How do I strip out bad characters from my Web Service client?

Posted on 2009-04-28
Last Modified: 2012-05-06
I have written a web service client in drupal that is functioning well. There are however some data issues on the backend which prevents certain methods from working. Is there a way to strip bad characters out on the client using a php function - even if I am unsure what those bad characters are? Any help is greatly appreciated!

$AcadPlan = $_REQUEST['AcadPlan'];

$data = xmlrpc('https://url/XmlRpcServer', 'eAdvisorDSFind.findDegreeByAcadPlanMapArray', (string) $AcadPlan);


foreach($data as $degree)

echo "<div class='degreetitle'>";

echo "$degree[Descr100] ($degree[Degree])<br/></div>";

echo "<div class='collegetitle'>$degree[DiplomaDescr]</div>";

echo "<h3>Major Description</h3> $degree[DescrlongExtns]";

echo "<h3>Career Opportunities</h3> $degree[AsuCareerOpp]";

echo "<h3>Contact Information</h3> $degree[AsuOfficeLoc]  $degree[Phone]

 <a href='mailto:


     ' >$degree[EmailAddr]</a>";

echo "<h3>Course Plan</h3> <a href=$degree[ASUCritTrackUrl]>Major Map</a>";

echo "&nbsp;|&nbsp; <a href=''>Archive</a>";

 } else {



?></p> <table width="100%">     <tbody>         <tr bgcolor="#f0d6b2">             <td width="65%"><strong>Program</strong></td>             <td width="15%"><strong>Degree</strong></td>             <td width="20%"><strong>Course Plan</strong></td>             <?

$data = xmlrpc('https://url/XmlRpcServer', 'eAdvisorDSFind.findDegreeByCollegeAndProgram', 'CTS','undergrad');


  'return strcmp($a["Descr100"],$b["Descr100"]);'));

foreach($data as $degree)


echo"<tr bgcolor='#FBFBF3'><td width='65%'>";

echo"<a href='$degree[AcadPlan]'> $degree[Descr100] </a>";

echo"</td><td width='15%'>";


 echo"</td><td width='20%'>";

 echo" <a href='$degree[AsuCritTrackUrl]' >Major Map </a>";





?>         </tr>     </tbody> </table>

Open in new window

Question by:SashaIsaac
    LVL 39

    Assisted Solution

    by:Roger Baklund
    >> Is there a way to strip bad characters out on the client using a php function - even if I am unsure what those bad characters are?

    Yes, but only if you know which characters are NOT bad.

    Accepted Solution

    I agree with CXR; you need to be more specific as to what you define as characters that are bad.  If you are trying to remove HTML, then you would want to use the strip_tags function.  See code snippet.  If you are trying to remove specific characters embedded in a string then your best tool would be RegEx (Regular Expressions),; but with RegEx you would need to specify what characters to replace or remove.
    $string = "<br><br><div>Hello</div>";
    $strippedstring = strip_tags($string);

    Open in new window


    Author Comment

    Maybe I will try the approach mentioned by cxr - and only allow certain characters. The problems is they can't say what data is bad - just if they retype the info by hand the errors stop.
    LVL 39

    Expert Comment

    by:Roger Baklund
    If you post some examples of good and bad requests, maybe we can spot some "suspects".

    You could try using urlencode().

    Assisted Solution

    I am not convinced that urlencode would do what he is looking for since that function is designed specifically to encrypt a querystring variable being sent to another page.

    Where $str is the string or variable to encode.

    Rather, the code snippet below is an example of using RegEx to remove Symbols from code.  I did not personally write this code but I have used pieces of it in functions I have wrote in the past.  I hope it helps.

     * Strip symbols from text.
    function strip_symbols( $text )
        $plus   = '\+\x{FE62}\x{FF0B}\x{208A}\x{207A}';
        $minus  = '\x{2012}\x{208B}\x{207B}';
        $units  = '\\x{00B0}\x{2103}\x{2109}\\x{23CD}';
        $units .= '\\x{32CC}-\\x{32CE}';
        $units .= '\\x{3300}-\\x{3357}';
        $units .= '\\x{3371}-\\x{33DF}';
        $units .= '\\x{33FF}';
        $ideo   = '\\x{2E80}-\\x{2EF3}';
        $ideo  .= '\\x{2F00}-\\x{2FD5}';
        $ideo  .= '\\x{2FF0}-\\x{2FFB}';
        $ideo  .= '\\x{3037}-\\x{303F}';
        $ideo  .= '\\x{3190}-\\x{319F}';
        $ideo  .= '\\x{31C0}-\\x{31CF}';
        $ideo  .= '\\x{32C0}-\\x{32CB}';
        $ideo  .= '\\x{3358}-\\x{3370}';
        $ideo  .= '\\x{33E0}-\\x{33FE}';
        $ideo  .= '\\x{A490}-\\x{A4C6}';
        return preg_replace(
            // Remove modifier and private use symbols.
            // Remove mathematics symbols except + - = ~ and fraction slash
                '/\p{Sm}(?<![' . $plus . $minus . '=~\x{2044}])/u',
            // Remove + - if space before, no number or currency after
                '/((?<= )|^)[' . $plus . $minus . ']+((?![\p{N}\p{Sc}])|$)/u',
            // Remove = if space before
                '/((?<= )|^)=+/u',
            // Remove + - = ~ if space after
                '/[' . $plus . $minus . '=~]+((?= )|$)/u',
            // Remove other symbols except units and ideograph parts
                '/\p{So}(?<![' . $units . $ideo . '])/u',
            // Remove consecutive white space
                '/ +/',
            ' ',
            $text );

    Open in new window


    Author Comment

    These were all great solutions - I figured out it was a problem with the drupal core file with some help from the IT folks here. So we hacked the drupal core. Not ideal but it works!

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
    Part of the Global Positioning System A geocode ( is the major subset of a GPS coordinate (, the other parts being the altitude and t…
    Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
    The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now