Re: [PHP] Filters and sanitizing a regexp
Hi, I don't think that one is quite right... Your optionals (?) are confusing. Why [0-3]?[0-9] AND the \d? No reason. Why [0-9] at all (since \d is essentially [0-9])? Again, no reason. Why use the discarded capture group (?:) since the [0-3] is already optional? It makes it look more like gibberish? -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
Richard Heyes wrote: Hi, I don't think that one is quite right... Your optionals (?) are confusing. Why [0-3]?[0-9] AND the \d? No reason. Why [0-9] at all (since \d is essentially [0-9])? Again, no reason. Why use the discarded capture group (?:) since the [0-3] is already optional? It makes it look more like gibberish? hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); Well it just doesn't have enough geek factor... -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
Well it just doesn't have enough geek factor... So true it hurts Mr Heyes Lol. and very nice work on the RGraph! just noticed it in your tag - having a good read now :) Thanks. Sad that IE8 won't (I think) support the canvas tag. Though Chrome, Firefox, Safari and Opera do and it's in the HTML5 draft, so it will eventually. IE 9 maybe. -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
On Sep 26, 2008, at 7:23 AM, Richard Heyes wrote: Well it just doesn't have enough geek factor... So true it hurts Mr Heyes Lol. and very nice work on the RGraph! just noticed it in your tag - having a good read now :) Thanks. Sad that IE8 won't (I think) support the canvas tag. Though Chrome, Firefox, Safari and Opera do and it's in the HTML5 draft, so it will eventually. IE 9 maybe. Yeah, it might make it into IE 9 but you know when Microsoft first introduces it it will draw the graphs upside down and backwards... And then we will have to come up with a hack to get it to flip it back the way it should adding lots of bloat to our nice and tidy pages :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 11287 James St Holland, MI 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Filters and sanitizing a regexp
-Original Message- hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); Well it just doesn't have enough geek factor... Plus, strtotime() does non-intuitive things with some inputs... I'd insist on at least some kind of confirmation page if you use that beast. ___ The information in this email or in any file attached hereto is intended only for the personal and confiden- tial use of the individual or entity to which it is addressed and may contain information that is propri- etary and confidential. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communica- tion is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product. Email trans- mission cannot be guaranteed to be secure or error- free. P6070214 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
On Fri, Sep 26, 2008 at 12:03 PM, Richard Lynch [EMAIL PROTECTED] wrote: -Original Message- hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); Well it just doesn't have enough geek factor... Plus, strtotime() does non-intuitive things with some inputs... I'd insist on at least some kind of confirmation page if you use that beast. In the sites I write I have a lot of success with strtotime as long as I have a - to / converter. I also put a note of (Format date as MM/DD/). Funny that people still seem to want to type -'s. We're all creatures of habit, right? There is always a way to edit stuff though so it isn't the end of the world if it goes weird. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
Eric Butera wrote: On Fri, Sep 26, 2008 at 12:03 PM, Richard Lynch [EMAIL PROTECTED] wrote: -Original Message- hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); Well it just doesn't have enough geek factor... Plus, strtotime() does non-intuitive things with some inputs... I'd insist on at least some kind of confirmation page if you use that beast. In the sites I write I have a lot of success with strtotime as long as I have a - to / converter. I also put a note of (Format date as MM/DD/). Funny that people still seem to want to type -'s. We're all creatures of habit, right? There is always a way to edit stuff though so it isn't the end of the world if it goes weird. you know you could just change the input to a date selector / calender / 3 text boxes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
On Fri, Sep 26, 2008 at 12:23 PM, Nathan Rixham [EMAIL PROTECTED] wrote: Eric Butera wrote: On Fri, Sep 26, 2008 at 12:03 PM, Richard Lynch [EMAIL PROTECTED] wrote: -Original Message- hate to say this but why not cater for all eventualities and just use strtotime( $whatever ); Well it just doesn't have enough geek factor... Plus, strtotime() does non-intuitive things with some inputs... I'd insist on at least some kind of confirmation page if you use that beast. In the sites I write I have a lot of success with strtotime as long as I have a - to / converter. I also put a note of (Format date as MM/DD/). Funny that people still seem to want to type -'s. We're all creatures of habit, right? There is always a way to edit stuff though so it isn't the end of the world if it goes weird. you know you could just change the input to a date selector / calender / 3 text boxes -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Yep. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Filters and sanitizing a regexp
