Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
 
Python and Tcl - public course schedule [here]
Private courses on your site - see [here]
Please ask about maintenance training for Perl, PHP, Lua, etc
 
Don't expose your regular expressions

If you're writing an application, it's generally NOT a good idea to take a user input and slap it straight in to a regular expression for matching - quite simply because it's improbable that your user will be familiar with regular expressions and he / she will get all sorts of strange results if she / he puts any special characters into their search string.

Users do often require to enter various search patterns, and I recommend that you come up with a scheme that suits your own type of search; that might involve taking the user's input and using it to indirectly for a regular expression, or it might make for some totally different search.

I was talking about this yesterday to a Perl group, with a user community that's used to using * and ? in file name matching (know as globbing) and who want to do the same on data within Perl. It's a good example where the program shouldn't just pass through the data entered - rather, they should
1. Protect input special characters with a \
2. replace input ? characters with a .
3. replace input * characters with a .*
4. Add ^ and $ anchors

And that will give them the ability to wildcard in the good ole way they wish!
(written 2006-02-15, updated 2006-06-05)

 
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H107 - String Handling in PHP
  [4072] Splitting the difference with PHP - (2013-04-27)
  [4071] Setting up strings in PHP - (2013-04-27)
  [3790] Solution looking for a problem? Lookahead and Lookbehind - (2012-06-30)
  [3789] More than just matching with a regular expression in PHP - (2012-06-30)
  [3788] Getting more than a yes / no answer from a regular expression pattern match - (2012-06-30)
  [3534] Learning to program in PHP - Regular Expression and Associative Array examples - (2011-12-01)
  [3516] Regular Expression modifiers in PHP - summary table - (2011-11-12)
  [3515] PHP - moving from ereg to preg for regular expressions - (2011-11-11)
  [3424] Divide 10000 by 17. Do you get 588.235294117647, 588.24 or 588? - Ruby and PHP - (2011-09-08)
  [3020] Handling (expanding) tabs in PHP - (2010-10-29)
  [2629] Curly braces within double quoted strings in PHP - (2010-02-09)
  [2238] Handling nasty characters - Perl, PHP, Python, Tcl, Lua - (2009-06-14)
  [2165] Making Regular Expressions easy to read and maintain - (2009-05-10)
  [2046] Finding variations on a surname - (2009-02-17)
  [1799] Regular Expressions in PHP - (2008-09-16)
  [1613] Regular expression for 6 digits OR 25 digits - (2008-04-16)
  [1603] Do not SHOUT and do not whisper - (2008-04-06)
  [1533] Short and sweet and sticky - PHP form input - (2008-02-06)
  [1372] A taster PHP expression ... - (2007-09-30)
  [1336] Ignore case in Regular Expression - (2007-09-08)
  [1195] Regular Express Primer - (2007-05-20)
  [1058] PHP Regular expression to extrtact link and text - (2007-01-31)
  [1008] Date conversion - PHP - (2006-12-26)
  [728] Looking ahead and behind in a Regular Expression - (2006-05-22)
  [716] Evaluating arithmetic expressions in configuration files - (2006-05-10)
  [642] How similar are two words - (2006-03-11)
  [589] Robust PHP user inputs - (2006-02-03)
  [574] PHP - dividing a string up into pieces - (2006-01-23)
  [560] The fencepost problem - (2006-01-10)
  [558] Converting between acres and hectares - (2006-01-08)
  [493] Running a Perl script within a PHP page - (2005-11-12)
  [463] Splitting the difference - (2005-10-13)
  [422] PHP Magic Quotes - (2005-08-22)
  [337] the array returned by preg_match_all - (2005-06-06)
  [54] PHP and natural sorting - (2004-09-19)
  [31] Here documents - (2004-08-28)

P212 - Perl - More on Character Strings
  [4452] Binary data handling - Python and Perl - (2015-03-09)
  [3927] First match or all matches? Perl Regular Expressions - (2012-11-19)
  [3707] Converting codons via Amino Acids to Proteins in Perl - (2012-04-25)
  [3650] Possessive Regular Expression Matching - Perl, Objective C and some other languages - (2012-03-12)
  [3630] Serialsing and unserialising data for storage and transfer in Perl - (2012-02-28)
  [3546] The difference between dot (a.k.a. full stop, period) and comma in Perl - (2011-12-09)
  [3411] Single and double quotes strings in Perl - what is the difference? - (2011-08-30)
  [3332] DNA to Amino Acid - a sample Perl script - (2011-06-24)
  [3322] How much has Perl (and other languages) changed? - (2011-06-10)
  [3100] Looking ahead and behind in Regular Expressions - double matching - (2010-12-23)
  [3059] Object Orientation in an hour and other Perl Lectures - (2010-11-18)
  [2993] Arrays v Lists - what is the difference, why use one or the other - (2010-10-10)
  [2877] Further more advanced Perl examples - (2010-07-19)
  [2874] Unpacking a Perl string into a list - (2010-07-16)
  [2834] Teaching examples in Perl - third and final part - (2010-06-27)
  [2801] Binary data handling with unpack in Perl - (2010-06-10)
  [2657] Want to do a big batch edit? Nothing beats Perl! - (2010-03-01)
  [2379] Making variables persistant, pretending a database is a variable and other Perl tricks - (2009-08-27)
  [2230] Running a piece of code is like drinking a pint of beer - (2009-06-11)
  [1947] Perl substitute - the e modifier - (2008-12-16)
  [1735] Finding words and work boundaries (MySQL, Perl, PHP) - (2008-08-03)
  [1727] Equality and looks like tests - Perl - (2008-07-29)
  [1510] Handling Binary data (.gif file example) in Perl - (2008-01-17)
  [1305] Regular expressions made easy - building from components - (2007-08-16)
  [1251] Substitute operator / modifiers in Perl - (2007-06-28)
  [1230] Commenting a Perl Regular Expression - (2007-06-12)
  [1222] Perl, the substitute operator s - (2007-06-08)
  [943] Matching within multiline strings, and ignoring case in regular expressions - (2006-11-25)
  [928] C++ and Perl - why did they do it THAT way? - (2006-11-16)
  [737] Coloured text in a terminal from Perl - (2006-05-29)
  [597] Storing a regular expression in a perl variable - (2006-02-09)
  [586] Perl Regular Expressions - finding the position and length of the match - (2006-02-02)
  [583] Remember to process blank lines - (2006-01-31)
  [453] Commenting Perl regular expressions - (2005-09-30)


Back to
On being British
Previous and next
or
Horse's mouth home
Forward to
Been on a course, but still not got it?
Some other Articles
Coming or going?
Look out for the motor cyclist
Need a hankie
Been on a course, but still not got it?
Don't expose your regular expressions
On being British
Train service from December
Design your day with a walk
Perl - multiprocess applications
PHP - setting sort order with an associative array
4759 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96 at 50 posts per page


This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2019: 404 The Spa • Melksham, Wiltshire • United Kingdom • SN12 6QL
PH: 01225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/608_Don- ... sions.html • PAGE BUILT: Sat May 27 16:49:10 2017 • BUILD SYSTEM: WomanWithCat