[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Replace characters

Posted on 2008-11-06
12
Medium Priority
?
261 Views
Last Modified: 2013-11-10
I got the following php code that will take only numbers and letters but what I want to do is replace characters like !@#$%^&*)) with the HTML equivalent

Look at the following ASCII table

http://www.asciitable.com/


eregi_replace('[^a-z0-9 ]', '', $string);

Open in new window

0
Comment
Question by:stargateatlantis
  • 6
  • 5
12 Comments
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22901455
htmlentities() does exactly this.

http://us.php.net/manual/en/function.htmlentities.php
0
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 1040 total points
ID: 22904513
Be aware, however, that if you use htmlentities() then use the REGEX you posted above, you will mung your string.  And if you use the REGEX first, then use htmlentities, you'll have deleted the special characters before you try to entitize them!  Palpably, a new approach is needed.

This combo might be helpful...

Best to all, ~Ray
<?php
$new = trim(ereg_replace('[^\' a-zA-Z0-9&!#$%()"+:?/@,_\.\-]', '', $string));
$new = htmlentities($new);

Open in new window

0
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22904544
You won't need ereg at all, just use htmlentities().

$newstring = htmlentities($string, ENT_QUOTES);
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 1040 total points
ID: 22904647
@Yodercm: Agreed, but the asker is self-identified as a beginner, and I think it's nice to help beginners avoid putting < > or ; into their data base.  Can help avoid a lot of damage later!

;-)

Ray
0
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22904692
I understand, but htmlentites will convert all those tags and special characters, including < > and ; into &code equivalents.  That's the real power of it, so NO undesirable characters can ever get into the database.  You don't need preg type of changes at all.
0
 
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 1040 total points
ID: 22904736
I was thinking of the risk in this...
echo htmlentities('<SELECT * FROM MYTABLE WHERE 1; DROP TABLE MYTABLE');

Open in new window

0
 
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 1040 total points
ID: 22904744
However it's fair to say that SQL injection is beyond the scope of the question.

Over and out, ~Ray
0
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22904929
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '; DROP TABLE MYTABLE' at line 1

Actually, SQL injection is never beyond the scope of any question.  The point of htmlentities is to protect against it and other forms of hacking.
0
 
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 1040 total points
ID: 22905673
Hmm.  I think that left wicket before SELECT might be the syntax culprit.  We can still drop that poor table!
0
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22905719
I tried it with the < and it gave a syntax error at the start.  Without the < I got the posted message showing a syntax error at the ;
0
 

Author Comment

by:stargateatlantis
ID: 22906690
Can you actually do it from a sql statment
0
 
LVL 27

Assisted Solution

by:Cornelia Yoder
Cornelia Yoder earned 960 total points
ID: 22906785
You cannot convert the characters in a MySQL statement, but you can protect your database against hacking by using mysql_real_escape_string() in the query.

Your original question asked about converting special characters, but didn't say why you wanted to do that.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses
Course of the Month18 days, 1 hour left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question