-Original Message- From: Frank Stanovcak [mailto:[EMAIL PROTECTED] Sent: Thursday, September 25, 2008 12:41 PM To: php-general@lists.php.net Subject: [PHP] Filters and sanitizing a regexp Is it possible to use the php filter function to sanitize a regular expression such as to return just the date part of a string that may be passed by an nonobservant user? #\d\d/\d\d/\d\d\d\d# input would be something like as02/05/2008df I want to use the filter to give me just the date should some oaf not leave the date field as just digits. Using preg_match and numbered groups, you could re-build the variable like this: ?php $var = as02/05/2008df; $matches = array(); preg_match(#(\d{2})\D*(\d{2})\D*(\d{4})#, $var, $matches); if(count($matches) != 4) { echo Invalid databr /; } else { $filtered = $matches[1] . $matches[2] . $matches[3]; echo $filtered; } ? HTH, Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
... Hi, Had to have a play with this. Here's my (somewhat stricter) regex: preg_match('/((?:[0-3]?[0-9])?\d)-([0-1]?\d)-20\d\d/', '31-12-2000', $matches); if (!empty($matches[1]) AND $matches[1] 31) $matches = array(); if (!empty($matches[2]) AND $matches[2] 12) $matches = array(); You could probably do the checks for the day and month within the regex, but it's late :-) -- Richard Heyes HTML5 Graphing for FF, Chrome, Opera and Safari: http://www.phpguru.org/RGraph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Filters and sanitizing a regexp
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Heyes Sent: Thursday, September 25, 2008 2:28 PM To: Boyd, Todd M. Cc: Frank Stanovcak; php-general@lists.php.net Subject: Re: [PHP] Filters and sanitizing a regexp ... Hi, Had to have a play with this. Here's my (somewhat stricter) regex: preg_match('/((?:[0-3]?[0-9])?\d)-([0-1]?\d)-20\d\d/', '31-12-2000', $matches); if (!empty($matches[1]) AND $matches[1] 31) $matches = array(); if (!empty($matches[2]) AND $matches[2] 12) $matches = array(); You could probably do the checks for the day and month within the regex, but it's late :-) I don't think that one is quite right... Your optionals (?) are confusing. Why [0-3]?[0-9] AND the \d? Why [0-9] at all (since \d is essentially [0-9])? Why use the discarded capture group (?:) since the [0-3] is already optional? It's on! :D ?php $var = as12/32/2000df; $matches = array(); preg_match('#(\d?[0-9])\D*([0-3]?\d)\D*(\d{4})#', $var, $matches); if(count($matches) != 4 || $matches[1] 12 || $matches[2] 31) $matches = NULL; ? MMDD 4 life, yo! Although, I would honestly prefer it if the world went to MMDD as a standard. Just seems to sort itself out more intuitively to the way I perceive time. (FYI, I'm not sure about the if() statement working out or not... I'm assuming PHP will drop through to the then part if there aren't 4 elements in the array instead of arbitrarily testing the possibly-missing elements... but I didn't test that part.) Also, I used \D* to save space (and confusion). You could just as easily use (?:-|/) for hyphens or slashes. Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Filters and sanitizing a regexp
On Thu, Sep 25, 2008 at 3:57 PM, Boyd, Todd M. [EMAIL PROTECTED] wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Heyes Sent: Thursday, September 25, 2008 2:28 PM To: Boyd, Todd M. Cc: Frank Stanovcak; php-general@lists.php.net Subject: Re: [PHP] Filters and sanitizing a regexp ... Hi, Had to have a play with this. Here's my (somewhat stricter) regex: preg_match('/((?:[0-3]?[0-9])?\d)-([0-1]?\d)-20\d\d/', '31-12-2000', $matches); if (!empty($matches[1]) AND $matches[1] 31) $matches = array(); if (!empty($matches[2]) AND $matches[2] 12) $matches = array(); You could probably do the checks for the day and month within the regex, but it's late :-) I don't think that one is quite right... Your optionals (?) are confusing. Why [0-3]?[0-9] AND the \d? Why [0-9] at all (since \d is essentially [0-9])? Why use the discarded capture group (?:) since the [0-3] is already optional? It's on! :D ?php $var = as12/32/2000df; $matches = array(); preg_match('#(\d?[0-9])\D*([0-3]?\d)\D*(\d{4})#', $var, $matches); if(count($matches) != 4 || $matches[1] 12 || $matches[2] 31) $matches = NULL; ? MMDD 4 life, yo! Although, I would honestly prefer it if the world went to MMDD as a standard. Just seems to sort itself out more intuitively to the way I perceive time. (FYI, I'm not sure about the if() statement working out or not... I'm assuming PHP will drop through to the then part if there aren't 4 elements in the array instead of arbitrarily testing the possibly-missing elements... but I didn't test that part.) Also, I used \D* to save space (and confusion). You could just as easily use (?:-|/) for hyphens or slashes. Todd Boyd Web Programmer -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php my contribution /^\d{1,2}(\/)\d{1,2}(\/)\d{4}$/ -- Bastien Cat, the other other white meat
Re: [PHP] Filters and sanitizing a regexp
I'd return an error. You can use this function to make sure they entered a valid date: http://us.php.net/checkdate Provide a template like: (Month/Day/Year) or for EU (Day/Month/Year) If it's not valid, return an error and let them fix it. Chances are, if they entered more characters than a date, the date you parse might not be the one that they wanted. Thank you, Micah Gersten onShore Networks Internal Developer http://www.onshore.com Frank Stanovcak wrote: Is it possible to use the php filter function to sanitize a regular expression such as to return just the date part of a string that may be passed by an nonobservant user? #\d\d/\d\d/\d\d\d\d# input would be something like as02/05/2008df I want to use the filter to give me just the date should some oaf not leave the date field as just digits. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php