  • Loc: South Africa

Post 3+ Months Ago

UPSGuy wrote:
Just to confirm, you should escape the period - it's a meta char. Otherwise, it looks good.


Thats what I said :P :)
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6229
  • Loc: Seattle, WA

Post 3+ Months Ago

You need to escape the dot character.


I kid, I kid!
  • Rabid Dog
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3245
  • Loc: South Africa

Post 3+ Months Ago

Ah man, first the blackboard joke now this. Crying I am laughing so hard!
  • Bogey
  • Bogey
  • Genius
  • Bogey
  • Posts: 8363
  • Loc: USA

Post 3+ Months Ago

I did preg_quote() on that thing before and it didn't make a difference... or it doesn't escape the dot?
  • mk27
  • Proficient
  • Proficient
  • User avatar
  • Posts: 334

Post 3+ Months Ago

Bogey wrote:
it doesn't escape the dot?

I don't know php but it would seem silly if a regex function auto-escaped the dot, since it is regex which make the dot special. The dot special character is one of anything:

"spa." would match, eg, span, spam, spa!, spat, and spaz

escape: \. as per rabid dog's example, indicates a period (so "spa\." matches only spa.)
  • Bogey
  • Bogey
  • Genius
  • Bogey
  • Posts: 8363
  • Loc: USA

Post 3+ Months Ago

preg_quote is a function that escapes all characters that have any meaning to REGEX... just like html_entities (Well similar... html_entities converts < to &lt; ... so the < wouldn't have any meaning to HTML)...

preg_quote is meant to parse things you get from the database and are putting them into a preg_match (or equivalent) function.
  • Rabid Dog
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3245
  • Loc: South Africa

Post 3+ Months Ago

It escapes all special characters in a regex pattern? Isn't that kinda flawed as it would render the regex pattern useless if there are no operators?
  • Bogey
  • Bogey
  • Genius
  • Bogey
  • Posts: 8363
  • Loc: USA

Post 3+ Months Ago

You would use that like this:

Code: [ Select ]
$sql = 'SELECT post FROM table WHERE postID = 2';
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);

$post = preg_quote($row['post']);
preg_match("#(^[\/]$post[\/]#i", $other_variable, $match);
  1. $sql = 'SELECT post FROM table WHERE postID = 2';
  2. $result = mysql_query($sql);
  3. $row = mysql_fetch_assoc($result);
  4. $post = preg_quote($row['post']);
  5. preg_match("#(^[\/]$post[\/]#i", $other_variable, $match);

I don't know if that regex is valid... just created something off the top of my head :lol: ... I don't even know regex.

preg_quote()
  • Rabid Dog
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3245
  • Loc: South Africa

Post 3+ Months Ago

Oh well honestly I would stick to manually escaping the specials chars to be honest. Get nervous when engines do it, especially when I see things like

Quote:
As of PHP 5.3, bug #47229 has been fixed and preg_quote *will* escape a hyphen (-). This may effect your code so ensure this is one thing you check when moving to 5.3.
  • UPSGuy
  • Lurker ಠ_ಠ
  • Web Master
  • User avatar
  • Posts: 2733
  • Loc: Nashville, TN

Post 3+ Months Ago

I can think of several occasions where I've mixed metas with escaped metas, but I would think escaping EVERY meta in a pattern would be a rarity? Not to mention, regex is everywhere, so it's nice to keep your patterns as universal as possible.
  • Hacker007
  • Proficient
  • Proficient
  • User avatar
  • Posts: 371
  • Loc: Riverside, CA

Post 3+ Months Ago

I tested it using:
http://www.solmetra.com/scripts/regex/index.php

And it only returns true if it matches, but altering the file name to be sometime like asdsf.php it will return false - this whether or not the dots are escaped. But if you want to evade that issue entirely, why not use basename($_SERVER['PHP_SELF'], ".php")

AFter more testing, I think I would suggest for you to also echo basename($_SERVER['PHP_SELF']) to make sure it is resulting to what you want it to be.

Post Information

  • Total Posts in this topic: 16 posts
  • Users browsing this forum: No registered users and 97 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.