?
Solved

REGEX: Convert & to & only in double entities

Posted on 2008-10-24
6
Medium Priority
?
974 Views
Last Modified: 2009-01-23
Hello,

For security reasons, and to maintain data I now use htmlentities() to clean user-managed settings before placing the values in form input fields.

The problem is that © becomes ©

I wrote a function to fix this but it changes ALL & to & and I only want to change & to & if it is part of an html entity.

So these should be changed
            <
            ©
            ÷
            À
            "
            ©
            ©
            €

But these should NOT be changed:

            This is a test & only a test.
            dsafdsf&adsfdsf
            &€
            &&

function clean_htmlentities ($str) {
return str_replace(array('&','&'),'&',htmlentities($str));
}

Open in new window

0
Comment
Question by:hankknight
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 27

Expert Comment

by:Cornelia Yoder
ID: 22795727
I think you should be using the double_encode in the htmlentities function.  See here for details....

http://us2.php.net/manual/en/function.htmlentities.php
0
 
LVL 27

Expert Comment

by:Cornelia Yoder
ID: 22795743
By the way, double_encode is only available in php 5, so be sure you are up to date in your php version.  :)
0
 
LVL 16

Author Comment

by:hankknight
ID: 22795846
This has to be PHP4 compatible
:-(


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 27

Expert Comment

by:Cornelia Yoder
ID: 22796052
Go to that manual page for htmlentities, and read through the user posted comments below.  You may find some ideas that will help you, such as

http://us2.php.net/manual/en/function.htmlentities.php#70850

http://us2.php.net/manual/en/function.htmlentities.php#48131

I haven't tried any of these, but maybe you can make one of them work for your needs.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 2000 total points
ID: 22804728
the raw regex

(?:&([#x]\d+|[a-zA-Z\d-]+))

then you can prepend the returnd match by &
0
 
LVL 16

Author Comment

by:hankknight
ID: 22825697
How could my function be replaced with this regex?
(?:&([#x]\d+|[a-zA-Z\d-]+))
function clean_htmlentities ($str) {
return str_replace(array('&','&'),'&',htmlentities($str));
}

Open in new window

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question