Solved

html tags recognition by Regular Expression

Posted on 2002-06-25
7
369 Views
Last Modified: 2012-05-04
I program a forum on my own. I have a problem when people post html tags. So I have a variable for allowable tags:
$allowtags = "b|||A|||tAble|||tr|||TD|||i|||u";
Any other tags not in the above list will be converted "<" to "&lt;" and ">" to "&gt;". Now, I need help to build a pattern for this. The pattern must work for multi-line string. And if there is a tag like "< sCripT >", it must also match (there is space/captial letters). Please help. I'm not good at Regular Expression. Thanks.
0
Comment
Question by:quanghoc
  • 4
  • 3
7 Comments
 
LVL 6

Accepted Solution

by:
andreif earned 200 total points
ID: 7110129
try this code:

// $text  is users input, I'll define something here
$text = "<b> test</b> <textarea>";


$allowtags = "b|||A|||tAble|||tr|||TD|||i|||u";

// split them into array
$tags = explode('|||', $allowtags);

// RegExp itself
$text = preg_replace("/<(\s*(?!\/?(".join("|",$tags).")[>\s])[^>]*)>/i","&lt;\\1&gt;",$text);

// it's ready!
print $text;
0
 
LVL 1

Author Comment

by:quanghoc
ID: 7110862
Bit what if:
$text = "< B> test</b> <textarea>";  
 "< B  >" with space and capital. This one should not match.
0
 
LVL 1

Author Comment

by:quanghoc
ID: 7111068
Nope, never mind. < B > is not a valid tag. Let's me check for a couple more and the point should be granted to you qucik. Thanks.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Expert Comment

by:andreif
ID: 7111762
anyway, this < b > case is quite interesting, I'll try to sort this out :) Give me few hours
0
 
LVL 1

Author Comment

by:quanghoc
ID: 7112283
No, as I said above, < b> is not even a valid tag. Don't worry about this. As a matter of fact, would you please explain the pattern above? Like what '\/?(' means? and what '[>\s])[^>]*' is for?
Thanks.
0
 
LVL 6

Expert Comment

by:andreif
ID: 7112892
Okay, I'll to comment it :)

we are looking for:

< - tag begin
( - everything in this brackets will appear in \\1 value
\s* - zero ore more spaces (space and tab symbols)
(?! - zero-length negative condition
\/  - character "/" (we should use slash here to show that this is just symbol without special meaning)
? - character "/" before this sign may appear 0 or 1 times
(".join("|",$tags).") - after joining this will look like (a|b|td|i) , "|" means logical OR, () need to show borders of expression
[>\s] - one of included symbols must appear. So, after keyword "a", "b", "td" must appear either ">" or \s (space) - we need this to avoid matching "img" as valid tag if "i" is allowed, etc.
) - condition's end
[^>] - everything except > (match tag's body and properties)
* - previous can appear zero or more times (non > symbols)
) - end of grouping and the end of \\1 value
> - tag end

/i in the end shows that expression is case insensitive

Hope this helps!
0
 
LVL 1

Author Comment

by:quanghoc
ID: 7113915
Thanks a lot!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem with Simple PHP/mySQL Query 3 51
Form not operating correctly. 1 23
Hacked File Timestamps 4 49
What is the best PDF generator to use? 1 28
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses how to create an extensible mechanism for linked drop downs.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now