Solved

Regular expression to find exact matches

Posted on 2008-06-25
3
908 Views
Last Modified: 2013-11-26
http://forums.asp.net/t/1254125.aspx

I am trying to enhance this tool a little with some other way of handling the string match, I want to use regular expressions where I can find the exact match for a word in the blacklist, right now this routine finds any match. As in you have a the word "created" it will find a match on "create" as being part of the word and flag it as an error.

I using vb.net, but I just need to find a regular expression to do it.

This is what I ahve so far

/\screate|\sfetch|\sdeclare

but for whatever reason it finds no match.
0
Comment
Question by:JDEE8297
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Expert Comment

by:RedKelvin
ID: 21870823
Hi there,
Try this little tool, it is great for building regular expressions, so easy.
http://www.ultrapico.com/Expresso.htm
0
 
LVL 27

Accepted Solution

by:
planocz earned 125 total points
ID: 21877892
I made a sample project for you to look at...
create a new vs2005 form an copy code into it.
Imports System.Text.RegularExpressions
Public Class frmBlackList
    Dim test_input_string As String
    Private Sub frmBlackList_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        test_input_string = "You can screen all incoming query-string, "
        test_input_string &= "begin form and cookie values by running code during the BeginRequest event. "
        test_input_string &= "This type of code can run on every request when implemented in an HttpModule. "
        test_input_string &= "The sample code below defines an HttpModule;--in the App_Code directory, and "
        test_input_string &= "then registers the module in web.config so that it runs on every request. "
        test_input_string &= "The sample code will check incoming data and automatically redirect to a "
        test_input_string &= "page called 'Error.aspx' if suspicious nchar character@ @@ sequences are found."
 
        Matching(test_input_string)
 
    End Sub
    Private Sub Matching(ByVal m_inputText As String)
 
        Const OPT As String = "|"
        Dim patternAll As String = ""
        Dim patternList As String = "alter|begin|c(ast|har|reate|ursur)|de(clare|lete)|drop|end|ex(ec|ecute)"
        Dim patternList2 As String = "fetch|insert|kill|n(char|varchar)|open|select|sys(columns|objects)|table|update|varchar\@|\;(\--)|--|\*/|\/*"
 
        Try
            patternAll = patternList & OPT
            patternAll += patternList2
 
            Dim regexParser As Regex = New Regex(patternAll, RegexOptions.Multiline)
 
            For Each matchCurrent As Match In regexParser.Matches(m_inputText)
                Dim valueString As String = matchCurrent.Value.ToString
                If valueString.Length > 0 Then
                    MessageBox.Show(valueString)
                End If
            Next matchCurrent
        Catch ex As Exception
            MessageBox.Show(ex.ToString)
        End Try
 
    End Sub
End Class

Open in new window

0
 

Author Closing Comment

by:JDEE8297
ID: 31470772
thank you.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question