Solved

REGEX: Convert & to & only in double entities

Posted on 2008-10-24
6
964 Views
Last Modified: 2009-01-23
Hello,

For security reasons, and to maintain data I now use htmlentities() to clean user-managed settings before placing the values in form input fields.

The problem is that © becomes ©

I wrote a function to fix this but it changes ALL & to & and I only want to change & to & if it is part of an html entity.

So these should be changed
            <
            ©
            ÷
            À
            "
            ©
            ©
            €

But these should NOT be changed:

            This is a test & only a test.
            dsafdsf&adsfdsf
            &€
            &&

function clean_htmlentities ($str) {

return str_replace(array('&','&'),'&',htmlentities($str));

}

Open in new window

0
Comment
Question by:hankknight
  • 3
  • 2
6 Comments
 
LVL 27

Expert Comment

by:yodercm
ID: 22795727
I think you should be using the double_encode in the htmlentities function.  See here for details....

http://us2.php.net/manual/en/function.htmlentities.php
0
 
LVL 27

Expert Comment

by:yodercm
ID: 22795743
By the way, double_encode is only available in php 5, so be sure you are up to date in your php version.  :)
0
 
LVL 16

Author Comment

by:hankknight
ID: 22795846
This has to be PHP4 compatible
:-(


0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 27

Expert Comment

by:yodercm
ID: 22796052
Go to that manual page for htmlentities, and read through the user posted comments below.  You may find some ideas that will help you, such as

http://us2.php.net/manual/en/function.htmlentities.php#70850

http://us2.php.net/manual/en/function.htmlentities.php#48131

I haven't tried any of these, but maybe you can make one of them work for your needs.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 22804728
the raw regex

(?:&([#x]\d+|[a-zA-Z\d-]+))

then you can prepend the returnd match by &
0
 
LVL 16

Author Comment

by:hankknight
ID: 22825697
How could my function be replaced with this regex?
(?:&([#x]\d+|[a-zA-Z\d-]+))
function clean_htmlentities ($str) {

return str_replace(array('&','&'),'&',htmlentities($str));

}

Open in new window

0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now