Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
• Status: Solved
• Priority: Medium
• Security: Public
• Views: 915

# Regular expression to find exact matches

http://forums.asp.net/t/1254125.aspx

I am trying to enhance this tool a little with some other way of handling the string match, I want to use regular expressions where I can find the exact match for a word in the blacklist, right now this routine finds any match. As in you have a the word "created" it will find a match on "create" as being part of the word and flag it as an error.

I using vb.net, but I just need to find a regular expression to do it.

This is what I ahve so far

/\screate|\sfetch|\sdeclare

but for whatever reason it finds no match.
0
JDEE8297
1 Solution

Commented:
Hi there,
Try this little tool, it is great for building regular expressions, so easy.
http://www.ultrapico.com/Expresso.htm
0

Commented:
I made a sample project for you to look at...
create a new vs2005 form an copy code into it.
``````Imports System.Text.RegularExpressions
Public Class frmBlackList
Dim test_input_string As String
Private Sub frmBlackList_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
test_input_string = "You can screen all incoming query-string, "
test_input_string &= "begin form and cookie values by running code during the BeginRequest event. "
test_input_string &= "This type of code can run on every request when implemented in an HttpModule. "
test_input_string &= "The sample code below defines an HttpModule;--in the App_Code directory, and "
test_input_string &= "then registers the module in web.config so that it runs on every request. "
test_input_string &= "The sample code will check incoming data and automatically redirect to a "
test_input_string &= "page called 'Error.aspx' if suspicious nchar character@ @@ sequences are found."

Matching(test_input_string)

End Sub
Private Sub Matching(ByVal m_inputText As String)

Const OPT As String = "|"
Dim patternAll As String = ""
Dim patternList As String = "alter|begin|c(ast|har|reate|ursur)|de(clare|lete)|drop|end|ex(ec|ecute)"
Dim patternList2 As String = "fetch|insert|kill|n(char|varchar)|open|select|sys(columns|objects)|table|update|varchar\@|\;(\--)|--|\*/|\/*"

Try
patternAll = patternList & OPT
patternAll += patternList2

Dim regexParser As Regex = New Regex(patternAll, RegexOptions.Multiline)

For Each matchCurrent As Match In regexParser.Matches(m_inputText)
Dim valueString As String = matchCurrent.Value.ToString
If valueString.Length > 0 Then
MessageBox.Show(valueString)
End If
Next matchCurrent
Catch ex As Exception
MessageBox.Show(ex.ToString)
End Try

End Sub
End Class
``````
0

Author Commented:
thank you.
0

## Featured Post

Tackle projects and never again get stuck behind a technical roadblock.