Discuss the matching of PHP ereg() function and regular expression

Discuss the matching of PHP ereg() function and regular expression_PHP Tutorial

WBOY

Release： 2016-07-15 13:30:52

Original

940 people have browsed it

However, eregi() is a case-ignoring version of the PHP ereg() function. Both have similar functions to preg_match, but the function returns a Boolean value indicating whether the match was successful or not. It should be noted that the first parameter of the POSIX extension library function accepts a regular expression string, that is, no delimiter is required. For example, Listing 6.2 is a method for checking the security of file names.

Code 6.2 Security check of file name

<ol class="dp-xml"><li class="alt"><span><span class="tag"><</span><span> ?php  </span></span></li><li><span>$</span><span class="attribute">username</span><span> = $_SERVER['REMOTE_USER'];  </span></li><li class="alt"><span>$</span><span class="attribute">filename</span><span> = $_GET['file'];  </span></li><li><span>//对文件名进行过滤，以保证系统安全  </span></li><li class="alt"><span>if (!ereg('^[^./][^/]*$', $userfile))  </span></li><li><span>{  </span></li><li class="alt"><span>die('这不是一个非法的文件名！');  </span></li><li><span>}  </span></li><li class="alt"><span>//对用户名进行过滤  </span></li><li><span>if (!ereg('^[^./][^/]*$', $username))  </span></li><li class="alt"><span>{  </span></li><li><span>die('这不是一个无效的用户名');  </span></li><li class="alt"><span>}  </span></li><li><span>//通过安全过滤，拼合文件路径  </span></li><li class="alt"><span>$</span><span class="attribute">thefile</span><span> = </span><span class="attribute-value">"/home/$username/$filename"</span><span>;  </span></li><li><span class="tag">?></span><span> </span></span></li></ol>

Copy after login

Normally, using the Perl-compatible regular expression matching function perg_match() will be better than using PHP The ereg() function or eregi() is faster. If you just want to find whether a string contains a certain substring, it is recommended to use the strstr() or strpos() function.